Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-08-01 12:09Distribution SiteLocky
213.228.128.12
n/a
2016-08-01 12:09Distribution SiteLocky
80.109.240.71
n/a
2016-08-01 12:09Distribution SiteLocky
213.228.128.12
n/a
2016-08-01 12:09Distribution SiteLocky
akva-sarat.nichost.ru
RU-CENTER-RU195.208.1.109 (- Russian Federation)
2016-08-01 12:09Distribution SiteLocky
121.83.206.211
n/a
2016-08-01 12:05Payment SiteLocky
zjfq4lnfbs7pncr5.onion.to
185.100.85.150 (- Romania) +1 A record(s) 192.36.27.5 (AS60729, - Sweden)
2016-08-01 12:04Payment SiteLocky
zjfq4lnfbs7pncr5.tor2web.org
Tucows Inc.185.100.85.150 (- Romania) +1 A record(s) 192.36.27.5 (AS60729, - Sweden)
2016-08-01 11:31Distribution SiteLocky
ceresiontest.c0.pl
Abc Hosting Ltd.95.211.144.68 (- Netherlands)
2016-08-01 11:31Distribution SiteLocky
www.skutovky.szm.com
GRANSY S.R.O D/B/A SUBREG.CZ85.248.42.103 (- Slovakia)
2016-08-01 11:31Distribution SiteLocky
chroffice.fr
AMEN / Agence des Médias Numér[...]81.88.57.68 (- Italy)
2016-08-01 11:31Distribution SiteLocky
idouheikin.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.48 (- United States)
2016-08-01 11:31Distribution SiteLocky
www.biologiazsg.cba.pl
Abc Hosting Ltd.95.211.144.68 (- Netherlands)
2016-08-01 11:30Distribution SiteLocky
www.erasmusensemble.org
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-08-01 11:30Distribution SiteLocky
esicadd.50webs.com
GODADDY.COM, LLC162.210.101.99 (- United States)
2016-08-01 11:30Distribution SiteLocky
125ru.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.43 (- United States)
2016-08-01 11:30Distribution SiteLocky
kuac.vtrbandaancha.net
REGISTER.COM, INC.200.83.4.62 (- Chile)
2016-08-01 11:30Distribution SiteLocky
211.115.110.218
n/a
2016-08-01 11:30Distribution SiteLocky
hrenner.gmxhome.de
213.165.64.215 (- Germany)
2016-08-01 11:30Distribution SiteLocky
trisavog.client.jp
112.140.42.29 (- Japan)
2016-08-01 11:30Distribution SiteLocky
sindipetro.com.br
187.45.195.183 (- Brazil)
2016-08-01 11:30Distribution SiteLocky
herimasu.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.49 (- United States)
2016-08-01 11:29Distribution SiteLocky
a-real.net
TUCOWS DOMAINS INC.90.156.201.102 (- Russian Federation) +3 A record(s) 90.156.201.115 (AS25532, - Russian Federation)
90.156.201.30 (AS25532, - Russian Federation)
90.156.201.87 (AS25532, - Russian Federation)
2016-08-01 11:29Distribution SiteLocky
grisuncuius.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-01 11:29Distribution SiteLocky
lobi.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-01 11:29Distribution SiteLocky
shimonokougyousho.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.45 (- United States)
2016-08-01 11:29Distribution SiteLocky
www.philippheintz.de
81.91.170.22 (- Germany)
2016-08-01 11:29Distribution SiteLocky
www.usku.home.ro
ICI - ROTLD81.196.20.133 (- Romania)
2016-08-01 11:29Distribution SiteLocky
gruppa-yug.ru
REGRU-RU37.140.192.44 (- Russian Federation)
2016-08-01 07:45Payment SiteCerber
unocl45trpuoefft.vkm4l6.top
Eranet International Limited (n/a)
2016-08-01 06:40Payment SiteCerber
unocl45trpuoefft.308an1.top
Eranet International Limited (n/a)
2016-07-31 23:30Payment SiteCerber
4kqd3hmqgptupi3p.y5j7e6.top
Eranet International Limited (n/a)
2016-07-31 23:16Payment SiteCerber
4kqd3hmqgptupi3p.as5su5.top
Eranet International Limited (n/a)
2016-07-31 23:05Botnet C&CLocky
qvdgqayo.pw
Namecheap208.100.26.234 (- United States)
2016-07-31 23:05Botnet C&CLocky
217.12.203.233
217.12.203.233 (- Bulgaria)
2016-07-31 22:34Payment SiteCerber
4kqd3hmqgptupi3p.bnctf6.top
Eranet International Limited (n/a)
2016-07-31 19:20Payment SiteCerber
52uo5k3t73ypjije.kzo8mc.top
Eranet International Limited (n/a)
2016-07-31 18:20Botnet C&CLocky
91.230.211.139
91.230.211.139 (- Russian Federation)
2016-07-31 15:58Payment SiteCerber
52uo5k3t73ypjije.v11z5e.top
Alpnames Limited (n/a)
2016-07-31 13:46Payment SiteCerber
pmenboeqhyrpvomq.0vgu64.top
Eranet International Limited (n/a)
2016-07-31 13:03Botnet C&CLocky
37.139.30.95
37.139.30.95 (- Netherlands)
2016-07-31 09:22Payment SiteCerber
pmenboeqhyrpvomq.r21wmw.top
Eranet International Limited (n/a)
2016-07-31 06:45Payment SiteCerber
pmenboeqhyrpvomq.vkm4l6.top
Eranet International Limited (n/a)
2016-07-31 06:23Payment SiteCerber
unocl45trpuoefft.1de02r.top
Eranet International Limited (n/a)
2016-07-31 05:55Payment SiteCerber
52uo5k3t73ypjije.e6in0v.top
Eranet International Limited (n/a)
2016-07-30 19:50Payment SiteCerber
4kqd3hmqgptupi3p.4k9xlx.top
Eranet International Limited (n/a)
2016-07-30 17:26Botnet C&CLocky
hycninyxuaa.xyz
Namecheap208.100.26.234 (- United States)
2016-07-30 10:02Botnet C&CLocky
toxnwbkoulii.pw
Namecheap208.100.26.234 (- United States)
2016-07-30 07:49Botnet C&CPayCrypt
print-pack.club
Hosting Ukraine LLC.185.68.16.115 (- Ukraine)
2016-07-30 07:49Botnet C&CPayCrypt
print-pack.club
Hosting Ukraine LLC.185.68.16.115 (- Ukraine)
2016-07-29 21:06Payment SiteCerber
52uo5k3t73ypjije.4nf7ij.top
Eranet International Limited (n/a)
2016-07-29 21:02Payment SiteCerber
4kqd3hmqgptupi3p.r21wmw.top
Eranet International Limited (n/a)
2016-07-29 18:11Botnet C&CLocky
91.195.12.143
91.195.12.143 (- Ukraine)
2016-07-29 15:58Payment SiteCerber
4kqd3hmqgptupi3p.0vgu64.top
Eranet International Limited (n/a)
2016-07-29 15:46Payment SiteCerber
52uo5k3t73ypjije.40wiai.top
Eranet International Limited (n/a)
2016-07-29 15:09Payment SiteCerber
4kqd3hmqgptupi3p.vkm4l6.top
Eranet International Limited (n/a)
2016-07-29 15:08Payment SiteCerber
pmenboeqhyrpvomq.pap44w.top
Eranet International Limited (n/a)
2016-07-29 13:59Payment SiteCerber
pmenboeqhyrpvomq.bnctf6.top
Eranet International Limited (n/a)
2016-07-29 12:12Distribution SiteLocky
jyoumon.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.45 (- United States)
2016-07-29 12:12Distribution SiteLocky
vova318.vline.ru
R01-RU91.196.138.200 (- Russian Federation)
2016-07-29 12:12Distribution SiteLocky
handball-literatur.de
195.3.251.129 (- Germany)
2016-07-29 12:12Distribution SiteLocky
joslinsalesltd.com
NETWORK SOLUTIONS, LLC.23.236.62.147 (- United States)
2016-07-29 12:12Distribution SiteLocky
alci.dommel.be
SCHEDOM NV / DOMMEL.COM193.109.184.81 (- Belgium)
2016-07-29 12:12Distribution SiteLocky
minocki.republika.pl
Domeny.pl sp. z o.o.213.180.150.17 (- Poland)
2016-07-29 12:12Distribution SiteLocky
fcc-thechamps.de
(n/a)
2016-07-29 12:12Distribution SiteLocky
zauber-fred.de
(n/a)
2016-07-29 12:12Distribution SiteLocky
ratnam.fx.perso.sfr.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-07-29 12:12Distribution SiteLocky
www.attivita-antroposofiche-roma.org
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-07-29 12:12Distribution SiteLocky
intracorpwestsidecollection.com
ENOM, INC.192.199.204.103 (- Canada)
2016-07-29 12:11Distribution SiteLocky
80.241.232.207
n/a
2016-07-29 12:11Distribution SiteLocky
impregui.com
10DENCEHISPAHARD, S.L134.0.11.184 (- Spain)
2016-07-29 12:11Distribution SiteLocky
www.astool.com
NETWORK SOLUTIONS, LLC.211.72.206.50 (- Taiwan)
2016-07-29 12:11Distribution SiteLocky
newt150.tripod.com
CSC CORPORATE DOMAINS, INC.209.202.252.66 (- United States)
2016-07-29 12:11Distribution SiteLocky
senzai.nobu-naga.net
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-07-29 12:11Distribution SiteLocky
theuniongroup.com
TIERRANET INC. D/B/A DOMAINDISCO[...]204.174.223.203 (- Canada)
2016-07-29 12:11Distribution SiteLocky
agazoumi.com
ENOM, INC.69.64.147.36 (- United States)
2016-07-29 12:11Distribution SiteLocky
211.18.200.4
n/a
2016-07-29 12:11Distribution SiteLocky
childmoon.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.61 (- United States)
2016-07-29 12:11Distribution SiteLocky
minocki.republika.pl
Domeny.pl sp. z o.o.213.180.150.17 (- Poland)
2016-07-29 12:11Distribution SiteLocky
www.istruiscus.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-07-29 12:11Distribution SiteLocky
oleanderhome.com
WILD WEST DOMAINS, LLC107.180.50.233 (- United States)
2016-07-29 12:11Distribution SiteLocky
www.ferresur.es
212.34.140.236 (- Spain)
2016-07-29 12:11Distribution SiteLocky
www.dukewayne.talktalk.net
ASCIO TECHNOLOGIES, INC. DANMARK[...]62.24.202.31 (- United Kingdom)
2016-07-29 12:10Distribution SiteLocky
www.damasoinfante.com
10DENCEHISPAHARD, S.L134.0.11.154 (- Spain)
2016-07-29 12:10Distribution SiteLocky
www.istruiscus.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-07-29 12:10Distribution SiteLocky
blekitniproba.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-07-29 12:10Distribution SiteLocky
www.erikacostruzioni.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-07-29 12:10Distribution SiteLocky
kenestyonline.com
GODADDY.COM, LLC192.186.247.66 (- United States)
2016-07-29 12:10Distribution SiteLocky
inhouserecording.atspace.com
TUCOWS DOMAINS INC.185.176.43.19 (- Bulgaria)
2016-07-29 12:10Distribution SiteLocky
wbbs176.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.37 (- United States)
2016-07-29 12:10Distribution SiteLocky
azmusclemart.com
GODADDY.COM, LLC198.169.132.19 (- Canada)
2016-07-29 12:10Distribution SiteLocky
garo903.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.45 (- United States)
2016-07-29 12:10Distribution SiteLocky
www.fotosdelburgo.com
NORDNET62.37.237.62 (- Spain)
2016-07-29 12:10Distribution SiteLocky
smc.psuti.ru
NAUNET-RU94.25.37.27 (- Russian Federation)
2016-07-29 12:10Distribution SiteLocky
www.snvl-ptrc.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-07-29 12:10Distribution SiteLocky
www.13one.de
81.169.145.92 (- Germany)
2016-07-29 12:10Distribution SiteLocky
amandinearmand.perso.sfr.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-07-29 12:10Distribution SiteLocky
wn420pjpa.homepage.t-online.de
80.150.6.138 (- Germany)
2016-07-29 12:10Distribution SiteLocky
voisin-sa.com
ELB GROUP, INC.91.191.158.152 (- France)
2016-07-29 12:09Distribution SiteLocky
wktkwkbaaan.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.61 (- United States)
2016-07-29 12:09Distribution SiteLocky
hw.srca.org
GoDaddy.com, LLC192.186.224.37 (- United States)

# of rows displayed: 100
# of entries in database: 12'863

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 >