Locky Distribution Site :: wphone3c.com

Host Information

Locky Distribution Site:wphone3c.com
Threat:Distribution Site
Malware:Locky
URL:http://wphone3c.com/6ap7em
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:GODADDY.COM, LLC
Firstseen (UTC):2016-12-12 13:07:36
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
no2017-12-31 01:05:21never50.63.202.66ip-50-63-202-66.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-05-11 01:02:392019-03-05 01:19:1274.220.199.6parking.bluehost.comNot listedAS46606UNIFIEDLAYER-AS-1 - Unified Layer, US- United States (US)
no2018-03-24 01:06:162018-05-10 01:03:0665.19.172.236Not listedAS6939HURRICANE - Hurricane Electric LLC, US- United States (US)
no2018-01-11 01:05:27never50.63.202.90ip-50-63-202-90.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-06 01:04:55never50.63.202.89ip-50-63-202-89.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-09 01:05:472018-01-18 01:05:3850.63.202.86ip-50-63-202-86.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-17 01:00:092018-01-07 01:05:3650.63.202.80ip-50-63-202-80.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-18 01:00:122017-12-28 01:02:4150.63.202.79ip-50-63-202-79.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-10 01:05:252018-01-20 01:05:4350.63.202.78ip-50-63-202-78.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-19 01:06:25never50.63.202.75ip-50-63-202-75.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-29 01:24:412018-01-01 01:06:1050.63.202.68ip-50-63-202-68.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-05 01:05:362018-01-16 01:06:2350.63.202.67ip-50-63-202-67.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-09-21 01:38:382017-12-16 01:00:12113.10.199.125Not listedAS17444NWT-AS-AP AS number for New World Teleph[...]- Hong Kong (HK)
no2018-01-14 01:05:57never50.63.202.64ip-50-63-202-64.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2019-03-06 01:19:082019-04-03 01:18:43209.99.64.51209-99-64-51.fwd.datafoundry.comNot listedAS40034TEXASNET-ASN - YHC Corporation, US- United States (US)
no2017-12-26 01:01:17never184.168.221.94ip-184-168-221-94.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-25 01:11:26never184.168.221.92ip-184-168-221-92.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-23 01:12:08never184.168.221.82ip-184-168-221-82.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-12 01:05:42never184.168.221.81ip-184-168-221-81.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-12-19 01:01:052018-01-08 01:05:31184.168.221.72ip-184-168-221-72.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-01-13 01:06:18never184.168.221.69ip-184-168-221-69.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2016-12-15 02:01:592016-12-16 04:20:37184.168.221.51ip-184-168-221-51.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2017-03-29 01:27:052017-05-12 01:27:32122.114.131.2Not listedAS37943CNNIC-GIANT ZhengZhou GIANT Computer Net[...]- China (CN)
no2016-12-12 15:46:522017-03-28 01:27:01122.114.108.176Not listedAS37943CNNIC-GIANT ZhengZhou GIANT Computer Net[...]- China (CN)

# IPs found: 24 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2017-03-02 01:28:276bf590b345f56cf7f228dd4297a273bc83'494 bytesn/an/a
2017-01-29 02:27:325fab43e761f35338761ec43f3278fa0e2'507 bytesn/an/a
2017-01-27 02:28:27c08f85c1efd7d36b6e5bf1b5ef09488416'987 bytesn/an/a
2016-12-12 15:46:368eb1ca27e8e41714b9ed50a9e9fc5b0f152'977 bytesVirustotal results 3/55 (5.45%) n/a

Unique dropped files: 4