Locky Distribution Site :: almahaconsultants.com

Host Information

Locky Distribution Site:almahaconsultants.com
Threat:Distribution Site
Malware:Locky
URL:http://almahaconsultants.com/xd7ipc
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:GODADDY.COM, LLC
Nameserver(s):jm1.dns.com
 jm2.dns.com
Firstseen (UTC):2016-11-13 09:14:28
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-08-10 05:01:492019-09-16 05:00:3766.152.170.176Not listedAS35916MULTA-ASN1 - MULTACOM CORPORATION, US- United States (US)
no2019-06-02 05:00:432019-06-13 05:00:15184.168.221.67ip-184-168-221-67.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-06-12 05:04:442019-06-25 05:02:33184.168.221.71ip-184-168-221-71.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-05-30 05:02:442019-06-23 05:01:48184.168.221.86ip-184-168-221-86.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-06-30 05:02:27never184.168.221.91ip-184-168-221-91.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2016-11-13 10:56:342018-11-06 05:12:37213.158.187.37cpshared2.mc.tedata.netNot listedAS8452TE-AS TE-AS, EG- Egypt (EG)
no2018-11-11 05:13:532019-05-24 04:57:31213.158.187.42cpshared11.tedata.netNot listedAS8452TE-AS TE-AS, EG- Egypt (EG)
no2019-05-27 04:57:49never50.63.202.65ip-50-63-202-65.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-05-28 04:59:492019-06-27 04:59:5650.63.202.69ip-50-63-202-69.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-05-29 05:02:012019-06-28 05:00:5550.63.202.78ip-50-63-202-78.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-05-26 05:00:07never50.63.202.79ip-50-63-202-79.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-05-31 05:00:392019-06-24 05:01:0850.63.202.80ip-50-63-202-80.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-06-29 05:03:20never50.63.202.81ip-50-63-202-81.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-05-25 05:00:58never50.63.202.88ip-50-63-202-88.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)

# IPs found: 14 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-11-13 10:56:3218157804e8eee3c4fef3bbeac5663981118'784 bytesVirustotal results 15/56 (26.79%) n/a

Unique dropped files: 1