Locky Distribution Site :: rockrak.com

Host Information

Locky Distribution Site:rockrak.com
Threat:Distribution Site
Malware:Locky
URL:http://rockrak.com/RSkfsNR7
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:GoDaddy.com, LLC
Nameserver(s):ns2.dnsdun.com
 ns2.dnsdun.net
Firstseen (UTC):2017-09-20 08:49:34
Lastseen (UTC):

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
no2019-06-12 05:00:03never184.168.221.45ip-184-168-221-45.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-06-13 04:59:39never184.168.221.58ip-184-168-221-58.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-05-08 04:58:142019-06-02 05:00:54184.168.221.80ip-184-168-221-80.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-05-11 04:57:312019-06-07 04:58:39184.168.221.82ip-184-168-221-82.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-05-31 05:02:492019-06-04 04:59:00184.168.221.83ip-184-168-221-83.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-06-09 04:59:58never184.168.221.85ip-184-168-221-85.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-05-10 04:58:172019-05-20 05:00:12184.168.221.86ip-184-168-221-86.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-05-24 04:59:25never184.168.221.92ip-184-168-221-92.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-07-16 05:01:522019-11-05 05:03:4645.194.227.130Not listedAS134548DXTL-HK DXTL Tseung Kwan O Service, HK- South Africa (ZA)
no2019-05-26 04:57:262019-06-11 05:02:4450.63.202.64ip-50-63-202-64.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-06-03 04:57:582019-06-10 04:59:4650.63.202.66ip-50-63-202-66.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-05-18 05:00:182019-05-28 05:00:1550.63.202.68ip-50-63-202-68.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-05-09 04:57:592019-05-23 05:00:4350.63.202.70ip-50-63-202-70.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-05-12 04:57:012019-05-22 04:59:1750.63.202.92ip-50-63-202-92.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-09-20 08:50:102019-05-07 05:00:1168.171.49.151therockcc.orgNot listedAS17054AS17054 - CONTINENTAL BROADBAND PENNSYLV[...]- United States (US)

# IPs found: 15 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2017-09-20 13:47:218742a138c7d2e6c762533a25f67b40a6655'360 bytesVirustotal results 57/66 (86.36%) n/a
2017-09-20 11:15:068fba722570b2a92d038a10957c3d77e9655'360 bytesVirustotal results 22/65 (33.85%) n/a
2017-09-20 08:50:08051abecc907d95bac508bb5445bd55eb655'872 bytesVirustotal results 26/65 (40.00%) n/a

Unique dropped files: 3