Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-08-02 11:18Distribution SiteLocky
totalrepalrhonda.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.49 (- United States)
2016-08-02 11:18Distribution SiteLocky
lifeserv.myarena.ru
RU-CENTER-RU62.122.213.10 (- Russian Federation)
2016-08-02 11:18Distribution SiteLocky
sancompany.ru
R01-RU92.53.96.22 (- Russian Federation)
2016-08-02 11:18Distribution SiteLocky
subbenim.atspace.com
TUCOWS DOMAINS INC.185.176.43.19 (- Bulgaria)
2016-08-02 11:18Distribution SiteLocky
dev.appleleafabstracting.com
WILD WEST DOMAINS, LLC (n/a)
2016-08-02 11:18Distribution SiteLocky
olis.atspace.com
TUCOWS DOMAINS INC.185.176.43.19 (- Bulgaria)
2016-08-02 11:18Distribution SiteLocky
breinco.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]46.183.116.203 (- Spain)
2016-08-02 11:18Distribution SiteLocky
woblk17jc.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-02 11:17Distribution SiteLocky
go4leiner.de
(n/a)
2016-08-02 11:17Distribution SiteLocky
morfaux.fr
LIGNE WEB SERVICES - LWS195.162.70.139 (- Ukraine)
2016-08-02 11:17Distribution SiteLocky
www.simons-vakantiehuisje.nl
Cronon AG81.169.145.68 (- Germany)
2016-08-02 11:17Distribution SiteLocky
russiansnow.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.48 (- United States)
2016-08-02 11:17Distribution SiteLocky
thehybrid.0catch.com
FASTDOMAIN, INC.66.219.202.10 (- United States)
2016-08-02 11:17Distribution SiteLocky
www.gioilda.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-02 11:17Distribution SiteLocky
realm-of-rage.heimat.eu
Key-Systems GmbH213.208.133.41 (- Austria)
2016-08-02 11:17Distribution SiteLocky
www.arstaelteknik.com
NICTRADE INTERNET IDENTITY PROVI[...] (n/a)
2016-08-02 06:52Payment SiteCerber
unocl45trpuoefft.4k98id.top
Eranet International Limited (n/a)
2016-08-02 06:31Payment SiteCerber
pmenboeqhyrpvomq.kswcuk.top
Eranet International Limited (n/a)
2016-08-01 23:04Payment SiteCerber
52uo5k3t73ypjije.n41n1a.top
Eranet International Limited (n/a)
2016-08-01 19:36Payment SiteCerber
52uo5k3t73ypjije.vkm4l6.top
Eranet International Limited (n/a)
2016-08-01 12:12Distribution SiteLocky
www.robtozier.com
GODADDY.COM, LLC66.230.196.22 (- United States)
2016-08-01 12:12Distribution SiteLocky
sigovka.ru
REGTIME-RU93.171.223.56 (- Russian Federation)
2016-08-01 12:11Distribution SiteLocky
certifiedbanker.org
Tucows Inc.166.63.125.135 (- United States)
2016-08-01 12:11Distribution SiteLocky
visionaero.com
NETWORK SOLUTIONS, LLC.64.71.34.45 (- United States)
2016-08-01 12:11Distribution SiteLocky
seahawkexports.com
GODADDY.COM, LLC43.242.215.197 (- India)
2016-08-01 12:11Distribution SiteLocky
abufarha.net
FASTDOMAIN, INC.208.91.199.21 (- United States)
2016-08-01 12:11Distribution SiteLocky
keven.site.aplus.net
GODADDY.COM, LLC64.29.151.221 (- United States)
2016-08-01 12:11Distribution SiteLocky
217.26.70.200
n/a
2016-08-01 12:11Distribution SiteLocky
libertymanuals.com
ENOM, INC.192.155.253.202 (- United States)
2016-08-01 12:11Distribution SiteLocky
bisericaromaneasca.ro
Romarg SRL86.106.30.71 (- Romania)
2016-08-01 12:11Distribution SiteLocky
67.23.226.139
n/a
2016-08-01 12:11Distribution SiteLocky
wordpress.pro-tiler.ru
REGRU-RU (n/a)
2016-08-01 12:11Distribution SiteLocky
openspace.pro
90.156.201.113 (- Russian Federation) +3 A record(s) 90.156.201.118 (AS48287, - Russian Federation)
90.156.201.68 (AS25532, - Russian Federation)
90.156.201.73 (AS25532, - Russian Federation)
2016-08-01 12:10Distribution SiteLocky
shagunproperty.com
GODADDY.COM, LLC43.242.215.197 (- India)
2016-08-01 12:10Distribution SiteLocky
218.228.19.9
n/a
2016-08-01 12:10Distribution SiteLocky
steelfs.com.mx
NEUBOX Internet SA de CV207.210.232.52 (- United States)
2016-08-01 12:10Distribution SiteLocky
clinic.gov.ua
212.26.132.82 (- Ukraine)
2016-08-01 12:10Distribution SiteLocky
stroymonolit.su
R01-REG-FID81.177.135.32 (- Russian Federation)
2016-08-01 12:10Distribution SiteLocky
arogyaforhealth.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]199.79.62.144 (- United States)
2016-08-01 12:10Distribution SiteLocky
uxeurope.com
NETWORK SOLUTIONS, LLC.128.65.195.128 (- Switzerland)
2016-08-01 12:10Distribution SiteLocky
paletteswapninja.com
TUCOWS DOMAINS INC.23.235.220.225 (- United States)
2016-08-01 12:09Distribution SiteLocky
darkhollowcoffee.com
TUCOWS DOMAINS INC.66.175.58.9 (- United States)
2016-08-01 12:09Payment SiteCerber
52uo5k3t73ypjije.0vgu64.top
Eranet International Limited (n/a)
2016-08-01 12:09Distribution SiteLocky
u2319351.plsk.regruhosting.ru
REGRU-RU (n/a)
2016-08-01 12:09Distribution SiteLocky
akeseverin.com
REGISTER.IT SPA192.230.80.37 (- United States) +1 A record(s) 192.230.83.37 (AS19551, - United States)
2016-08-01 12:09Distribution SiteLocky
80.109.240.71
n/a
2016-08-01 12:09Distribution SiteLocky
213.228.128.12
n/a
2016-08-01 12:09Distribution SiteLocky
121.83.206.211
n/a
2016-08-01 12:05Payment SiteLocky
zjfq4lnfbs7pncr5.onion.to
185.100.85.150 (- Romania) +1 A record(s) 192.36.27.5 (AS60729, - Sweden)
2016-08-01 12:04Payment SiteLocky
zjfq4lnfbs7pncr5.tor2web.org
Tucows Inc.185.100.85.150 (- Romania) +1 A record(s) 192.36.27.5 (AS60729, - Sweden)
2016-08-01 11:31Distribution SiteLocky
ceresiontest.c0.pl
Abc Hosting Ltd.95.211.144.68 (- Netherlands)
2016-08-01 11:31Distribution SiteLocky
www.skutovky.szm.com
GRANSY S.R.O D/B/A SUBREG.CZ85.248.42.103 (- Slovakia)
2016-08-01 11:31Distribution SiteLocky
chroffice.fr
AMEN / Agence des Médias Numér[...]81.88.57.68 (- Italy)
2016-08-01 11:31Distribution SiteLocky
idouheikin.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.48 (- United States)
2016-08-01 11:31Distribution SiteLocky
www.biologiazsg.cba.pl
Abc Hosting Ltd.95.211.144.68 (- Netherlands)
2016-08-01 11:30Distribution SiteLocky
www.erasmusensemble.org
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-08-01 11:30Distribution SiteLocky
esicadd.50webs.com
GODADDY.COM, LLC162.210.101.99 (- United States)
2016-08-01 11:30Distribution SiteLocky
125ru.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.43 (- United States)
2016-08-01 11:30Distribution SiteLocky
kuac.vtrbandaancha.net
REGISTER.COM, INC.200.83.4.62 (- Chile)
2016-08-01 11:30Distribution SiteLocky
211.115.110.218
n/a
2016-08-01 11:30Distribution SiteLocky
hrenner.gmxhome.de
213.165.64.215 (- Germany)
2016-08-01 11:30Distribution SiteLocky
trisavog.client.jp
112.140.42.29 (- Japan)
2016-08-01 11:30Distribution SiteLocky
sindipetro.com.br
187.45.195.183 (- Brazil)
2016-08-01 11:30Distribution SiteLocky
herimasu.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.49 (- United States)
2016-08-01 11:29Distribution SiteLocky
a-real.net
TUCOWS DOMAINS INC.90.156.201.102 (- Russian Federation) +3 A record(s) 90.156.201.115 (AS25532, - Russian Federation)
90.156.201.15 (AS25532, - Russian Federation)
90.156.201.87 (AS25532, - Russian Federation)
2016-08-01 11:29Distribution SiteLocky
grisuncuius.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-01 11:29Distribution SiteLocky
lobi.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-01 11:29Distribution SiteLocky
shimonokougyousho.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.45 (- United States)
2016-08-01 11:29Distribution SiteLocky
www.philippheintz.de
81.91.170.22 (- Germany)
2016-08-01 11:29Distribution SiteLocky
www.usku.home.ro
ICI - ROTLD81.196.20.133 (- Romania)
2016-08-01 11:29Distribution SiteLocky
gruppa-yug.ru
REGRU-RU37.140.192.44 (- Russian Federation)
2016-08-01 07:45Payment SiteCerber
unocl45trpuoefft.vkm4l6.top
Eranet International Limited (n/a)
2016-08-01 06:40Payment SiteCerber
unocl45trpuoefft.308an1.top
Eranet International Limited (n/a)
2016-07-31 23:30Payment SiteCerber
4kqd3hmqgptupi3p.y5j7e6.top
Eranet International Limited (n/a)
2016-07-31 23:16Payment SiteCerber
4kqd3hmqgptupi3p.as5su5.top
Eranet International Limited (n/a)
2016-07-31 23:05Botnet C&CLocky
217.12.203.233
217.12.203.233 (- Bulgaria)
2016-07-31 23:05Botnet C&CLocky
qvdgqayo.pw
Namecheap208.100.26.234 (- United States)
2016-07-31 22:34Payment SiteCerber
4kqd3hmqgptupi3p.bnctf6.top
Eranet International Limited (n/a)
2016-07-31 19:20Payment SiteCerber
52uo5k3t73ypjije.kzo8mc.top
Eranet International Limited (n/a)
2016-07-31 18:20Botnet C&CLocky
91.230.211.139
91.230.211.139 (- Russian Federation)
2016-07-31 15:58Payment SiteCerber
52uo5k3t73ypjije.v11z5e.top
Alpnames Limited (n/a)
2016-07-31 13:46Payment SiteCerber
pmenboeqhyrpvomq.0vgu64.top
Eranet International Limited (n/a)
2016-07-31 13:03Botnet C&CLocky
37.139.30.95
37.139.30.95 (- Netherlands)
2016-07-31 09:22Payment SiteCerber
pmenboeqhyrpvomq.r21wmw.top
Eranet International Limited (n/a)
2016-07-31 06:45Payment SiteCerber
pmenboeqhyrpvomq.vkm4l6.top
Eranet International Limited (n/a)
2016-07-31 06:23Payment SiteCerber
unocl45trpuoefft.1de02r.top
Eranet International Limited (n/a)
2016-07-31 05:55Payment SiteCerber
52uo5k3t73ypjije.e6in0v.top
Eranet International Limited (n/a)
2016-07-30 19:50Payment SiteCerber
4kqd3hmqgptupi3p.4k9xlx.top
Eranet International Limited (n/a)
2016-07-30 17:26Botnet C&CLocky
hycninyxuaa.xyz
Namecheap208.100.26.234 (- United States)
2016-07-30 10:02Botnet C&CLocky
toxnwbkoulii.pw
Namecheap208.100.26.234 (- United States)
2016-07-30 07:49Botnet C&CPayCrypt
print-pack.club
Hosting Ukraine LLC.185.68.16.115 (- Ukraine)
2016-07-29 21:06Payment SiteCerber
52uo5k3t73ypjije.4nf7ij.top
Eranet International Limited (n/a)
2016-07-29 21:02Payment SiteCerber
4kqd3hmqgptupi3p.r21wmw.top
Eranet International Limited (n/a)
2016-07-29 18:11Botnet C&CLocky
91.195.12.143
91.195.12.143 (- Ukraine)
2016-07-29 15:58Payment SiteCerber
4kqd3hmqgptupi3p.0vgu64.top
Eranet International Limited (n/a)
2016-07-29 15:46Payment SiteCerber
52uo5k3t73ypjije.40wiai.top
Eranet International Limited (n/a)
2016-07-29 15:09Payment SiteCerber
4kqd3hmqgptupi3p.vkm4l6.top
Eranet International Limited (n/a)
2016-07-29 15:08Payment SiteCerber
pmenboeqhyrpvomq.pap44w.top
Eranet International Limited (n/a)
2016-07-29 13:59Payment SiteCerber
pmenboeqhyrpvomq.bnctf6.top
Eranet International Limited (n/a)
2016-07-29 12:12Distribution SiteLocky
jyoumon.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.45 (- United States)

# of rows displayed: 100
# of entries in database: 9'210

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 >