Locky Distribution Site :: swagfab.com

Host Information

Locky Distribution Site:swagfab.com
Threat:Distribution Site
Malware:Locky
URL:http://swagfab.com/t76f3g
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:NAME.COM, INC.
Nameserver(s):ns1626.ztomy.com
 ns2626.ztomy.com
Firstseen (UTC):2016-10-26 09:38:23
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-01-22 04:23:222019-07-16 04:17:34204.11.56.48Not listedAS40034CONFLUENCE-NETWORK-INC - Confluence Netw[...]- Virgin Islands, British (VG)
no2017-05-05 01:25:372017-05-13 01:24:3069.64.147.242rc.hotkeys.comNot listedAS55002ENOMAS1 - eNom, Incorporated, US- United States (US)
no2017-12-13 17:43:54never184.168.221.37ip-184-168-221-37.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-16 01:27:542018-11-06 04:44:2865.19.134.190ultimate.cms500.comNot listedAS6939HURRICANE - Hurricane Electric, Inc., US- United States (US)
no2018-11-19 04:29:37never50.63.202.84ip-50-63-202-84.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-26 04:31:152018-12-15 04:27:5150.63.202.83ip-50-63-202-83.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-23 04:27:392018-12-04 04:32:3050.63.202.82ip-50-63-202-82.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-20 04:30:072018-12-14 04:26:5650.63.202.65ip-50-63-202-65.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-11 04:41:39never50.63.202.64ip-50-63-202-64.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-11-27 01:26:292017-12-15 01:27:5450.63.202.62ip-50-63-202-62.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-11 04:18:27never50.63.202.60ip-50-63-202-60.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-11-04 01:26:352017-11-17 01:27:4850.63.202.56ip-50-63-202-56.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-11-19 01:27:222017-12-14 01:28:4850.63.202.55ip-50-63-202-55.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-11-22 01:26:402017-12-07 04:20:3150.63.202.46ip-50-63-202-46.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-11-20 01:28:062017-11-30 04:21:1450.63.202.32ip-50-63-202-32.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2016-10-26 10:33:342017-05-04 01:22:20192.185.117.188192-185-117-188.unifiedlayer.comNot listedAS20013CYRUSONE - CyrusOne LLC, US- United States (US)
no2018-11-14 04:31:052018-11-16 04:30:35184.168.221.95ip-184-168-221-95.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-17 04:31:532018-12-11 04:27:57184.168.221.87ip-184-168-221-87.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-13 04:30:52never184.168.221.85ip-184-168-221-85.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-25 04:30:422018-11-28 04:28:48184.168.221.82ip-184-168-221-82.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-12 04:40:47never184.168.221.75ip-184-168-221-75.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-15 04:32:102018-12-09 04:27:02184.168.221.73ip-184-168-221-73.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-24 04:29:082018-12-12 04:29:21184.168.221.72ip-184-168-221-72.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-27 04:28:382018-12-13 04:29:42184.168.221.64ip-184-168-221-64.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-11-28 04:19:592017-12-12 04:17:37184.168.221.56ip-184-168-221-56.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)

# IPs found: 25 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-10-27 01:00:41c1ba0818c697c3c1a556c7dfdcb1edd4286'720 bytesVirustotal results 15/59 (25.42%) # Not authorized
2016-10-26 10:26:32d17d1d63c242d71fcfd41fd506b8dee5278'528 bytesVirustotal results 0/54 (0.00%) n/a

Unique dropped files: 2