Locky Distribution Site :: resortphotographics.com

Host Information

Locky Distribution Site:resortphotographics.com
Threat:Distribution Site
Malware:Locky
URL:http://resortphotographics.com/8y6ghhfg
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:eNom, Inc.
Nameserver(s):ns05.domaincontrol.com
 ns06.domaincontrol.com
Firstseen (UTC):2017-10-11 11:27:55
Lastseen (UTC):

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2018-08-24 02:55:482019-08-20 02:35:33184.168.131.241ip-184-168-131-241.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-03-14 01:18:21never50.63.202.24ip-50-63-202-24.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-28 01:19:10never50.63.202.10ip-50-63-202-10.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-02-06 01:16:092018-02-07 01:16:3650.63.202.11ip-50-63-202-11.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-03-12 01:15:512018-07-17 02:39:0050.63.202.13ip-50-63-202-13.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-02-01 01:16:402018-02-13 01:15:0550.63.202.14ip-50-63-202-14.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-03-21 01:16:582018-08-05 02:38:3850.63.202.15ip-50-63-202-15.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-02-17 01:17:042018-06-02 01:16:3550.63.202.16ip-50-63-202-16.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-02-23 01:17:30never50.63.202.18ip-50-63-202-18.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-02-14 01:16:512018-06-08 01:18:1050.63.202.20ip-50-63-202-20.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-02-16 01:17:262018-06-25 02:39:2150.63.202.21ip-50-63-202-21.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-05-21 01:15:452018-06-04 01:17:3350.63.202.22ip-50-63-202-22.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-06-15 01:15:472018-08-10 02:38:4150.63.202.23ip-50-63-202-23.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-03-02 01:17:272018-08-21 02:37:49184.168.221.9ip-184-168-221-9.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-30 01:18:302018-08-04 02:37:4850.63.202.25ip-50-63-202-25.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-03-15 01:17:152018-07-04 02:38:5750.63.202.26ip-50-63-202-26.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-07-05 02:39:372018-07-20 02:38:4950.63.202.27ip-50-63-202-27.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-02-28 01:17:352018-06-30 02:38:5450.63.202.28ip-50-63-202-28.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-03-17 01:17:01never50.63.202.29ip-50-63-202-29.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-03-31 01:16:322018-06-07 01:16:4850.63.202.3ip-50-63-202-3.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-04-25 01:17:35never50.63.202.30ip-50-63-202-30.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-06-16 01:16:062018-07-16 02:38:3350.63.202.31ip-50-63-202-31.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-02-09 01:16:002018-06-12 01:17:5150.63.202.5ip-50-63-202-5.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-07-09 02:38:482018-08-18 02:37:1050.63.202.7ip-50-63-202-7.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-31 01:16:54never50.63.202.8ip-50-63-202-8.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)

# IPs found: 25 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2017-10-11 12:45:06dda37961870ce079defbf185eeeef905661'504 bytesVirustotal results 54/68 (79.41%) n/a
2017-10-11 11:29:061ad22ddfe0f4de05030ad0f67fdd26a5603'648 bytesVirustotal results 15/66 (22.73%) n/a

Unique dropped files: 2