Locky Distribution Site :: regeneratewert.ws

Host Information

Locky Distribution Site:regeneratewert.ws
Threat:Distribution Site
Malware:Locky
URL:http://regeneratewert.ws/1qvvu9lu
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:Eranet International Limited
Firstseen (UTC):2016-08-04 11:46:28
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-03-19 02:31:332019-09-18 02:33:0464.70.19.203mailrelay.203.website.wsNot listedAS3561CENTURYLINK-LEGACY-SAVVIS - Savvis, US- United States (US)
no2017-08-05 01:06:032017-09-01 01:08:26103.232.215.140Not listedAS18779EGIHOSTING - EGIHosting, US- China (CN)
no2016-08-04 21:13:502016-08-06 09:52:33162.213.27.100mx33.squeelturn.comNot listedAS46664VOLUMEDRIVE - VolumeDrive, US- United States (US)
no2018-07-31 02:31:202019-03-18 02:31:06173.230.130.175tomato.parklogic.comNot listedAS63949LINODE-AP Linode, LLC, US- United States (US)
no2016-08-06 11:41:502016-08-09 18:09:18193.29.187.237mail1.vcfyakima.comNot listedAS51177THCPROJECTS , RO- Romania (RO)
no2016-08-12 22:54:252016-08-15 06:15:48212.227.84.62s19434098.onlinehome-server.infoNot listedAS8560ONEANDONE-AS Brauerstrasse 48, DE- Germany (DE)
no2016-08-15 18:14:492016-12-12 18:47:34213.229.74.92cheapvpse815.temphex.comNot listedAS29550SIMPLYTRANSIT , GB- United Kingdom (GB)
no2016-08-09 20:00:572016-08-12 20:59:21217.160.224.133s19435445.onlinehome-server.infoNot listedAS8560ONEANDONE-AS Brauerstrasse 48, DE- Germany (DE)
no2016-08-04 11:51:262016-08-04 15:29:5945.58.62.139455862139wsz.maya-dns.netNot listedAS62217VOOSERVERS , GB- United States (US)
no2016-08-15 12:16:362016-08-15 16:16:325.1.75.218mailex.meine-pflegevorsorge.orgNot listedAS34549MEER-AS , DE- Germany (DE)
no2016-08-04 11:51:262016-12-12 18:47:3591.223.89.200Not listedAS197569ENERGOMONTAZH-AS , RU- Ukraine (UA)
no2016-08-04 17:31:482016-08-04 19:20:2994.242.57.182gateway.agiri.ninjaNot listedAS43317FISHNET-AS , RU- Russian Federation (RU)

# IPs found: 12 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-08-04 11:51:236d8404d9dab3a624d806db3307ea66b5146'948 bytesVirustotal results 4/54 (7.41%) n/a

Unique dropped files: 1