Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-05-16 14:26Distribution SiteLocky
soldabarra.com.br
159.203.75.88 (- United States)
2016-05-16 14:26Distribution SiteLocky
uggforever.com.au
Web Address Registration (n/a)
2016-05-16 14:14Distribution SiteLocky
visionpharmapk.com
GODADDY.COM, LLC203.124.44.33 (- Pakistan)
2016-05-16 14:14Distribution SiteLocky
tafeta.ca
SIBERNAME INTERNET AND SOFTWARE [...]209.44.101.146 (- Canada)
2016-05-16 14:14Distribution SiteLocky
sunlite.com.au
TPP Wholesale Pty Ltd54.252.105.221 (- Australia)
2016-05-16 14:13Distribution SiteLocky
scpremiumbikes.com
TUCOWS DOMAINS INC.103.6.198.138 (- Malaysia)
2016-05-16 14:13Distribution SiteLocky
optimus-communication.com
GODADDY.COM, LLC23.229.166.35 (- United States)
2016-05-16 14:13Distribution SiteLocky
neophrontech.com
GODADDY.COM, LLC45.113.122.172 (- India)
2016-05-16 14:13Distribution SiteLocky
muscleinjuries.com
NAMESECURE.COM192.186.222.166 (- United States)
2016-05-16 14:12Distribution SiteLocky
lhhme.com.sg
IP MIRROR PTE LTD103.9.101.111 (- Singapore)
2016-05-16 14:12Distribution SiteLocky
deanstum.com
GODADDY.COM, LLC192.186.229.69 (- United States)
2016-05-16 14:11Distribution SiteLocky
aquatixbottle.com
GODADDY.COM, LLC192.186.212.231 (- United States)
2016-05-16 14:11Distribution SiteLocky
albany.asn.au
Web Address Registration202.59.111.126 (- Australia)
2016-05-16 14:10Distribution SiteLocky
sitkainvestigations.com
GODADDY.COM, LLC192.186.218.164 (- United States)
2016-05-16 12:56Distribution SiteLocky
technobuz.com
GODADDY.COM, LLC160.153.74.69 (- United States)
2016-05-16 12:56Distribution SiteLocky
thetestserver.net
ENOM, INC.192.185.102.2 (- United States)
2016-05-16 12:55Distribution SiteLocky
fundaciontehuelche.com.ar
200.58.111.224 (- Argentina)
2016-05-16 10:49Distribution SiteLocky
sweetkad.com
GODADDY.COM, LLC66.45.245.40 (- United States)
2016-05-16 09:07Botnet C&CLocky
5.34.183.40
5.34.183.40 (- Ukraine)
2016-05-10 14:25Botnet C&CLocky
92.222.71.26
92.222.71.26 (- France)
2016-05-10 12:30Botnet C&CLocky
185.82.202.170
185.82.202.170 (- Netherlands)
2016-05-10 11:00Distribution SiteLocky
wein-shop.wineandnature.com
1&1 INTERNET SE (n/a)
2016-05-10 11:00Distribution SiteLocky
synchrostore.com.br
52.67.57.42 (- Brazil)
2016-05-10 11:00Distribution SiteLocky
smoochintimates.com.au
Tucows118.127.42.199 (- Australia)
2016-05-10 11:00Distribution SiteLocky
shop.singledivers.com
GODADDY.COM, LLC (n/a)
2016-05-10 11:00Distribution SiteLocky
shop.kvgems-preciousstones.com
GODADDY.COM, LLC173.245.95.98 (- United States)
2016-05-10 10:59Distribution SiteLocky
shop.kndbooks.com
GODADDY.COM, LLC (n/a)
2016-05-10 10:59Distribution SiteLocky
shop.futurefactory-software.com
LEDL.NET GMBH78.46.59.214 (- Germany)
2016-05-10 10:59Distribution SiteLocky
recomobilesolutions.com
ENOM, INC. (n/a)
2016-05-10 10:58Distribution SiteLocky
rhythmlifestyle.co.uk
Paragon Internet Group Ltd t/a T[...] (n/a)
2016-05-10 10:58Distribution SiteLocky
premierbandsusa.com
GODADDY.COM, LLC104.207.226.121 (- United States)
2016-05-10 10:58Distribution SiteLocky
nowandthensecondhandstore.com
GODADDY.COM, LLC50.63.202.62 (- United States)
2016-05-10 10:58Distribution SiteLocky
natural-skin.com.au
Web Address Registration74.220.199.9 (- United States)
2016-05-10 10:57Distribution SiteLocky
marinastore.co.uk
UK2 Limited (n/a)
2016-05-10 10:57Distribution SiteLocky
lapkodeal.com
GODADDY.COM, LLC160.153.52.224 (- United States)
2016-05-10 10:57Distribution SiteLocky
justhorseriders.co.uk
1 & 1 Internet SE185.162.224.150 (- United Kingdom of Great Britain and Northern Ireland)
2016-05-10 10:56Distribution SiteLocky
iloveaceite.com
NETEARTH ONE INC. D/B/A NETEARTH31.47.74.38 (- Spain)
2016-05-10 10:56Distribution SiteLocky
harshdeepjewellers.com
GODADDY.COM, LLC192.169.197.43 (- United States)
2016-05-10 10:56Distribution SiteLocky
goblinada.net
TUCOWS DOMAINS INC.194.135.87.127 (- Lithuania)
2016-05-10 10:55Distribution SiteLocky
etikdeals.com
ONLINE SAS (n/a)
2016-05-10 10:55Distribution SiteLocky
drgravity.com
NETWORK SOLUTIONS, LLC. (n/a)
2016-05-10 10:55Distribution SiteLocky
cubee.lt
UAB "Interneto vizija"194.135.87.127 (- Lithuania)
2016-05-10 10:54Distribution SiteLocky
cmobilier.com
OVH5.39.70.7 (- France)
2016-05-10 10:54Distribution SiteLocky
beverlyhillssilver.com
NETWORK SOLUTIONS, LLC.72.41.110.2 (- United States)
2016-05-10 10:54Distribution SiteLocky
admin.prettysecrets.com
GO FRANCE DOMAINS, LLC (n/a)
2016-05-10 10:42Distribution SiteLocky
tadinda.web-tasarimcilar.com
GODADDY.COM, LLC185.179.27.53 (- Turkey)
2016-05-09 06:33Payment SiteTorrentLocker
de2nuvwegoo32oqv.tortelevision.li
(n/a)
2016-05-09 02:36Botnet C&CLocky
37.46.131.153
37.46.131.153 (- Russian Federation)
2016-05-08 21:29Botnet C&CTeslaCrypt
jdebrains.com
GODADDY.COM, LLC23.229.155.72 (- United States)
2016-05-08 21:29Botnet C&CTeslaCrypt
chaliawala.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]64.22.112.34 (- United States)
2016-05-08 07:20Botnet C&CLocky
193.124.185.87
193.124.185.87 (- Russian Federation)
2016-05-07 22:45Botnet C&CLocky
146.185.137.40
146.185.137.40 (- Netherlands)
2016-05-07 06:29Distribution SiteLocky
helpdesk.zergos.ru
REGRU-RU138.201.119.127 (- Germany)
2016-05-06 20:30Botnet C&CTeslaCrypt
www.laidclinique.com.mx
NEUBOX Internet SA de CV65.99.225.47 (- United States)
2016-05-06 20:30Botnet C&CTeslaCrypt
laidclinique.com.mx
NEUBOX Internet SA de CV65.99.225.47 (- United States)
2016-05-06 18:00Botnet C&CLocky
78.47.110.82
78.47.110.82 (- Germany)
2016-05-06 13:38Distribution SiteLocky
4ix.com
ENOM, INC.203.129.113.142 (- Japan)
2016-05-06 11:53Distribution SiteLocky
drdianateachertraining.com
GODADDY.COM, LLC199.83.129.211 (- United States) +1 A record(s) 199.83.131.211 (AS19551, - United States)
2016-05-06 11:14Distribution SiteLocky
taninabandb.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.38.26 (- Italy)
2016-05-06 10:47Distribution SiteLocky
rulshtory.wmlead.ru
RU-CENTER-RU (n/a)
2016-05-06 09:22Distribution SiteLocky
cliente1.gugliandolo.com
TUCOWS DOMAINS INC.85.235.131.88 (- Italy)
2016-05-06 09:08Distribution SiteLocky
topcarshop.ir
87.98.227.214 (- Spain)
2016-05-06 08:42Payment SiteTeslaCrypt
ik4dm.mazerunci.at
(n/a)
2016-05-06 08:40Payment SiteTeslaCrypt
y4bxj.adozeuds.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-05-06 08:32Distribution SiteLocky
akarui.org
GoDaddy.com, LLC166.62.30.158 (- United States)
2016-05-06 08:32Distribution SiteLocky
spraszyn.home.pl
home.pl S.A.79.96.92.220 (- Poland)
2016-05-06 08:31Distribution SiteLocky
virusremovals.org
Name.com, LLC67.228.184.52 (- United States)
2016-05-06 08:31Distribution SiteLocky
istvest.com
TUCOWS DOMAINS INC.79.98.29.30 (- Lithuania)
2016-05-06 08:31Distribution SiteLocky
ikiartimatbaa.com
NICS TELEKOMUNIKASYON TICARET LT[...]94.73.150.20 (- Turkey)
2016-05-06 06:02Distribution SiteLocky
shopngocquyen.com
GODADDY.COM, LLC209.99.17.27 (- United States)
2016-05-05 14:49Botnet C&CTeslaCrypt
hypnotiseyourself.co.uk
123-Reg Limited t/a 123-reg50.87.146.83 (- United States)
2016-05-05 13:45Botnet C&CLocky
fdehgchykmiqwdg.info
Dynadot, LLC69.195.129.70 (- United States)
2016-05-05 13:45Botnet C&CLocky
91.219.29.66
91.219.29.66 (- Ukraine)
2016-05-05 13:45Botnet C&CLocky
185.22.67.108
185.22.67.108 (- Kazakhstan)
2016-05-05 08:31Botnet C&CLocky
91.226.93.124
91.226.93.124 (- Russian Federation)
2016-05-05 07:24Distribution SiteLocky
fashionmekka.com
KEY-SYSTEMS GMBH (n/a)
2016-05-05 06:54Distribution SiteLocky
sourcechemindia.com
WILD WEST DOMAINS, LLC166.62.27.182 (- United States)
2016-05-05 06:54Distribution SiteLocky
testovaciadomena.sk
93.184.77.198 (- Slovakia)
2016-05-05 06:53Distribution SiteLocky
stadiumwebshop.com
TLD REGISTRAR SOLUTIONS LTD94.177.168.91 (- Romania)
2016-05-05 06:53Distribution SiteLocky
web.smadwiwarna.net
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]103.228.119.245 (- Indonesia)
2016-05-05 06:53Distribution SiteLocky
jambe.in
GoDaddy.com, LLC (R101-AFIN)216.239.32.21 (- United States) +3 A record(s) 216.239.34.21 (AS15169, - United States)
216.239.36.21 (AS15169, - United States)
216.239.38.21 (AS15169, - United States)
2016-05-05 06:52Distribution SiteLocky
cwsnet.com.au
Web Address Registration216.224.174.137 (- United States)
2016-05-05 06:52Botnet C&CLocky
91.234.33.215
91.234.33.215 (- Ukraine)
2016-05-05 05:51Payment SiteTeslaCrypt
h54dc.leverdaze.at
(n/a)
2016-05-04 22:34Botnet C&CPayCrypt
dnibsan.com
ENOM, INC.67.225.220.95 (- United States)
2016-05-04 18:30Botnet C&CLocky
138.201.95.72
138.201.95.72 (- Germany)
2016-05-04 16:15Botnet C&CTeslaCrypt
random-shots.com
GODADDY.COM, LLC192.185.5.148 (- United States)
2016-05-04 07:41Botnet C&CLocky
31.184.197.126
31.184.197.126 (- Russian Federation)
2016-05-03 15:34Botnet C&CLocky
91.226.93.113
91.226.93.113 (- Russian Federation)
2016-05-03 15:33Botnet C&CLocky
91.219.29.64
91.219.29.64 (- Ukraine)
2016-05-03 13:49Distribution SiteLocky
badu.sk
37.46.80.248 (- Czech Republic)
2016-05-03 13:28Distribution SiteLocky
niagara.vn.ua
ua.ukraine185.68.16.6 (- Ukraine)
2016-05-02 19:59Botnet C&CTeslaCrypt
www.maniffatoretraiteur.com
GANDI SAS217.70.180.151 (- France)
2016-05-02 06:06Payment SiteTeslaCrypt
k234s.ascotsprue.com
KEY-SYSTEMS GMBH184.105.192.2 (- United States)
2016-05-02 06:05Payment SiteTeslaCrypt
l123d.feustude.at
(n/a)
2016-05-02 06:05Payment SiteTeslaCrypt
u24er.ovaarmor.com
KEY-SYSTEMS GMBH184.105.192.2 (- United States)
2016-05-02 02:48Botnet C&CLocky
ycvcjbhgkmsiyhdd.info
Regtime Ltd.91.230.211.26 (- Russian Federation)
2016-05-01 23:05Botnet C&CTeslaCrypt
site7.aiglecom.com
GANDI SAS217.70.180.151 (- France)
2016-05-01 19:25Botnet C&CLocky
rrcspgfghsjnklts.pw
Namecheap208.100.26.234 (- United States)
2016-05-01 15:39Botnet C&CLocky
abvtqhwodwjmi.work
Regtime91.230.211.26 (- Russian Federation)

# of rows displayed: 100
# of entries in database: 9'211

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 >