Locky Distribution Site :: golfnauvoo.com

Host Information

Locky Distribution Site:golfnauvoo.com
Threat:Distribution Site
Malware:Locky
URL:http://golfnauvoo.com/gy7f57f6
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:GODADDY.COM, LLC
Nameserver(s):ns-1180.awsdns-19.org
 ns-1586.awsdns-06.co.uk
 ns-474.awsdns-59.com
 ns-995.awsdns-60.net
Firstseen (UTC):2016-10-04 18:01:46
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
no2017-11-25 01:53:16never50.63.202.41ip-50-63-202-41.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2016-10-05 00:11:092017-05-13 02:03:1968.65.120.207s178.web-hosting.comNot listedAS22612NAMECHEAP-NET - Namecheap, Inc., US- United States (US)
no2017-12-19 01:05:132017-12-30 01:17:3150.63.202.94ip-50-63-202-94.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-15 01:01:352017-12-29 01:16:1750.63.202.93ip-50-63-202-93.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-13 01:03:54never50.63.202.84ip-50-63-202-84.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-03 01:03:022018-01-05 01:03:1250.63.202.81ip-50-63-202-81.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-27 01:01:25never50.63.202.76ip-50-63-202-76.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-20 01:03:37never50.63.202.71ip-50-63-202-71.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-16 01:03:432018-01-17 01:04:4250.63.202.69ip-50-63-202-69.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-11-24 01:55:202017-11-29 08:18:1650.63.202.61ip-50-63-202-61.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-11-30 08:18:392017-12-13 17:17:2550.63.202.51ip-50-63-202-51.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-11-21 01:54:462017-12-07 01:01:3850.63.202.49ip-50-63-202-49.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-09 08:16:272017-12-14 01:01:3250.63.202.46ip-50-63-202-46.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-11-28 08:17:48never50.63.202.45ip-50-63-202-45.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-04-26 01:01:552018-09-18 08:21:05159.174.117.213Not listedAS36444NEXCESS-NET - NEXCESS.NET L.L.C., US- United States (US)
no2018-01-25 01:03:122018-04-25 01:01:38199.59.242.150Not listedAS395082BODIS-NJ - Bodis, LLC, US- United States (US)
no2018-01-12 01:03:112018-01-19 01:03:48184.168.221.91ip-184-168-221-91.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-20 01:02:272018-01-07 01:03:06184.168.221.87ip-184-168-221-87.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-16 01:01:542018-01-11 01:03:30184.168.221.82ip-184-168-221-82.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-09 01:03:34never184.168.221.74ip-184-168-221-74.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-26 01:01:20never184.168.221.73ip-184-168-221-73.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-31 01:03:032018-01-02 01:03:06184.168.221.66ip-184-168-221-66.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-15 01:03:452018-01-18 01:03:36184.168.221.64ip-184-168-221-64.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-01 08:16:582018-01-24 01:03:18184.168.221.63ip-184-168-221-63.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-09-21 01:46:582017-11-20 01:56:06184.168.221.55ip-184-168-221-55.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)

# IPs found: 25 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-10-04 23:58:23856c3169e2d686bc2ed226f611821923245'760 bytesVirustotal results 5/55 (9.09%) n/a

Unique dropped files: 1