Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-08-01 12:10Distribution SiteLocky
climairuk.com
LCN.COM LTD.85.118.233.162 (- United Kingdom)
2016-08-01 12:10Distribution SiteLocky
arogyaforhealth.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]199.79.62.144 (- United States)
2016-08-01 12:10Distribution SiteLocky
bobbysinghwpg.com
GODADDY.COM, LLC192.186.246.98 (- United States)
2016-08-01 12:10Distribution SiteLocky
uxeurope.com
NETWORK SOLUTIONS, LLC.84.16.73.17 (- Switzerland)
2016-08-01 12:10Distribution SiteLocky
paletteswapninja.com
TUCOWS DOMAINS INC.23.235.220.225 (- United States)
2016-08-01 12:09Distribution SiteLocky
darkhollowcoffee.com
TUCOWS DOMAINS INC.66.175.58.9 (- United States)
2016-08-01 12:09Payment SiteCerber
52uo5k3t73ypjije.0vgu64.top
Eranet International Limited (n/a)
2016-08-01 12:09Distribution SiteLocky
u2319351.plsk.regruhosting.ru
REGRU-RU (n/a)
2016-08-01 12:09Distribution SiteLocky
akeseverin.com
REGISTER.IT SPA185.2.5.23 (- Italy)
2016-08-01 12:09Distribution SiteLocky
gp-logistics.ru
R01-RU77.222.40.38 (- Russian Federation)
2016-08-01 12:09Distribution SiteLocky
213.228.128.12
n/a
2016-08-01 12:09Distribution SiteLocky
80.109.240.71
n/a
2016-08-01 12:09Distribution SiteLocky
213.228.128.12
n/a
2016-08-01 12:09Distribution SiteLocky
akva-sarat.nichost.ru
RU-CENTER-RU195.208.1.150 (- Russian Federation)
2016-08-01 12:09Distribution SiteLocky
121.83.206.211
n/a
2016-08-01 12:05Payment SiteLocky
zjfq4lnfbs7pncr5.onion.to
185.100.85.150 (- Romania)
2016-08-01 12:04Payment SiteLocky
zjfq4lnfbs7pncr5.tor2web.org
Tucows Inc.185.100.85.150 (- Romania)
2016-08-01 11:31Distribution SiteLocky
ceresiontest.c0.pl
Abc Hosting Ltd.95.211.144.68 (- Netherlands)
2016-08-01 11:31Distribution SiteLocky
www.skutovky.szm.com
GRANSY S.R.O D/B/A SUBREG.CZ85.248.42.103 (- Slovakia)
2016-08-01 11:31Distribution SiteLocky
chroffice.fr
AMEN / Agence des Médias Numér[...]81.88.57.68 (- Italy)
2016-08-01 11:31Distribution SiteLocky
idouheikin.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.47 (- United States)
2016-08-01 11:31Distribution SiteLocky
www.biologiazsg.cba.pl
Abc Hosting Ltd.95.211.144.68 (- Netherlands)
2016-08-01 11:30Distribution SiteLocky
www.erasmusensemble.org
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-08-01 11:30Distribution SiteLocky
esicadd.50webs.com
GODADDY.COM, LLC162.210.101.99 (- United States)
2016-08-01 11:30Distribution SiteLocky
125ru.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.165 (- United States)
2016-08-01 11:30Distribution SiteLocky
kuac.vtrbandaancha.net
REGISTER.COM, INC.200.83.3.52 (- Chile)
2016-08-01 11:30Distribution SiteLocky
211.115.110.218
n/a
2016-08-01 11:30Distribution SiteLocky
hrenner.gmxhome.de
213.165.64.215 (- Germany)
2016-08-01 11:30Distribution SiteLocky
trisavog.client.jp
112.140.42.29 (- Japan)
2016-08-01 11:30Distribution SiteLocky
sindipetro.com.br
186.202.37.121 (- Brazil)
2016-08-01 11:30Distribution SiteLocky
herimasu.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.42 (- United States)
2016-08-01 11:29Distribution SiteLocky
a-real.net
TUCOWS DOMAINS INC.90.156.201.102 (- Russian Federation) +3 A record(s) 90.156.201.115 (AS25532, - Russian Federation)
90.156.201.30 (AS25532, - Russian Federation)
90.156.201.87 (AS25532, - Russian Federation)
2016-08-01 11:29Distribution SiteLocky
grisuncuius.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-01 11:29Distribution SiteLocky
lobi.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-01 11:29Distribution SiteLocky
shimonokougyousho.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.44 (- United States)
2016-08-01 11:29Distribution SiteLocky
www.philippheintz.de
(n/a)
2016-08-01 11:29Distribution SiteLocky
www.usku.home.ro
ICI - ROTLD81.196.20.133 (- Romania)
2016-08-01 11:29Distribution SiteLocky
gruppa-yug.ru
REGRU-RU5.101.152.190 (- Russian Federation)
2016-08-01 07:45Payment SiteCerber
unocl45trpuoefft.vkm4l6.top
Eranet International Limited (n/a)
2016-08-01 06:40Payment SiteCerber
unocl45trpuoefft.308an1.top
Eranet International Limited (n/a)
2016-07-31 23:30Payment SiteCerber
4kqd3hmqgptupi3p.y5j7e6.top
Eranet International Limited (n/a)
2016-07-31 23:16Payment SiteCerber
4kqd3hmqgptupi3p.as5su5.top
Eranet International Limited (n/a)
2016-07-31 23:05Botnet C&CLocky
qvdgqayo.pw
Namecheap208.100.26.234 (- United States)
2016-07-31 23:05Botnet C&CLocky
217.12.203.233
217.12.203.233 (- Bulgaria)
2016-07-31 22:34Payment SiteCerber
4kqd3hmqgptupi3p.bnctf6.top
Eranet International Limited (n/a)
2016-07-31 19:20Payment SiteCerber
52uo5k3t73ypjije.kzo8mc.top
Eranet International Limited (n/a)
2016-07-31 18:20Botnet C&CLocky
91.230.211.139
91.230.211.139 (- Russian Federation)
2016-07-31 15:58Payment SiteCerber
52uo5k3t73ypjije.v11z5e.top
Alpnames Limited (n/a)
2016-07-31 13:46Payment SiteCerber
pmenboeqhyrpvomq.0vgu64.top
Eranet International Limited (n/a)
2016-07-31 13:03Botnet C&CLocky
37.139.30.95
37.139.30.95 (- Netherlands)
2016-07-31 09:22Payment SiteCerber
pmenboeqhyrpvomq.r21wmw.top
Eranet International Limited (n/a)
2016-07-31 06:45Payment SiteCerber
pmenboeqhyrpvomq.vkm4l6.top
Eranet International Limited (n/a)
2016-07-31 06:23Payment SiteCerber
unocl45trpuoefft.1de02r.top
Eranet International Limited (n/a)
2016-07-31 05:55Payment SiteCerber
52uo5k3t73ypjije.e6in0v.top
Eranet International Limited (n/a)
2016-07-30 19:50Payment SiteCerber
4kqd3hmqgptupi3p.4k9xlx.top
Eranet International Limited (n/a)
2016-07-30 17:26Botnet C&CLocky
hycninyxuaa.xyz
Namecheap208.100.26.234 (- United States)
2016-07-30 10:02Botnet C&CLocky
toxnwbkoulii.pw
Namecheap208.100.26.234 (- United States)
2016-07-30 07:49Botnet C&CPayCrypt
print-pack.club
Hosting Ukraine LLC.185.68.16.115 (- Ukraine)
2016-07-30 07:49Botnet C&CPayCrypt
print-pack.club
Hosting Ukraine LLC.185.68.16.115 (- Ukraine)
2016-07-29 21:06Payment SiteCerber
52uo5k3t73ypjije.4nf7ij.top
Eranet International Limited (n/a)
2016-07-29 21:02Payment SiteCerber
4kqd3hmqgptupi3p.r21wmw.top
Eranet International Limited (n/a)
2016-07-29 18:11Botnet C&CLocky
91.195.12.143
91.195.12.143 (- Ukraine)
2016-07-29 15:58Payment SiteCerber
4kqd3hmqgptupi3p.0vgu64.top
Eranet International Limited (n/a)
2016-07-29 15:46Payment SiteCerber
52uo5k3t73ypjije.40wiai.top
Eranet International Limited (n/a)
2016-07-29 15:09Payment SiteCerber
4kqd3hmqgptupi3p.vkm4l6.top
Eranet International Limited (n/a)
2016-07-29 15:08Payment SiteCerber
pmenboeqhyrpvomq.pap44w.top
Eranet International Limited (n/a)
2016-07-29 13:59Payment SiteCerber
pmenboeqhyrpvomq.bnctf6.top
Eranet International Limited (n/a)
2016-07-29 12:12Distribution SiteLocky
jyoumon.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.44 (- United States)
2016-07-29 12:12Distribution SiteLocky
vova318.vline.ru
R01-RU91.196.138.200 (- Russian Federation)
2016-07-29 12:12Distribution SiteLocky
handball-literatur.de
(n/a)
2016-07-29 12:12Distribution SiteLocky
joslinsalesltd.com
NETWORK SOLUTIONS, LLC.23.236.62.147 (- United States)
2016-07-29 12:12Distribution SiteLocky
alci.dommel.be
SCHEDOM NV / DOMMEL.COM (n/a)
2016-07-29 12:12Distribution SiteLocky
minocki.republika.pl
Domeny.pl sp. z o.o.213.180.141.189 (- Poland)
2016-07-29 12:12Distribution SiteLocky
fcc-thechamps.de
(n/a)
2016-07-29 12:12Distribution SiteLocky
zauber-fred.de
(n/a)
2016-07-29 12:12Distribution SiteLocky
ratnam.fx.perso.sfr.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-07-29 12:12Distribution SiteLocky
www.attivita-antroposofiche-roma.org
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-07-29 12:12Distribution SiteLocky
intracorpwestsidecollection.com
ENOM, INC.192.199.204.103 (- Canada)
2016-07-29 12:11Distribution SiteLocky
80.241.232.207
n/a
2016-07-29 12:11Distribution SiteLocky
impregui.com
10DENCEHISPAHARD, S.L217.160.0.32 (- Germany)
2016-07-29 12:11Distribution SiteLocky
www.astool.com
NETWORK SOLUTIONS, LLC.103.1.220.13 (- Taiwan)
2016-07-29 12:11Distribution SiteLocky
newt150.tripod.com
CSC CORPORATE DOMAINS, INC.209.202.252.66 (- United States)
2016-07-29 12:11Distribution SiteLocky
senzai.nobu-naga.net
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-07-29 12:11Distribution SiteLocky
theuniongroup.com
TIERRANET INC. D/B/A DOMAINDISCO[...]50.62.172.157 (- United States)
2016-07-29 12:11Distribution SiteLocky
agazoumi.com
ENOM, INC.104.195.40.190 (- United States)
2016-07-29 12:11Distribution SiteLocky
211.18.200.4
n/a
2016-07-29 12:11Distribution SiteLocky
childmoon.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.136 (- United States)
2016-07-29 12:11Distribution SiteLocky
minocki.republika.pl
Domeny.pl sp. z o.o.213.180.141.189 (- Poland)
2016-07-29 12:11Distribution SiteLocky
www.istruiscus.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-07-29 12:11Distribution SiteLocky
oleanderhome.com
WILD WEST DOMAINS, LLC184.168.221.80 (- United States)
2016-07-29 12:11Distribution SiteLocky
www.ferresur.es
212.34.140.236 (- Spain)
2016-07-29 12:11Distribution SiteLocky
www.dukewayne.talktalk.net
ASCIO TECHNOLOGIES, INC. DANMARK[...]62.24.202.31 (- United Kingdom)
2016-07-29 12:10Distribution SiteLocky
www.damasoinfante.com
10DENCEHISPAHARD, S.L134.0.11.154 (- Spain)
2016-07-29 12:10Distribution SiteLocky
www.istruiscus.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-07-29 12:10Distribution SiteLocky
blekitniproba.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-07-29 12:10Distribution SiteLocky
www.erikacostruzioni.com
ASCIO TECHNOLOGIES, INC. DANMARK[...] (n/a)
2016-07-29 12:10Distribution SiteLocky
kenestyonline.com
GODADDY.COM, LLC (n/a)
2016-07-29 12:10Distribution SiteLocky
inhouserecording.atspace.com
TUCOWS DOMAINS INC.185.176.43.19 (- Bulgaria)
2016-07-29 12:10Distribution SiteLocky
wbbs176.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.46 (- United States)
2016-07-29 12:10Distribution SiteLocky
azmusclemart.com
GODADDY.COM, LLC198.169.132.19 (- Canada)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >