Locky Distribution Site :: waner888.com

Host Information

Locky Distribution Site:waner888.com
Threat:Distribution Site
Malware:Locky
URL:http://waner888.com/4go17e
Host Status:offline
Blacklist check:Spamhaus DBL:Not Listed
 SURBL:Not Listed
Domain Registar:HICHINA ZHICHENG TECHNOLOGY LTD.
Nameserver(s):ns1.dnspai.com
 ns2.dnspai.com
Firstseen (UTC):2016-12-12 13:11:47
Lastseen (UTC):never

Associated IP addresses

The table below shows all ip addresses (e.g. A records) associated with this Locky Distribution Site. In case the host is a domain name, the table also shows a history of previous A records if there are any.

Active (?This row indicates whether the domain name's A record is currently pointing to an IP address or whether the record is historic (e.g. because the A record has been moved to a different IP address).

yes = Active A record
no = Historical record
)
Firstseen (UTC)Lastseen (UTC)IP addressHostnameSBLAS numberAS nameCountry
yes2019-01-22 01:01:402019-08-17 08:27:34104.164.137.26Not listedAS18779EGIHOSTING - EGIHosting, US- United States (US)
no2017-11-01 02:01:522018-09-10 01:04:10141.8.224.93Not listedAS40034CONFLUENCE-NETWORK-INC - Confluence Netw[...]- Switzerland (CH)
no2018-11-16 01:03:162018-12-10 01:03:14184.168.221.85ip-184-168-221-85.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-13 01:03:16never184.168.221.89ip-184-168-221-89.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-17 01:03:192018-12-07 01:03:14184.168.221.93ip-184-168-221-93.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-09-11 01:04:172018-11-06 01:03:18199.191.50.184Not listedAS40034CONFLUENCE-NETWORK-INC - Confluence Netw[...]- Virgin Islands, British (VG)
no2019-01-19 01:01:422019-01-21 01:01:40209.99.64.25209-99-64-25.fwd.datafoundry.comNot listedAS40034CONFLUENCE-NETWORK-INC - Confluence Netw[...]- United States (US)
no2016-12-13 06:21:262017-05-12 01:24:4847.90.76.38Not listedAS45102CNNIC-ALIBABA-CN-NET-AP Alibaba (China) [...]- Hong Kong (HK)
no2016-12-12 15:39:002016-12-13 02:41:2949.213.13.24049-213-13-240.static.hdcdatacentre.comNot listedAS10098HENDERSON-HK Henderson Data Centre Limit[...]- Hong Kong (HK)
no2018-12-09 01:03:13never50.63.202.75ip-50-63-202-75.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-18 01:03:152018-11-25 01:02:1250.63.202.76ip-50-63-202-76.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-12 01:03:15never50.63.202.79ip-50-63-202-79.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-15 01:03:16never50.63.202.83ip-50-63-202-83.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-14 01:03:162018-12-12 01:03:1450.63.202.90ip-50-63-202-90.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-23 01:02:122018-12-11 01:03:1350.63.202.91ip-50-63-202-91.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)
no2018-11-11 01:03:16never50.63.202.92ip-50-63-202-92.ip.secureserver.netNot listedAS26496AS-26496-GO-DADDY-COM-LLC - GoDaddy.com,[...]- United States (US)

# IPs found: 16 (max. 25)

Dropped files

Latest 100 files (malware samples) dropped by this distribution site.

Firstseen (UTC)MD5 hashFilesizeVTSignature
2016-12-12 15:38:5854e8286e79b6b58dcb174a335cbb29d5152'977 bytesVirustotal results 3/55 (5.45%) n/a

Unique dropped files: 1