Locky Distribution Site :: naturesagro.com

Host Information

Locky Distribution Site:naturesagro.com
Threat:Distribution Site
Malware:Locky
URL:http://naturesagro.com/g7fb6v
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:GODADDY.COM, LLC
Nameserver(s):ns1.hostblast.net
 ns2.hostblast.net
Firstseen (UTC):2016-10-06 11:29:39
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-06-18 06:20:302019-09-20 06:17:1951.89.7.30s81.fastserver.clubNot listedAS16276OVH, FR- United Kingdom (GB)
no2016-10-06 18:16:382016-12-23 11:01:24184.154.142.202rs3.websitehostserver.netNot listedAS32475SINGLEHOP-LLC - SingleHop, Inc., US- United States (US)
no2017-11-03 01:45:122017-11-11 01:42:23184.168.221.46ip-184-168-221-46.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-02-12 06:20:142019-02-20 06:20:11184.168.221.84ip-184-168-221-84.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-06 06:48:162019-06-17 06:18:35195.201.243.232server81.hostblast.netNot listedAS24940HETZNER-AS, DE- Russian Federation (RU)
no2017-11-23 01:42:072018-08-10 06:37:3446.30.215.127webcluster-ssl64.webpod6-cph3.one.comNot listedAS51468ONECOM, DK- Denmark (DK)
no2018-10-08 06:33:442018-11-05 06:48:4346.30.215.198webcluster-ssl7.webpod8-cph3.one.comNot listedAS51468ONECOM, DK- Denmark (DK)
no2018-08-11 06:37:562018-10-07 06:37:1046.30.215.99webcluster-ssl36.webpod6-cph3.one.comNot listedAS51468ONECOM, DK- Denmark (DK)
no2019-02-10 06:21:522019-02-19 06:19:1350.63.202.71ip-50-63-202-71.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-02-13 06:22:422019-02-18 06:20:3350.63.202.80ip-50-63-202-80.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-02-11 06:19:18never50.63.202.87ip-50-63-202-87.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2016-12-24 10:30:542017-11-22 01:43:1669.89.31.170box370.bluehost.comNot listedAS46606UNIFIEDLAYER-AS-1 - Unified Layer, US- United States (US)
no2017-03-16 01:50:022017-05-13 01:46:1874.220.199.6parking.bluehost.comNot listedAS46606UNIFIEDLAYER-AS-1 - Unified Layer, US- United States (US)

# IPs found: 13 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-10-06 18:02:250dad138db880640d5dbd453d215896af249'856 bytesVirustotal results 5/60 (8.33%) # Not authorized

Unique dropped files: 1