Locky Distribution Site :: www.refereccu.com

Host Information

Locky Distribution Site:www.refereccu.com
Threat:Distribution Site
Malware:Locky
URL:http://www.refereccu.com/874ghv3
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:GODADDY.COM, LLC
Firstseen (UTC):2016-12-12 13:03:16
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2018-09-17 01:36:162019-09-18 01:30:58184.168.131.241ip-184-168-131-241.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-03-06 01:06:572018-05-03 01:07:5150.63.202.23ip-50-63-202-23.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-19 01:14:022018-06-18 01:07:0050.63.202.1ip-50-63-202-1.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-10-12 01:55:502018-05-29 01:07:0450.63.202.10ip-50-63-202-10.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-06 01:06:52never50.63.202.12ip-50-63-202-12.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-03-22 01:08:282018-06-16 01:06:4450.63.202.13ip-50-63-202-13.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-10-02 01:45:542018-03-08 01:08:4150.63.202.14ip-50-63-202-14.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-10-18 01:57:172018-09-13 01:35:5550.63.202.15ip-50-63-202-15.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-09-25 01:41:472018-08-15 01:37:5050.63.202.16ip-50-63-202-16.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-03-25 01:07:30never50.63.202.17ip-50-63-202-17.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-10-26 01:56:112018-09-12 01:36:0550.63.202.18ip-50-63-202-18.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-13 17:12:462018-07-01 01:38:0550.63.202.19ip-50-63-202-19.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-02-26 01:07:402018-04-30 01:08:4550.63.202.2ip-50-63-202-2.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-02-13 01:08:322018-09-11 01:36:1450.63.202.20ip-50-63-202-20.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-04-04 01:07:21never50.63.202.21ip-50-63-202-21.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-04-26 01:07:312018-06-12 01:07:0950.63.202.22ip-50-63-202-22.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2016-12-12 15:52:352017-05-12 01:28:5523.229.166.185ip-23-229-166-185.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-05-18 01:07:062018-06-02 01:06:3950.63.202.24ip-50-63-202-24.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-10 01:07:152018-01-23 01:08:3150.63.202.25ip-50-63-202-25.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-04-20 01:07:572018-06-10 01:06:4350.63.202.26ip-50-63-202-26.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-02-01 01:07:422018-02-02 01:10:2850.63.202.27ip-50-63-202-27.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-10-03 01:50:082018-08-25 01:36:1750.63.202.28ip-50-63-202-28.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-06-01 01:06:392018-06-29 01:38:1950.63.202.29ip-50-63-202-29.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-10-15 02:02:482017-10-23 01:53:4550.63.202.3ip-50-63-202-3.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-03-24 01:08:032018-03-27 01:08:4050.63.202.30ip-50-63-202-30.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)

# IPs found: 25 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-12-12 15:32:30822590912e835cfbcf80855aad3e67d1352'256 bytesVirustotal results 10/55 (18.18%) n/a

Unique dropped files: 1