Locky Distribution Site :: gtaxusa.com

Host Information

Locky Distribution Site:gtaxusa.com
Threat:Distribution Site
Malware:Locky
URL:http://gtaxusa.com/jht76gh
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:GODADDY.COM, LLC
Firstseen (UTC):2016-12-13 11:26:01
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
no2016-12-13 14:23:452017-06-05 01:12:20107.180.51.12ip-107-180-51-12.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-06-22 01:11:242017-06-27 01:08:45184.168.221.35ip-184-168-221-35.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-06-28 01:10:47never184.168.221.36ip-184-168-221-36.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-07-03 01:09:232017-07-11 01:11:06184.168.221.44ip-184-168-221-44.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-06-26 01:10:52never184.168.221.45ip-184-168-221-45.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-07-07 01:11:272017-07-10 01:11:22184.168.221.47ip-184-168-221-47.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-06-30 01:09:152017-07-06 01:10:55184.168.221.56ip-184-168-221-56.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-06-21 01:08:44never50.63.202.32ip-50-63-202-32.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-07-02 01:11:222017-07-05 01:09:3350.63.202.36ip-50-63-202-36.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-06-29 01:09:072017-07-12 01:11:1750.63.202.44ip-50-63-202-44.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-06-23 01:11:372017-07-01 01:11:2950.63.202.58ip-50-63-202-58.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-06-06 01:11:302017-07-12 01:11:1650.63.202.81ip-50-63-202-81.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-08-25 01:11:142018-08-23 07:42:2663.249.226.11963-249-226-119.static.dal01.corespace.comNot listedAS54489CORESPACE-DAL - CoreSpace, Inc., US- United States (US)
no2018-08-24 08:43:152018-10-03 07:40:2769.16.230.43host.qualityestudio.comNot listedAS32244LIQUIDWEB - Liquid Web, L.L.C, US- United States (US)

# IPs found: 14 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-12-13 14:20:16e98ae17129de777e560d9bb5a49d77e3352'256 bytesVirustotal results 19/59 (32.20%) # Not authorized

Unique dropped files: 1