Locky Distribution Site :: poker-vids.com

Host Information

Locky Distribution Site:poker-vids.com
Threat:Distribution Site
Malware:Locky
URL:http://poker-vids.com/988gd4
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:GODADDY.COM, LLC
Firstseen (UTC):2016-11-23 10:39:04
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-02-26 01:45:352019-10-14 01:46:55129.121.191.30adria.seoboxes.comNot listedAS62729ASMALLORANGE1 - A Small Orange LLC, US- United States (US)
no2018-02-13 01:13:252019-01-15 01:51:34184.164.75.18tania.ndx10.comNot listedAS53755IOFLOOD - Input Output Flood LLC, US- United States (US)
no2017-01-16 05:31:002017-01-18 05:26:52184.168.221.37ip-184-168-221-37.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-18 01:14:46never184.168.221.64ip-184-168-221-64.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-23 01:51:342019-02-21 01:45:38184.168.221.66ip-184-168-221-66.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-19 01:51:012019-02-19 01:45:32184.168.221.75ip-184-168-221-75.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-21 01:50:362019-02-08 01:46:31184.168.221.79ip-184-168-221-79.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2016-11-23 13:01:532018-01-24 01:14:18198.15.101.2Not listedAS20454SSASN2 - SECURED SERVERS LLC, US- United States (US)
no2018-01-25 01:14:372018-02-10 01:12:5223.226.69.34tania.ndx10.comNot listedAS53755IOFLOOD - Input Output Flood LLC, US- United States (US)
no2018-01-16 01:13:592019-02-16 01:45:3150.63.202.66ip-50-63-202-66.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-16 01:50:212019-02-17 01:45:1850.63.202.76ip-50-63-202-76.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-29 01:49:432019-02-12 01:45:0250.63.202.84ip-50-63-202-84.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-17 01:16:15never50.63.202.88ip-50-63-202-88.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-01-20 01:50:282019-02-20 01:45:3550.63.202.93ip-50-63-202-93.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)

# IPs found: 14 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-11-23 12:50:51a848b6d934744a8228e861d3ca6f6e5f262'144 bytesVirustotal results 9/54 (16.67%) n/a

Unique dropped files: 1