Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2017-02-01 16:28Botnet C&CLocky
93.170.123.185
93.170.123.185 (- Czech Republic)
2017-01-30 07:57Payment SiteCerber
p27dokhpz2n7nvgr.13gmvm.top
Eranet International Limited (n/a)
2017-01-29 01:18Botnet C&CLocky
88.214.237.45
88.214.237.45 (- Russian Federation)
2017-01-27 12:31Payment SiteCerber
p27dokhpz2n7nvgr.1jw2lx.top
Eranet International Limited (n/a)
2017-01-26 22:07Payment SiteCerber
pe2cku7pebkpgeko.1plugt.top
Eranet International Limited (n/a)
2017-01-26 16:26Payment SiteCerber
p27dokhpz2n7nvgr.1plugt.top
Eranet International Limited (n/a)
2017-01-26 09:37Payment SiteCerber
p27dokhpz2n7nvgr.1cpy1q.top
Eranet International Limited (n/a)
2017-01-25 19:59Payment SiteCerber
p27dokhpz2n7nvgr.15nhsf.top
Eranet International Limited (n/a)
2017-01-25 11:03Payment SiteCerber
p27dokhpz2n7nvgr.14gmtu.top
Eranet International Limited (n/a)
2017-01-25 09:09Payment SiteCerber
ffoqr3ug7m726zou.14gmtu.top
Eranet International Limited (n/a)
2017-01-25 02:11Botnet C&CLocky
46.17.40.234
46.17.40.234 (- Russian Federation)
2017-01-24 16:43Payment SiteCerber
p27dokhpz2n7nvgr.1321z6.top
Eranet International Limited (n/a)
2017-01-24 15:57Payment SiteCerber
ffoqr3ug7m726zou.1321z6.top
Eranet International Limited (n/a)
2017-01-24 07:44Payment SiteCerber
p27dokhpz2n7nvgr.16ay2s.top
Eranet International Limited (n/a)
2017-01-23 16:03Payment SiteCerber
p27dokhpz2n7nvgr.1dp6un.top
Eranet International Limited (n/a)
2017-01-22 06:58Payment SiteCerber
p27dokhpz2n7nvgr.16fohp.top
Eranet International Limited (n/a)
2017-01-21 10:16Payment SiteCerber
p27dokhpz2n7nvgr.1bniyw.top
Eranet International Limited (n/a)
2017-01-21 07:47Payment SiteCerber
p27dokhpz2n7nvgr.1em2j4.top
Eranet International Limited (n/a)
2017-01-20 07:57Payment SiteCerber
p27dokhpz2n7nvgr.1chy1m.top
Eranet International Limited (n/a)
2017-01-20 03:27Payment SiteCerber
p27dokhpz2n7nvgr.1kja1j.top
Eranet International Limited (n/a)
2017-01-19 19:09Payment SiteCerber
p27dokhpz2n7nvgr.1dlcbk.top
Eranet International Limited (n/a)
2017-01-19 11:19Botnet C&CLocky
194.31.59.5
194.31.59.5 (- Russian Federation)
2017-01-19 09:29Botnet C&CLocky
91.237.247.24
91.237.247.24 (- Ukraine)
2017-01-17 07:47Distribution SiteCerber
i01001.dgn.vn
103.243.107.120 (- Vietnam)
2017-01-17 04:02Payment SiteCerber
p27dokhpz2n7nvgr.15l2ub.top
Eranet International Limited (n/a)
2017-01-15 11:34Payment SiteCerber
p27dokhpz2n7nvgr.1pbu64.top
Eranet International Limited (n/a)
2017-01-15 09:37Payment SiteCerber
p27dokhpz2n7nvgr.12gzrv.top
Eranet International Limited (n/a)
2017-01-14 10:21Payment SiteCerber
p27dokhpz2n7nvgr.15rnwa.top
Eranet International Limited (n/a)
2017-01-12 19:37Botnet C&CLocky
195.123.211.6
195.123.211.6 (- Latvia)
2017-01-12 14:44Botnet C&CLocky
188.127.239.53
188.127.239.53 (- Russian Federation)
2017-01-03 21:56Botnet C&CLocky
91.210.166.51
91.210.166.51 (- Ukraine)
2017-01-03 21:56Botnet C&CLocky
193.32.68.48
193.32.68.48 (- Europe)
2016-12-29 21:07Botnet C&CLocky
91.230.211.187
91.230.211.187 (- Russian Federation)
2016-12-29 13:02Payment SiteCerber
ffoqr3ug7m726zou.1mwipu.top
Eranet International Limited (n/a)
2016-12-29 11:49Payment SiteCerber
p27dokhpz2n7nvgr.1mwipu.top
Eranet International Limited (n/a)
2016-12-29 10:38Payment SiteCerber
pe2cku7pebkpgeko.1mwipu.top
Eranet International Limited (n/a)
2016-12-29 09:04Botnet C&CLocky
185.14.29.64
185.14.29.64 (- Netherlands)
2016-12-28 15:17Botnet C&CLocky
ks-davis.com
GRANSY S.R.O D/B/A SUBREG.CZn/a
2016-12-28 05:43Payment SiteCerber
avsxrcoq2q5fgrw2.1mwipu.top
Eranet International Limited (n/a)
2016-12-27 19:27Distribution SiteCerber
igoodsnd.wang
Todaynic com Inc (n/a)
2016-12-27 19:26Distribution SiteCerber
www.dealkolld.top
Eranet International Limited (n/a)
2016-12-27 19:26Distribution SiteCerber
newgiftnd.wang
Todaynic com Inc (n/a)
2016-12-27 19:24Distribution SiteCerber
newgiftst.top
Eranet International Limited (n/a)
2016-12-26 08:00Payment SiteCerber
pe2cku7pebkpgeko.1pr21c.top
Eranet International Limited (n/a)
2016-12-25 04:46Payment SiteCerber
ftoxmpdipwobp4qy.1gtx3p.top
Eranet International Limited (n/a)
2016-12-25 03:32Payment SiteCerber
fnmi62725zfti2vy.1gtx3p.top
Eranet International Limited (n/a)
2016-12-25 02:56Payment SiteCerber
ffoqr3ug7m726zou.1gtx3p.top
Eranet International Limited (n/a)
2016-12-25 01:26Payment SiteCerber
pe2cku7pebkpgeko.1gtx3p.top
Eranet International Limited (n/a)
2016-12-24 21:09Payment SiteCerber
avsxrcoq2q5fgrw2.1gtx3p.top
Eranet International Limited (n/a)
2016-12-23 06:21Distribution SiteLocky
pozsgaiingatlan.hu
195.56.148.87 (- Hungary)
2016-12-23 06:21Distribution SiteLocky
spmoya-semya.ru
REGRU-RU93.170.253.156 (- Netherlands)
2016-12-23 06:20Distribution SiteLocky
agri-host.us
WILD WEST DOMAINS, INC.65.39.128.42 (- United States)
2016-12-23 06:20Distribution SiteLocky
ldagnes.pl
Consulting Service Sp. z o.o.136.243.15.169 (- Germany)
2016-12-23 06:20Distribution SiteLocky
jltl.net
CHENGDU WEST DIMENSION DIGITAL T[...]103.254.151.60 (- Hong Kong)
2016-12-23 06:20Distribution SiteLocky
jayacoat-industries.com.my
116.0.121.235 (- Malaysia)
2016-12-23 06:20Distribution SiteLocky
habets.info
Realtime Register B.V.185.182.56.63 (- Netherlands)
2016-12-23 06:20Distribution SiteLocky
cielitodrive.com
GODADDY.COM, LLC107.180.41.152 (- United States)
2016-12-23 06:20Distribution SiteLocky
handicraftmag.com
ONLINENIC, INC.27.254.33.31 (- Thailand)
2016-12-23 06:20Distribution SiteLocky
g2cteknoloji.com
REG2C.COM, INC.185.40.86.11 (- Turkey)
2016-12-23 06:19Distribution SiteLocky
lucianasaliani.com
FASTDOMAIN, INC. (n/a)
2016-12-23 06:19Distribution SiteLocky
dwdesigns.us
REGISTER.COM, INC. (n/a)
2016-12-23 06:19Distribution SiteLocky
hostalmilabi.com
GODADDY.COM, LLC192.185.173.86 (- United States)
2016-12-23 06:19Distribution SiteLocky
aministudio.com
GODADDY.COM, LLC69.28.199.100 (- Canada)
2016-12-23 06:19Distribution SiteLocky
yuccavalleyquicklube.com
GODADDY.COM, LLC160.153.33.165 (- United States)
2016-12-23 06:19Distribution SiteLocky
1maximus.ru
REGRU-RU159.253.18.37 (- Estonia)
2016-12-23 06:19Distribution SiteLocky
ivankhoo.com
TUCOWS DOMAINS INC.145.14.144.186 (- United States)
2016-12-23 06:19Distribution SiteLocky
alaliengineering.net
GODADDY.COM, LLC192.254.186.159 (- United States)
2016-12-23 06:18Distribution SiteLocky
kakamiao.com
HICHINA ZHICHENG TECHNOLOGY LTD.114.215.192.40 (- China)
2016-12-23 06:18Distribution SiteLocky
graficoarts.com
GODADDY.COM, LLC166.62.30.147 (- United States)
2016-12-23 06:18Distribution SiteLocky
izmirisgb.com
FBS INC. (n/a)
2016-12-23 06:18Distribution SiteLocky
lomtour.com
NAME.COM, INC.203.146.26.85 (- Thailand)
2016-12-23 06:18Distribution SiteLocky
corlouis.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]209.99.40.223 (- United States)
2016-12-23 06:18Distribution SiteLocky
kayju.com
GODADDY.COM, LLC108.160.159.123 (- United States)
2016-12-23 06:18Distribution SiteLocky
mass-appeal.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]157.7.188.226 (- Japan)
2016-12-23 06:17Distribution SiteLocky
www.judo-hattingen.de
217.160.231.175 (- Germany)
2016-12-23 05:34Payment SiteCerber
pe2cku7pebkpgeko.199ovv.top
Eranet International Limited (n/a)
2016-12-23 02:59Payment SiteCerber
avsxrcoq2q5fgrw2.199ovv.top
Eranet International Limited (n/a)
2016-12-23 00:50Payment SiteCerber
ftoxmpdipwobp4qy.199ovv.top
Eranet International Limited (n/a)
2016-12-22 07:41Distribution SiteLocky
www.albertproduction.se
NMU Group212.73.29.207 (- Sweden)
2016-12-22 07:41Distribution SiteLocky
baugildealtmark.de
212.227.170.233 (- Germany)
2016-12-22 07:41Distribution SiteLocky
rosenblut4u.de
(n/a)
2016-12-22 07:41Distribution SiteLocky
17tattoo.com
WEST263 INTERNATIONAL LIMITED101.200.230.210 (- China)
2016-12-22 07:40Distribution SiteLocky
designerdogwear.com
ENOM, INC.172.104.50.36 (- Singapore)
2016-12-22 07:40Distribution SiteLocky
culturepick.com
WILD WEST DOMAINS, LLC192.138.19.100 (- United States)
2016-12-22 07:40Distribution SiteLocky
nui.tokyo
GMO Internet, Inc.157.7.188.151 (- Japan)
2016-12-22 07:40Distribution SiteLocky
bastacycling.com
HOSTING CONCEPTS B.V. D/B/A OPEN[...]82.150.137.151 (- Netherlands)
2016-12-22 07:40Distribution SiteLocky
crownfinancialsolutions.org
GoDaddy.com, LLC184.168.221.41 (- United States)
2016-12-22 07:40Distribution SiteLocky
birdhausdesign.com
DOMAINPEOPLE, INC.64.71.33.17 (- United States)
2016-12-22 07:40Distribution SiteLocky
aguamineralsantacruz.com.br
188.165.246.203 (- France)
2016-12-22 07:40Distribution SiteLocky
amicentng.com
ACTIVE REGISTRAR, INC.143.95.236.14 (- United States)
2016-12-22 07:40Distribution SiteLocky
blendpak.com
TUCOWS DOMAINS INC.209.215.186.5 (- United States)
2016-12-22 07:40Distribution SiteLocky
hiveapps.co
GODADDY.COM, INC.198.23.203.232 (- United States)
2016-12-22 07:39Distribution SiteLocky
gerkar.pl
nazwa.pl sp. z o.o.212.91.6.51 (- Poland)
2016-12-22 07:39Distribution SiteLocky
aspecta-aso.net
GMO INTERNET, INC. DBA ONAMAE.CO[...]157.7.188.176 (- Japan)
2016-12-22 07:39Distribution SiteLocky
ellsley.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]204.197.240.79 (- United States)
2016-12-22 07:39Distribution SiteLocky
hennesseywelding.com
TUCOWS DOMAINS INC.23.236.62.147 (- United States)
2016-12-22 07:39Distribution SiteLocky
gozovipsite.50webs.com
GODADDY.COM, LLC162.210.101.100 (- United States)
2016-12-22 07:39Distribution SiteLocky
cdsp.pl
Agnat Sp. z o.o.193.239.44.110 (- Poland)
2016-12-22 07:39Distribution SiteLocky
directprotectsolutions.co.uk
Freeola Limited t/a Freeola and [...]93.174.140.46 (- United Kingdom)
2016-12-22 07:39Distribution SiteLocky
htocvt.org
GoDaddy.com, LLC50.62.245.1 (- United States)

# of rows displayed: 100
# of entries in database: 12'899

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 >