Locky Distribution Site :: dubaifridays.com

Host Information

Locky Distribution Site:dubaifridays.com
Threat:Distribution Site
Malware:Locky
URL:http://dubaifridays.com/437gfinw2?NzGQTrl=AJQIIksfc
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:GODADDY.COM, LLC
Nameserver(s):nadia.ns.cloudflare.com
 paul.ns.cloudflare.com
Firstseen (UTC):2016-05-21 14:05:58
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-03-10 04:53:432019-10-16 04:50:16136.243.134.152static.152.134.243.136.clients.your-server.deNot listedAS24940HETZNER-AS, DE- Germany (DE)
no2016-05-28 04:51:452016-11-24 18:39:30104.28.4.16Not listedAS13335CLOUDFLARENET - CloudFlare, Inc., US- United States (US)
no2016-05-28 04:51:452016-11-24 18:39:31104.28.5.16Not listedAS13335CLOUDFLARENET - CloudFlare, Inc., US- United States (US)
no2016-06-03 18:09:442016-06-23 11:18:48163.172.146.5656-146-172-163.rev.cloud.scaleway.comNot listedAS12876- France (FR)
no2019-03-09 04:49:27never172.168.1.1ACA80101.ipt.aol.comNot listedAS1668AOL-ATDN - AOL Transit Data Network, US- United States (US)
no2017-11-16 01:33:272017-12-29 04:59:35176.9.110.92dubaifridays.comNot listedAS24940HETZNER-AS, DE- Germany (DE)
no2017-10-05 04:47:082017-11-15 01:34:07176.9.110.94serverhz.hostingsys.orgNot listedAS24940HETZNER-AS, DE- Germany (DE)
no2017-12-30 05:01:542019-03-08 04:51:12188.165.66.81sys1.cloudservers98.comNot listedAS16276OVH, FR- Finland (FI)
no2016-05-30 07:09:422017-10-04 01:30:36195.154.34.18yummy.cloudservers98.comNot listedAS12876- France (FR)
no2016-05-21 14:06:042016-06-03 12:23:37212.83.135.161dubaifridays.comNot listedAS12876AS12876 ONLINE S.A.S., FR- France (FR)
no2016-11-25 18:57:512017-09-22 01:30:4951.254.139.6363.ip-51-254-139.euNot listedAS16276OVH , FR- France (FR)

# IPs found: 11 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-05-21 14:06:0429d8873d096c9abb3e9a6584c992ee60225'280 bytesVirustotal results 48/57 (84.21%) Locky

Unique dropped files: 1