Locky Distribution Site :: gencemiz.biz

Host Information

Locky Distribution Site:gencemiz.biz
Threat:Distribution Site
Malware:Locky
URL:http://gencemiz.biz/udz5egg8
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Firstseen (UTC):2016-11-04 14:35:40
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
no2017-12-10 05:20:182018-10-01 05:43:33185.53.178.7Not listedAS61969TEAMINTERNET-AS, DE- Germany (DE)
no2018-10-02 05:43:592018-11-29 05:44:1867.225.218.50Not listedAS32244LIQUIDWEB - Liquid Web, L.L.C, US- United States (US)
no2017-11-25 01:36:532018-05-07 05:43:5154.72.9.51ec2-54-72-9-51.eu-west-1.compute.amazonaws.comNot listedAS16509AMAZON-02 - Amazon.com, Inc., US- Ireland (IE)
no2018-12-19 02:39:532019-01-02 05:40:4250.63.202.93ip-50-63-202-93.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-23 05:45:222019-01-04 05:40:1650.63.202.77ip-50-63-202-77.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-02 05:46:022018-12-11 05:45:5150.63.202.73ip-50-63-202-73.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-16 05:42:022018-12-29 05:44:0250.63.202.66ip-50-63-202-66.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2016-11-23 08:47:292016-12-16 11:19:4946.29.160.200Not listedAS51659ASBAXET , RU- Russian Federation (RU)
no2016-12-21 13:10:252017-01-09 08:29:3746.17.47.50Not listedAS51659ASBAXET , RU- Russian Federation (RU)
no2017-06-25 01:11:342017-08-05 01:10:25209.99.40.220209-99-40-220.fwd.datafoundry.comNot listedAS3900CONFLUENCE-NETWORK-INC - Confluence Netw[...]- United States (US)
no2017-01-20 07:51:072017-06-24 01:11:15194.67.213.72server.azmaster.ruNot listedAS48666AS-MAROSNET Moscow, Russia, RU- Russian Federation (RU)
no2016-11-04 17:09:292016-11-22 05:01:48138.201.231.11static.11.231.201.138.clients.your-server.deNot listedAS24940HETZNER-AS , DE- Germany (DE)
no2018-12-03 05:42:402019-01-03 05:39:21184.168.221.92ip-184-168-221-92.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-18 05:43:142018-12-31 05:39:26184.168.221.91ip-184-168-221-91.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-06 05:43:33never184.168.221.89ip-184-168-221-89.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-21 05:45:522019-01-01 05:42:28184.168.221.81ip-184-168-221-81.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-05 05:46:452018-12-15 05:43:42184.168.221.80ip-184-168-221-80.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-30 05:45:462018-12-10 05:44:59184.168.221.78ip-184-168-221-78.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-14 05:40:312019-01-05 05:40:52184.168.221.72ip-184-168-221-72.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-01 05:45:352018-12-17 05:43:26184.168.221.68ip-184-168-221-68.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-12-20 05:43:28never184.168.221.66ip-184-168-221-66.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)

# IPs found: 21 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-11-04 17:09:289bae566b695fad6601c41c6f82ebb8db187'392 bytesVirustotal results 43/56 (76.79%) n/a

Unique dropped files: 1