ZeuS Tracker :: C&C nsdic.pp.ru

The list below shows all ZeuS configs, ZeuS binaries, ZeuS dropzones and FakeURLs which are hosted on nsdic.pp.ru.

Live Information

ZeuS C&C:nsdic.pp.ru
Malware:Citadel
IP address:185.6.242.251
Host status:online
Uptime:838:59:59
Hostname:smtp2.getby.it
SBL:SBL385644
AS number:203591
AS name:TECNOGENERAL, IT
Country:- Italy (IT)
Level:1 (Bulletproof hosted)
Sponsoring registrar:RU-CENTER-3LVL
Nameserver(s):ns1.he.net | ns2.he.net | ns3.he.net | ns4.he.net | ns5.he.net
Date added:2017-06-01
Last checked:2018-05-22
Last updated:2018-04-27
BL status:This host is being published on the ZeuS Blocklist!

ZeuS ConfigURLs on this C&C

DateaddedZeuS ConfigURLStatusVBuilderFilesizeMD5 hashHTTP StatusFile download
2018-05-17nsdic.pp.ru/tally/file.phponline2n/a174'876229f06208f4eb0afc1a4aefe5e4536b9200- download
2018-05-10nsdic.pp.ru/kuzy/file.phponline2n/a14'032e88be187854318d90e8703b66d7a44b8200- download
2018-04-27nsdic.pp.ru/pilot/file.phpoffline2n/a174'8763c52a35941a6d99c0fc5a0d04174472a404- download
2018-02-15nsdic.pp.ru/kdbvx/file.phpoffline2n/a174'876776deb2c068f81fbc0245b6c82d4ed66404- download
2017-08-03nsdic.pp.ru/cice/file.phpoffline2n/a225'05256c4c2ce24e73b8672ae987cfe6d2388404- download
2017-06-01nsdic.pp.ru/vinod/file.phpoffline2n/a221'4684a1754633083e0216dc244f06064e2bf404- download

ZeuS BinaryURLs on this C&C

DateaddedZeuS BinaryURLStatusFilesizeMD5 hashAnubisVirustotalHTTP StatusFile download

none

ZeuS DropURLs (Dropzones) on this C&C

DateaddedDropURLStatusHTTP Status
2018-05-17nsdic.pp.ru/tally/gate.phponline200
2018-05-10nsdic.pp.ru/kuzy/gate.phponline200
2018-04-27nsdic.pp.ru/pilot/gate.phpoffline404
2018-02-15nsdic.pp.ru/kdbvx/gate.phpoffline404
2017-11-09nsdic.pp.ru/hyman/gate.phpoffline404
2017-08-03nsdic.pp.ru/cice/gate.phpoffline404
2017-06-01nsdic.pp.ru/vinod/gate.phpoffline404

FakeURLs referenced by ZeuS Configs

ZeuS Config MD5FakeURLProtocol

Historical information

ConfigURL History

ChangedateHostConfigURLHashFile Download
2018-05-10nsdic.pp.runsdic.pp.ru/pilot/file.php7f4e208583a17497a17ac3655377d6d3- download
2018-04-30nsdic.pp.runsdic.pp.ru/pilot/file.phpc11361db8c28b619cd48863cb4dd677c- download

# of rows: 2

Domain History

ChangedateHostIP addressAS numberAS nameCountry
2018-04-27nsdic.pp.ru0
-
2018-02-19nsdic.pp.ru185.216.140.10329073ECATEL-AS AS29073, Ecatel Network
-
2018-02-15nsdic.pp.ru0
-
2018-01-25nsdic.pp.ru178.250.241.2243362MAJORDOMO MAJORDOMO LLC
-
2018-01-22nsdic.pp.ru0
-
2017-12-19nsdic.pp.ru195.14.105.1256504HORTTEL-AS, RU
-
2017-12-08nsdic.pp.ru78.108.83.15343362MAJORDOMO MAJORDOMO LLC
-
2017-12-03nsdic.pp.ru91.216.59.9345027INETTECH-AS , UA
-
2017-11-30nsdic.pp.ru81.177.26.1988342RTCOMM-AS OJSC RTComm.RU
-
2017-11-22nsdic.pp.ru78.108.95.11643362MAJORDOMO MAJORDOMO LLC
-
2017-11-11nsdic.pp.ru195.14.105.2756504HORTTEL-AS, RU
-
2017-11-09nsdic.pp.ru91.224.23.153197695AS-REGRU _Domain names registrar REG.RU_, Ltd
-
2017-11-09nsdic.pp.ru195.14.105.2756504HORTTEL-AS, RU
-
2017-11-09nsdic.pp.ru91.224.23.153197695AS-REGRU _Domain names registrar REG.RU_, Ltd
-
2017-11-07nsdic.pp.ru0
-
2017-10-29nsdic.pp.ru78.108.89.8543362MAJORDOMO MAJORDOMO LLC
-
2017-10-26nsdic.pp.ru91.224.23.174197695AS-REGRU _Domain names registrar REG.RU_, Ltd
-
2017-10-11nsdic.pp.ru95.47.156.20257494ADMAN-AS Krek Ltd.
-
2017-10-07nsdic.pp.ru77.120.115.23325229VOLIA-AS Kyivski Telekomunikatsiyni Merezhi LLC
-
2017-10-06nsdic.pp.ru185.15.208.21752000ALDAN-3-AS LTD _ALDAN-3_
-
2017-10-05nsdic.pp.ru103.200.22.20618403FPT-AS-AP The Corporation for Financing & Promoting Technology
-
2017-09-26nsdic.pp.ru0
-
2017-08-11nsdic.pp.ru179.43.184.21651852PLI-AS Private Layer INC
-
2017-08-09nsdic.pp.ru179.43.184.20151852PLI-AS Private Layer INC
-
2017-08-04nsdic.pp.ru179.43.184.19451852PLI-AS Private Layer INC
-
2017-07-28nsdic.pp.ru0
-
2017-07-03nsdic.pp.ru89.39.106.8049981WORLDSTREAM WorldStream
-
2017-06-20nsdic.pp.ru0
-
2017-06-05nsdic.pp.ru185.72.178.17160781LEASEWEB-NL LeaseWeb B.V.,NL
-
2016-09-29nsdic.pp.ru191.96.249.1064484ASDMZHOST , NL
-
2016-09-16nsdic.pp.ru0
-
2016-09-14nsdic.pp.ru191.96.249.1064484ASDMZHOST , NL
-
2016-09-12nsdic.pp.ru185.62.188.5149349DOTSI , PT
-
2016-09-06nsdic.pp.ru5.206.225.10449349DOTSI , PT
-
2016-09-05nsdic.pp.ru185.45.193.15960117HS Host Sailor Ltd.,AE
-

# of rows: 35