Locky Distribution Site :: nowandthensecondhandstore.com

Host Information

Locky Distribution Site:nowandthensecondhandstore.com
Threat:Distribution Site
Malware:Locky
URL:http://nowandthensecondhandstore.com/opw9ikk
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:GODADDY.COM, LLC
Nameserver(s):ns1.parklogic.com
 ns2.parklogic.com
 ns3.parklogic.com
Firstseen (UTC):2016-05-10 10:58:12
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-10-18 05:54:462019-11-22 05:55:2367.227.226.240Not listedAS32244LIQUID-WEB-INC - Liquid Web, L.L.C, US- United States (US)
no2016-05-10 10:58:122016-08-23 11:58:21107.180.40.141ip-107-180-40-141.ip.secureserver.netNot listedAS26496- United States (US)
no2019-10-16 05:53:26never184.168.221.37ip-184-168-221-37.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-16 05:52:232019-10-02 05:52:37184.168.221.64ip-184-168-221-64.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-25 05:51:56never184.168.221.80ip-184-168-221-80.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-12 05:55:14never184.168.221.90ip-184-168-221-90.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-13 05:50:482019-09-27 05:51:53184.168.221.93ip-184-168-221-93.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-10-15 05:50:332019-10-17 05:54:3350.63.202.60ip-50-63-202-60.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2016-08-23 14:10:212019-09-07 05:52:2250.63.202.62ip-50-63-202-62.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-14 05:49:362019-10-08 06:10:3350.63.202.77ip-50-63-202-77.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-17 05:51:072019-10-14 05:51:2950.63.202.79ip-50-63-202-79.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-20 06:00:232019-10-03 05:55:3750.63.202.81ip-50-63-202-81.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-08 05:52:562019-10-09 06:07:1250.63.202.82ip-50-63-202-82.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-26 05:50:38never50.63.202.87ip-50-63-202-87.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-09 05:51:55never50.63.202.89ip-50-63-202-89.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)

# IPs found: 15 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-05-10 11:17:14010d076891e781c9bb20b67d6c76dbc8136'192 bytesVirustotal results 8/57 (14.04%) Locky

Unique dropped files: 1