Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-08-03 06:11Distribution SiteLocky
setcoop.com.br
187.45.240.45 (- Brazil)
2016-08-03 06:11Distribution SiteLocky
czerwinski.ciesielstwo.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-03 06:11Distribution SiteLocky
teatr-x.ru
RU-CENTER-RU195.208.1.130 (- Russian Federation)
2016-08-03 06:11Distribution SiteLocky
mephisto.nd.e-wro.pl
DINFO - Systemy Internetowe Sylw[...]217.30.152.177 (- Poland)
2016-08-03 06:11Distribution SiteLocky
www.am-i-evil.de
(n/a)
2016-08-03 06:11Distribution SiteLocky
watafuku.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.44 (- United States)
2016-08-03 06:11Distribution SiteLocky
essenciadoequilibrio.net
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]185.90.56.166 (- Portugal)
2016-08-03 06:11Distribution SiteLocky
www.arstaelteknik.com
NICTRADE INTERNET IDENTITY PROVI[...] (n/a)
2016-08-03 06:11Distribution SiteLocky
sugetipula12.hi2.ro
ICI - ROTLD (n/a)
2016-08-03 06:11Distribution SiteLocky
sven-jaenecke.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-03 06:11Distribution SiteLocky
setcoop.com.br
187.45.240.45 (- Brazil)
2016-08-03 06:11Distribution SiteLocky
www.carrelliusati.it
TISCALIDOMAIN-REG192.155.81.104 (- United States)
2016-08-03 06:11Distribution SiteLocky
hitoribotch.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.42 (- United States)
2016-08-03 06:11Distribution SiteLocky
www.sashraf.plus.com
ENOM, INC.212.159.8.91 (- United Kingdom) +1 A record(s) 212.159.9.91 (AS6871, - United Kingdom)
2016-08-03 06:10Distribution SiteLocky
miyadu.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.46 (- United States)
2016-08-03 06:10Distribution SiteLocky
essenciadoequilibrio.net
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]185.90.56.166 (- Portugal)
2016-08-03 06:10Distribution SiteLocky
locogallery.com
FASTDOMAIN, INC.74.220.199.6 (- United States)
2016-08-03 06:10Distribution SiteLocky
www.bagana.net
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-03 06:10Distribution SiteLocky
nedayepak.ir
(n/a)
2016-08-03 06:10Distribution SiteLocky
www.stucchifedele.com
ASCIO TECHNOLOGIES, INC. DANMARK[...] (n/a)
2016-08-03 06:10Distribution SiteLocky
go4leiner.de
(n/a)
2016-08-03 06:10Distribution SiteLocky
www.puntoit-informatica.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-03 06:10Distribution SiteLocky
sugetipula12.hi2.ro
ICI - ROTLD (n/a)
2016-08-03 06:10Distribution SiteLocky
namarinoko.hariko.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-08-03 06:10Distribution SiteLocky
www.closecombat.mynetcologne.de
81.173.246.8 (- Germany)
2016-08-03 06:10Distribution SiteLocky
www.jansen-consultancy-machines.be
Telenet BVBA195.130.132.84 (- Belgium)
2016-08-03 06:10Distribution SiteLocky
www.arstaelteknik.com
NICTRADE INTERNET IDENTITY PROVI[...] (n/a)
2016-08-03 06:10Distribution SiteLocky
www.networkerakademie.de
89.107.64.198 (- Germany)
2016-08-02 21:30Payment SiteCerber
52uo5k3t73ypjije.4k9xlx.top
Eranet International Limited (n/a)
2016-08-02 19:35Payment SiteCerber
unocl45trpuoefft.og5ezh.top
Eranet International Limited (n/a)
2016-08-02 11:20Distribution SiteLocky
www.bagana.net
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-02 11:19Distribution SiteLocky
system-inka.de
81.169.145.69 (- Germany)
2016-08-02 11:19Distribution SiteLocky
gebetech.at
92.63.216.53 (- Austria)
2016-08-02 11:19Distribution SiteLocky
www.serial-production.com
EPAG DOMAINSERVICES GMBH78.46.57.207 (- Germany)
2016-08-02 11:19Distribution SiteLocky
itconcept.md
195.178.106.24 (- Moldova)
2016-08-02 11:19Distribution SiteLocky
www.cosentinoarredamenti.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]46.254.39.57 (- Italy)
2016-08-02 11:19Distribution SiteLocky
tvoy-android.com
HOSTING UKRAINE LLC185.68.16.83 (- Ukraine)
2016-08-02 11:19Distribution SiteLocky
exportwroclaw.cba.pl
Abc Hosting Ltd.95.211.144.68 (- Netherlands)
2016-08-02 11:19Distribution SiteLocky
cinerd.info
GoDaddy.com, LLC (n/a)
2016-08-02 11:19Distribution SiteLocky
terminatorzy.cba.pl
Abc Hosting Ltd.95.211.144.68 (- Netherlands)
2016-08-02 11:19Distribution SiteLocky
siteriqi.bget.ru
R01-RU87.236.19.39 (- Russian Federation)
2016-08-02 11:19Distribution SiteLocky
wt7dzbn78.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-02 11:19Distribution SiteLocky
essenciadoequilibrio.net
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]185.90.56.166 (- Portugal)
2016-08-02 11:19Distribution SiteLocky
setcoop.com.br
187.45.240.45 (- Brazil)
2016-08-02 11:19Distribution SiteLocky
212.26.129.68
n/a
2016-08-02 11:19Distribution SiteLocky
madiv.ru
RU-CENTER-RU79.174.78.153 (- Russian Federation)
2016-08-02 11:19Distribution SiteLocky
my-result.ru
RU-CENTER-RU (n/a)
2016-08-02 11:19Distribution SiteLocky
158.199.158.185
n/a
2016-08-02 11:18Distribution SiteLocky
clinic.gov.ua
212.26.132.124 (- Ukraine)
2016-08-02 11:18Distribution SiteLocky
ecpi.ro
Romarg SRL89.42.223.64 (- Romania)
2016-08-02 11:18Distribution SiteLocky
jhengineering.szm.com
GRANSY S.R.O D/B/A SUBREG.CZ85.248.42.103 (- Slovakia)
2016-08-02 11:18Distribution SiteLocky
www.stucchifedele.com
ASCIO TECHNOLOGIES, INC. DANMARK[...] (n/a)
2016-08-02 11:18Distribution SiteLocky
plasseramerican.net
NETWORK SOLUTIONS, LLC. (n/a)
2016-08-02 11:18Distribution SiteLocky
psclimat.ru
NETHOUSE-RU185.93.108.90 (- Russian Federation)
2016-08-02 11:18Distribution SiteLocky
alex-walter.de
(n/a)
2016-08-02 11:18Distribution SiteLocky
www.cafealaska.es
62.42.230.17 (- Spain)
2016-08-02 11:18Distribution SiteLocky
beate-oberle-kosmetik.de
81.169.145.93 (- Germany)
2016-08-02 11:18Distribution SiteLocky
totalrepalrhonda.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.42 (- United States)
2016-08-02 11:18Distribution SiteLocky
lifeserv.myarena.ru
RU-CENTER-RU62.122.213.10 (- Russian Federation)
2016-08-02 11:18Distribution SiteLocky
sancompany.ru
R01-RU92.53.96.22 (- Russian Federation)
2016-08-02 11:18Distribution SiteLocky
subbenim.atspace.com
TUCOWS DOMAINS INC.185.176.43.19 (- Bulgaria)
2016-08-02 11:18Distribution SiteLocky
dev.appleleafabstracting.com
WILD WEST DOMAINS, LLC (n/a)
2016-08-02 11:18Distribution SiteLocky
olis.atspace.com
TUCOWS DOMAINS INC.185.176.43.19 (- Bulgaria)
2016-08-02 11:18Distribution SiteLocky
breinco.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]46.183.116.203 (- Spain)
2016-08-02 11:18Distribution SiteLocky
woblk17jc.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-02 11:17Distribution SiteLocky
go4leiner.de
(n/a)
2016-08-02 11:17Distribution SiteLocky
acnek.com
GODADDY.COM, LLC184.168.131.241 (- United States)
2016-08-02 11:17Distribution SiteLocky
morfaux.fr
LIGNE WEB SERVICES - LWS109.234.161.32 (- France)
2016-08-02 11:17Distribution SiteLocky
www.simons-vakantiehuisje.nl
Cronon AG81.169.145.68 (- Germany)
2016-08-02 11:17Distribution SiteLocky
russiansnow.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.47 (- United States)
2016-08-02 11:17Distribution SiteLocky
thehybrid.0catch.com
FASTDOMAIN, INC.66.219.202.10 (- United States)
2016-08-02 11:17Distribution SiteLocky
www.gioilda.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-02 11:17Distribution SiteLocky
realm-of-rage.heimat.eu
Key-Systems GmbH213.208.133.41 (- Austria)
2016-08-02 11:17Distribution SiteLocky
www.arstaelteknik.com
NICTRADE INTERNET IDENTITY PROVI[...] (n/a)
2016-08-02 06:52Payment SiteCerber
unocl45trpuoefft.4k98id.top
Eranet International Limited (n/a)
2016-08-02 06:31Payment SiteCerber
pmenboeqhyrpvomq.kswcuk.top
Eranet International Limited (n/a)
2016-08-01 23:04Payment SiteCerber
52uo5k3t73ypjije.n41n1a.top
Eranet International Limited (n/a)
2016-08-01 19:36Payment SiteCerber
52uo5k3t73ypjije.vkm4l6.top
Eranet International Limited (n/a)
2016-08-01 12:12Distribution SiteLocky
www.robtozier.com
GODADDY.COM, LLC66.230.196.22 (- United States)
2016-08-01 12:12Distribution SiteLocky
schlebach.25mm.ru
R01-RU93.171.222.110 (- Russian Federation)
2016-08-01 12:12Distribution SiteLocky
sigovka.ru
REGTIME-RU93.171.223.56 (- Russian Federation)
2016-08-01 12:11Distribution SiteLocky
certifiedbanker.org
Tucows Inc.166.63.125.135 (- United States)
2016-08-01 12:11Distribution SiteLocky
visionaero.com
NETWORK SOLUTIONS, LLC.64.71.34.45 (- United States)
2016-08-01 12:11Distribution SiteLocky
seahawkexports.com
GODADDY.COM, LLC204.11.56.48 (- Virgin Islands)
2016-08-01 12:11Distribution SiteLocky
abufarha.net
FASTDOMAIN, INC.208.91.199.21 (- United States)
2016-08-01 12:11Distribution SiteLocky
keven.site.aplus.net
GODADDY.COM, LLC64.29.151.221 (- United States)
2016-08-01 12:11Distribution SiteLocky
217.26.70.200
n/a
2016-08-01 12:11Distribution SiteLocky
libertymanuals.com
ENOM, INC.192.155.253.202 (- United States)
2016-08-01 12:11Distribution SiteLocky
bisericaromaneasca.ro
Romarg SRL (n/a)
2016-08-01 12:11Distribution SiteLocky
67.23.226.139
n/a
2016-08-01 12:11Distribution SiteLocky
wordpress.pro-tiler.ru
REGRU-RU (n/a)
2016-08-01 12:11Distribution SiteLocky
tvoy-android.com
HOSTING UKRAINE LLC185.68.16.83 (- Ukraine)
2016-08-01 12:11Distribution SiteLocky
openspace.pro
90.156.201.113 (- Russian Federation) +3 A record(s) 90.156.201.54 (AS48287, - Russian Federation)
90.156.201.70 (AS25532, - Russian Federation)
90.156.201.90 (AS25532, - Russian Federation)
2016-08-01 12:10Distribution SiteLocky
shagunproperty.com
GODADDY.COM, LLC139.59.18.209 (- India)
2016-08-01 12:10Distribution SiteLocky
218.228.19.9
n/a
2016-08-01 12:10Distribution SiteLocky
steelfs.com.mx
NEUBOX Internet SA de CV207.210.232.52 (- United States)
2016-08-01 12:10Distribution SiteLocky
clinic.gov.ua
212.26.132.124 (- Ukraine)
2016-08-01 12:10Distribution SiteLocky
79.96.153.93
(n/a)
2016-08-01 12:10Distribution SiteLocky
stroymonolit.su
R01-REG-FID87.236.16.220 (- Russian Federation)
2016-08-01 12:10Distribution SiteLocky
darkhollowcoffee.com
TUCOWS DOMAINS INC.66.175.58.9 (- United States)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >