Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-08-03 06:11Distribution SiteLocky
www.carrelliusati.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-03 06:11Distribution SiteLocky
hitoribotch.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.49 (- United States)
2016-08-03 06:11Distribution SiteLocky
www.sashraf.plus.com
ENOM, INC.212.159.8.91 (- United Kingdom) +1 A record(s) 212.159.9.91 (AS6871, - United Kingdom)
2016-08-03 06:10Distribution SiteLocky
miyadu.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.37 (- United States)
2016-08-03 06:10Distribution SiteLocky
essenciadoequilibrio.net
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]185.90.56.166 (- Portugal)
2016-08-03 06:10Distribution SiteLocky
locogallery.com
FASTDOMAIN, INC.74.220.199.6 (- United States)
2016-08-03 06:10Distribution SiteLocky
www.bagana.net
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-03 06:10Distribution SiteLocky
nedayepak.ir
(n/a)
2016-08-03 06:10Distribution SiteLocky
www.stucchifedele.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-03 06:10Distribution SiteLocky
go4leiner.de
(n/a)
2016-08-03 06:10Distribution SiteLocky
www.puntoit-informatica.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-03 06:10Distribution SiteLocky
sugetipula12.hi2.ro
ICI - ROTLD (n/a)
2016-08-03 06:10Distribution SiteLocky
namarinoko.hariko.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-08-03 06:10Distribution SiteLocky
www.closecombat.mynetcologne.de
81.173.246.8 (- Germany)
2016-08-03 06:10Distribution SiteLocky
www.jansen-consultancy-machines.be
Telenet BVBA195.130.132.84 (- Belgium)
2016-08-03 06:10Distribution SiteLocky
www.arstaelteknik.com
NICTRADE INTERNET IDENTITY PROVI[...] (n/a)
2016-08-03 06:10Distribution SiteLocky
www.networkerakademie.de
89.107.64.200 (- Germany)
2016-08-02 21:30Payment SiteCerber
52uo5k3t73ypjije.4k9xlx.top
Eranet International Limited (n/a)
2016-08-02 19:35Payment SiteCerber
unocl45trpuoefft.og5ezh.top
Eranet International Limited (n/a)
2016-08-02 11:20Distribution SiteLocky
www.bagana.net
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-02 11:19Distribution SiteLocky
system-inka.de
81.169.145.69 (- Germany)
2016-08-02 11:19Distribution SiteLocky
gebetech.at
92.63.216.53 (- Austria)
2016-08-02 11:19Distribution SiteLocky
www.serial-production.com
EPAG DOMAINSERVICES GMBH78.46.57.207 (- Germany)
2016-08-02 11:19Distribution SiteLocky
itconcept.md
195.178.106.24 (- Moldova)
2016-08-02 11:19Distribution SiteLocky
www.cosentinoarredamenti.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]46.254.39.57 (- Italy)
2016-08-02 11:19Distribution SiteLocky
tvoy-android.com
HOSTING UKRAINE LLC185.68.16.83 (- Ukraine)
2016-08-02 11:19Distribution SiteLocky
exportwroclaw.cba.pl
Abc Hosting Ltd.95.211.144.68 (- Netherlands)
2016-08-02 11:19Distribution SiteLocky
cinerd.info
GoDaddy.com, LLC (n/a)
2016-08-02 11:19Distribution SiteLocky
terminatorzy.cba.pl
Abc Hosting Ltd.95.211.144.68 (- Netherlands)
2016-08-02 11:19Distribution SiteLocky
siteriqi.bget.ru
R01-RU87.236.19.39 (- Russian Federation)
2016-08-02 11:19Distribution SiteLocky
wt7dzbn78.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-02 11:19Distribution SiteLocky
essenciadoequilibrio.net
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]185.90.56.166 (- Portugal)
2016-08-02 11:19Distribution SiteLocky
setcoop.com.br
187.45.240.45 (- Brazil)
2016-08-02 11:19Distribution SiteLocky
212.26.129.68
n/a
2016-08-02 11:19Distribution SiteLocky
madiv.ru
RU-CENTER-RU79.174.78.153 (- Russian Federation)
2016-08-02 11:19Distribution SiteLocky
my-result.ru
RU-CENTER-RU (n/a)
2016-08-02 11:19Distribution SiteLocky
158.199.158.185
n/a
2016-08-02 11:18Distribution SiteLocky
clinic.gov.ua
212.26.132.82 (- Ukraine)
2016-08-02 11:18Distribution SiteLocky
ecpi.ro
Romarg SRL89.42.223.64 (- Romania)
2016-08-02 11:18Distribution SiteLocky
jhengineering.szm.com
GRANSY S.R.O D/B/A SUBREG.CZ85.248.42.103 (- Slovakia)
2016-08-02 11:18Distribution SiteLocky
www.stucchifedele.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-02 11:18Distribution SiteLocky
plasseramerican.net
NETWORK SOLUTIONS, LLC. (n/a)
2016-08-02 11:18Distribution SiteLocky
psclimat.ru
NETHOUSE-RU185.93.108.90 (- Russian Federation)
2016-08-02 11:18Distribution SiteLocky
rsxxx.com
DNC HOLDINGS, INC.69.50.139.6 (- United States)
2016-08-02 11:18Distribution SiteLocky
alex-walter.de
109.237.138.44 (- Germany)
2016-08-02 11:18Distribution SiteLocky
www.cafealaska.es
62.42.230.17 (- Spain)
2016-08-02 11:18Distribution SiteLocky
beate-oberle-kosmetik.de
81.169.145.93 (- Germany)
2016-08-02 11:18Distribution SiteLocky
totalrepalrhonda.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.49 (- United States)
2016-08-02 11:18Distribution SiteLocky
lifeserv.myarena.ru
RU-CENTER-RU62.122.213.10 (- Russian Federation)
2016-08-02 11:18Distribution SiteLocky
sancompany.ru
R01-RU92.53.96.22 (- Russian Federation)
2016-08-02 11:18Distribution SiteLocky
subbenim.atspace.com
TUCOWS DOMAINS INC.185.176.43.19 (- Bulgaria)
2016-08-02 11:18Distribution SiteLocky
dev.appleleafabstracting.com
WILD WEST DOMAINS, LLC (n/a)
2016-08-02 11:18Distribution SiteLocky
olis.atspace.com
TUCOWS DOMAINS INC.185.176.43.19 (- Bulgaria)
2016-08-02 11:18Distribution SiteLocky
breinco.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]46.183.116.203 (- Spain)
2016-08-02 11:18Distribution SiteLocky
woblk17jc.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-02 11:17Distribution SiteLocky
go4leiner.de
(n/a)
2016-08-02 11:17Distribution SiteLocky
acnek.com
GODADDY.COM, LLC160.153.90.134 (- United States)
2016-08-02 11:17Distribution SiteLocky
morfaux.fr
LIGNE WEB SERVICES - LWS195.162.70.139 (- Ukraine)
2016-08-02 11:17Distribution SiteLocky
www.simons-vakantiehuisje.nl
Cronon AG81.169.145.68 (- Germany)
2016-08-02 11:17Distribution SiteLocky
russiansnow.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.48 (- United States)
2016-08-02 11:17Distribution SiteLocky
thehybrid.0catch.com
FASTDOMAIN, INC.66.219.202.10 (- United States)
2016-08-02 11:17Distribution SiteLocky
www.gioilda.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-02 11:17Distribution SiteLocky
realm-of-rage.heimat.eu
Key-Systems GmbH213.208.133.41 (- Austria)
2016-08-02 11:17Distribution SiteLocky
www.arstaelteknik.com
NICTRADE INTERNET IDENTITY PROVI[...] (n/a)
2016-08-02 06:52Payment SiteCerber
unocl45trpuoefft.4k98id.top
Eranet International Limited (n/a)
2016-08-02 06:31Payment SiteCerber
pmenboeqhyrpvomq.kswcuk.top
Eranet International Limited (n/a)
2016-08-01 23:04Payment SiteCerber
52uo5k3t73ypjije.n41n1a.top
Eranet International Limited (n/a)
2016-08-01 19:36Payment SiteCerber
52uo5k3t73ypjije.vkm4l6.top
Eranet International Limited (n/a)
2016-08-01 12:12Distribution SiteLocky
www.robtozier.com
GODADDY.COM, LLC66.230.196.22 (- United States)
2016-08-01 12:12Distribution SiteLocky
schlebach.25mm.ru
R01-RU93.171.222.110 (- Russian Federation)
2016-08-01 12:12Distribution SiteLocky
sigovka.ru
REGTIME-RU93.171.223.56 (- Russian Federation)
2016-08-01 12:11Distribution SiteLocky
certifiedbanker.org
Tucows Inc.166.63.125.135 (- United States)
2016-08-01 12:11Distribution SiteLocky
visionaero.com
NETWORK SOLUTIONS, LLC.64.71.34.45 (- United States)
2016-08-01 12:11Distribution SiteLocky
seahawkexports.com
GODADDY.COM, LLC43.242.215.197 (- India)
2016-08-01 12:11Distribution SiteLocky
abufarha.net
FASTDOMAIN, INC.208.91.199.21 (- United States)
2016-08-01 12:11Distribution SiteLocky
keven.site.aplus.net
GODADDY.COM, LLC64.29.151.221 (- United States)
2016-08-01 12:11Distribution SiteLocky
217.26.70.200
n/a
2016-08-01 12:11Distribution SiteLocky
libertymanuals.com
ENOM, INC.192.155.253.202 (- United States)
2016-08-01 12:11Distribution SiteLocky
bisericaromaneasca.ro
Romarg SRL86.106.30.71 (- Romania)
2016-08-01 12:11Distribution SiteLocky
67.23.226.139
n/a
2016-08-01 12:11Distribution SiteLocky
wordpress.pro-tiler.ru
REGRU-RU (n/a)
2016-08-01 12:11Distribution SiteLocky
tvoy-android.com
HOSTING UKRAINE LLC185.68.16.83 (- Ukraine)
2016-08-01 12:11Distribution SiteLocky
openspace.pro
90.156.201.113 (- Russian Federation) +3 A record(s) 90.156.201.118 (AS48287, - Russian Federation)
90.156.201.70 (AS25532, - Russian Federation)
90.156.201.73 (AS25532, - Russian Federation)
2016-08-01 12:10Distribution SiteLocky
shagunproperty.com
GODADDY.COM, LLC43.242.215.197 (- India)
2016-08-01 12:10Distribution SiteLocky
218.228.19.9
n/a
2016-08-01 12:10Distribution SiteLocky
steelfs.com.mx
NEUBOX Internet SA de CV207.210.232.52 (- United States)
2016-08-01 12:10Distribution SiteLocky
clinic.gov.ua
212.26.132.82 (- Ukraine)
2016-08-01 12:10Distribution SiteLocky
79.96.153.93
(n/a)
2016-08-01 12:10Distribution SiteLocky
stroymonolit.su
R01-REG-FID81.177.135.32 (- Russian Federation)
2016-08-01 12:10Distribution SiteLocky
darkhollowcoffee.com
TUCOWS DOMAINS INC.66.175.58.9 (- United States)
2016-08-01 12:10Distribution SiteLocky
climairuk.com
LCN.COM LTD.85.118.237.109 (- United Kingdom)
2016-08-01 12:10Distribution SiteLocky
arogyaforhealth.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]199.79.62.144 (- United States)
2016-08-01 12:10Distribution SiteLocky
bobbysinghwpg.com
GODADDY.COM, LLC192.186.246.98 (- United States)
2016-08-01 12:10Distribution SiteLocky
uxeurope.com
NETWORK SOLUTIONS, LLC.128.65.195.128 (- Switzerland)
2016-08-01 12:10Distribution SiteLocky
paletteswapninja.com
TUCOWS DOMAINS INC.23.235.220.225 (- United States)
2016-08-01 12:09Distribution SiteLocky
darkhollowcoffee.com
TUCOWS DOMAINS INC.66.175.58.9 (- United States)
2016-08-01 12:09Payment SiteCerber
52uo5k3t73ypjije.0vgu64.top
Eranet International Limited (n/a)
2016-08-01 12:09Distribution SiteLocky
u2319351.plsk.regruhosting.ru
REGRU-RU (n/a)
2016-08-01 12:09Distribution SiteLocky
akeseverin.com
REGISTER.IT SPA192.230.80.37 (- United States) +1 A record(s) 192.230.83.37 (AS19551, - United States)
2016-08-01 12:09Distribution SiteLocky
gp-logistics.ru
R01-RU77.222.40.38 (- Russian Federation)

# of rows displayed: 100
# of entries in database: 12'863

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 >