Locky Distribution Site :: sandinthesky.com

Host Information

Locky Distribution Site:sandinthesky.com
Threat:Distribution Site
Malware:Locky
URL:http://sandinthesky.com/en4vlvn
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:GODADDY.COM, LLC
Nameserver(s):ns1.expiereddnsmanager.com
 ns2.expiereddnsmanager.com
Firstseen (UTC):2016-12-07 15:48:25
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-06-11 04:40:162019-08-18 04:37:34173.239.8.164icsvm3.webair.comNot listedAS27257WEBAIR-INTERNET - Webair Internet Develo[...]- United States (US)
yes2019-06-11 04:40:162019-08-18 04:37:34173.239.5.6Not listedAS27257WEBAIR-INTERNET - Webair Internet Develo[...]- United States (US)
yes2019-06-11 04:40:162019-08-18 04:37:34213.247.47.190Not listedAS25525REASONNET-AS Amsterdam, the Netherlands,[...]- United States (US)
no2016-12-07 17:17:402017-04-21 02:10:0575.98.171.8675.98.171.86.static.a2webhosting.comNot listedAS55293A2HOSTING - A2 Hosting, Inc., US- United States (US)
no2019-04-17 04:41:202019-04-29 04:40:0950.63.202.76ip-50-63-202-76.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-04-10 04:40:102019-04-24 04:43:3350.63.202.70ip-50-63-202-70.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-03-27 04:39:59never50.63.202.65ip-50-63-202-65.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-04-05 04:40:212019-04-22 04:38:3050.63.202.64ip-50-63-202-64.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-07-06 04:42:572019-07-25 04:40:41185.53.178.6Not listedAS61969TEAMINTERNET-AS , DE- Germany (DE)
no2019-03-29 04:41:24never184.168.221.89ip-184-168-221-89.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-03-28 04:39:322019-04-02 04:39:53184.168.221.86ip-184-168-221-86.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-04-15 04:38:552019-04-27 04:37:11184.168.221.85ip-184-168-221-85.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-04-08 04:39:482019-04-23 04:41:26184.168.221.81ip-184-168-221-81.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-04-03 04:40:44never184.168.221.79ip-184-168-221-79.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-04-06 04:38:232019-04-30 04:38:07184.168.221.76ip-184-168-221-76.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-04-01 04:38:28never184.168.221.73ip-184-168-221-73.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-03-31 04:42:282019-04-04 04:38:36184.168.221.66ip-184-168-221-66.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)

# IPs found: 17 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-12-07 17:17:39dd10de9b715efabcf406374d789a16c5156'030 bytesVirustotal results 1/55 (1.82%) n/a

Unique dropped files: 1