Locky Distribution Site :: read4change.com

Host Information

Locky Distribution Site:read4change.com
Threat:Distribution Site
Malware:Locky
URL:http://read4change.com/g76dbf
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:DOTARAI CO,. LTD.
Nameserver(s):ns67.domaincontrol.com
 ns68.domaincontrol.com
Firstseen (UTC):2016-10-25 15:04:27
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-09-19 05:06:322019-11-13 05:06:32184.168.221.39ip-184-168-221-39.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-05-03 01:32:20never202.28.1.60Not listedAS17823THNIC-ASN-AP Thailand Network Informatio[...]- Thailand (TH)
no2019-08-29 05:06:492019-09-04 05:06:1450.63.202.61ip-50-63-202-61.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-14 05:05:59never50.63.202.54ip-50-63-202-54.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-23 05:06:482019-11-04 05:07:2150.63.202.51ip-50-63-202-51.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-12 05:06:02never50.63.202.49ip-50-63-202-49.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-10 05:07:532019-09-11 05:07:2450.63.202.45ip-50-63-202-45.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-15 05:06:172019-09-20 05:06:0150.63.202.44ip-50-63-202-44.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-16 05:08:562019-11-11 05:08:4050.63.202.41ip-50-63-202-41.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-08-16 05:06:47never50.63.202.38ip-50-63-202-38.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-26 05:05:59never50.63.202.37ip-50-63-202-37.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-01 05:06:07never50.63.202.35ip-50-63-202-35.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-06-15 01:33:002018-07-25 05:25:23208.91.197.46Not listedAS40034CONFLUENCE-NETWORK-INC - Confluence Netw[...]- Virgin Islands, British (VG)
no2017-09-21 01:24:122018-06-14 01:33:31204.11.56.48Not listedAS40034CONFLUENCE-NETWORK-INC - Confluence Netw[...]- Virgin Islands, British (VG)
no2016-10-25 15:27:372017-04-21 01:32:39183.90.173.108183-90-173-108.revip173.yourconnect.comNot listedAS132300YOURCONNECT-AS-AP YOURCONNECT CO., LTD, [...]- Thailand (TH)
no2019-08-21 05:07:562019-09-09 05:05:55184.168.221.63ip-184-168-221-63.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-08-27 05:07:222019-09-08 05:06:43184.168.221.62ip-184-168-221-62.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-08-17 05:07:162019-08-24 05:07:07184.168.221.61ip-184-168-221-61.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-08-30 05:08:572019-09-05 05:09:26184.168.221.60ip-184-168-221-60.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-10-19 05:08:23never184.168.221.54ip-184-168-221-54.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-21 05:10:262019-11-08 05:06:25184.168.221.52ip-184-168-221-52.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-13 05:06:522019-11-12 05:06:41184.168.221.50ip-184-168-221-50.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-08-25 05:07:352019-09-06 05:06:15184.168.221.45ip-184-168-221-45.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-08-18 05:09:062019-09-02 05:06:15184.168.221.44ip-184-168-221-44.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-09-25 05:10:37never184.168.221.42ip-184-168-221-42.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)

# IPs found: 25 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-10-25 15:24:4841c2644723ee69c979c0b00e28084132278'528 bytesVirustotal results 22/60 (36.67%) n/a

Unique dropped files: 1