Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-07-13 11:43Distribution SiteLocky
webidator.co.il
(n/a)
2016-07-13 11:43Distribution SiteLocky
ampexholdings.com
UNIVERSO ONLINE S/A (UOL)186.202.41.251 (- Brazil)
2016-07-13 11:43Distribution SiteLocky
valdemarincapital.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.142.108 (- Spain)
2016-07-13 11:43Distribution SiteLocky
clinicasantabeatriz.es
(n/a)
2016-07-13 11:43Distribution SiteLocky
graficador.ch
hosttech GmbH82.220.37.15 (- Switzerland)
2016-07-13 11:43Distribution SiteLocky
www.inextenso.hu
217.116.47.122 (- Hungary)
2016-07-13 11:43Distribution SiteLocky
geslexsport.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]127.0.0.1 (n/a)
2016-07-13 11:43Distribution SiteLocky
pernelkul.hu
194.38.104.131 (- Hungary)
2016-07-13 11:43Distribution SiteLocky
237travellin.com
OVH213.186.33.104 (- France)
2016-07-13 11:43Distribution SiteLocky
lifecare-hc.com
GODADDY.COM, LLC50.63.202.42 (- United States)
2016-07-13 11:43Distribution SiteLocky
www.comervillamil.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]127.0.0.1 (n/a)
2016-07-13 11:43Distribution SiteLocky
limpiezamecanizada.com.mx
Akky (Una division de NIC Mexico[...]208.97.178.120 (- United States)
2016-07-13 11:43Distribution SiteLocky
mystyleparrucchieri.com
TUCOWS DOMAINS INC.80.88.87.96 (- Italy)
2016-07-13 11:43Distribution SiteLocky
areaslimpias.com.mx
Akky (Una division de NIC Mexico[...] (n/a)
2016-07-13 11:43Distribution SiteLocky
subang.go.id
103.247.11.52 (- Indonesia)
2016-07-13 11:42Distribution SiteLocky
digitacaoveloz.com.br
(n/a)
2016-07-13 11:42Distribution SiteLocky
zoomwalls.com
GODADDY.COM, LLC67.227.226.241 (- United States)
2016-07-13 11:42Distribution SiteLocky
areaslimpias.com.mx
Akky (Una division de NIC Mexico[...] (n/a)
2016-07-13 11:42Distribution SiteLocky
237travellin.com
OVH213.186.33.104 (- France)
2016-07-13 11:42Distribution SiteLocky
www.mystyleparrucchieri.com
TUCOWS DOMAINS INC.80.88.87.96 (- Italy)
2016-07-13 11:42Distribution SiteLocky
jsbaden.jemk.ch
Hostpoint AG217.26.55.4 (- Switzerland)
2016-07-13 11:42Distribution SiteLocky
pakar.com.my
103.6.198.134 (- Malaysia)
2016-07-13 11:42Distribution SiteLocky
lifecare-hc.com
GODADDY.COM, LLC50.63.202.42 (- United States)
2016-07-13 11:42Distribution SiteLocky
www.appoutpost.com
GODADDY.COM, LLC132.148.241.87 (- United States)
2016-07-13 11:42Distribution SiteLocky
hiramteran.com
GODADDY.COM, LLC207.174.215.153 (- United States)
2016-07-13 11:42Distribution SiteLocky
sollove.com.br
186.202.153.144 (- Brazil)
2016-07-13 08:35Botnet C&CLocky
yuysikankhqvdwdv.xyz
Namecheap208.100.26.234 (- United States)
2016-07-13 08:17Distribution SiteTorrentLocker
opieka.info.pl
home.pl S.A.193.218.152.246 (- Poland)
2016-07-13 05:29Payment SiteCerber
pmenboeqhyrpvomq.5b1s82.top
Eranet International Limited (n/a)
2016-07-13 05:12Payment SiteCerber
27lelchgcvs2wpm7.7jiff7.top
Eranet International Limited (n/a)
2016-07-13 00:22Botnet C&CLocky
tqlcjh.fr
1API GmbH208.100.26.234 (- United States)
2016-07-12 23:31Payment SiteCerber
pmenboeqhyrpvomq.afteghonte.lol
Alpnames Limited (n/a)
2016-07-12 19:59Payment SiteCerber
52uo5k3t73ypjije.c7ex9n.top
Eranet International Limited (n/a)
2016-07-12 16:32Payment SiteCerber
27lelchgcvs2wpm7.bonbestal.asia
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-07-12 15:54Botnet C&CCryptoWall
audetlaw.com
GODADDY.COM, LLC72.10.54.86 (- United States)
2016-07-12 14:36Distribution SiteLocky
acepipesdeli.com.br
186.202.153.125 (- Brazil)
2016-07-12 14:36Distribution SiteLocky
quaint.com.br
191.252.51.21 (- Brazil)
2016-07-12 14:35Distribution SiteLocky
games4games.com.br
186.202.153.56 (- Brazil)
2016-07-12 14:35Distribution SiteLocky
agbiz.co.za
78.46.1.42 (- Germany)
2016-07-12 14:35Distribution SiteLocky
richard-scissors.com
ENOM, INC.157.7.107.151 (- Japan)
2016-07-12 14:35Distribution SiteLocky
omnitask.ba
88.198.24.94 (- Germany)
2016-07-12 14:35Distribution SiteLocky
revengeofsultans.com
GODADDY.COM, LLC47.91.76.111 (- United States)
2016-07-12 14:35Distribution SiteLocky
mphooseitutu.com
TUCOWS DOMAINS INC.197.221.10.206 (- South Africa)
2016-07-12 14:35Distribution SiteLocky
sirimba.com.br
191.252.51.33 (- Brazil)
2016-07-12 14:35Distribution SiteLocky
doisirmaosturismo-rj.com.br
186.202.153.39 (- Brazil)
2016-07-12 14:35Distribution SiteLocky
sindsul.com
TUCOWS DOMAINS INC. (n/a)
2016-07-12 14:35Distribution SiteLocky
wacker-etm.ru
RU-CENTER-RU195.208.1.106 (- Russian Federation)
2016-07-12 14:35Distribution SiteLocky
globaldveri.ru
RU-CENTER-RU195.208.0.105 (- Russian Federation)
2016-07-12 14:35Distribution SiteLocky
mywebhost.nichost.ru
RU-CENTER-RU (n/a)
2016-07-12 14:35Distribution SiteLocky
nicesound.biz
ENOM, INC. (n/a)
2016-07-12 14:35Distribution SiteLocky
heonybaby.synology.me
GoDaddy.com, LLC (n/a)
2016-07-12 14:34Distribution SiteLocky
ostrovokkrasoty.ru
RU-CENTER-RU195.208.1.106 (- Russian Federation)
2016-07-12 14:34Distribution SiteLocky
mcpf.co.za
197.221.10.206 (- South Africa)
2016-07-12 14:34Distribution SiteLocky
rigoberto.com.br
(n/a)
2016-07-12 14:34Distribution SiteLocky
hanaweb.xsrv.jp
210.188.201.42 (- Japan)
2016-07-12 14:34Distribution SiteLocky
stylespiritdubai.com
GODADDY.COM, LLC204.11.56.48 (- Virgin Islands)
2016-07-12 14:34Distribution SiteLocky
diablitos.no
(n/a)
2016-07-12 14:34Distribution SiteLocky
ialri.net
GODADDY.COM, LLC50.63.202.91 (- United States)
2016-07-12 14:34Distribution SiteLocky
zakagimebel.ru
RU-CENTER-RU (n/a)
2016-07-12 14:34Distribution SiteLocky
www.cristaleriadominguez.com
NOMINALIA INTERNET S.L.62.42.230.17 (- Spain)
2016-07-12 14:34Distribution SiteLocky
jsbaden.jemk.ch
Hostpoint AG217.26.55.4 (- Switzerland)
2016-07-12 14:34Distribution SiteLocky
aerosfera.ru
RU-CENTER-RU178.210.92.160 (- Russian Federation)
2016-07-12 14:34Distribution SiteLocky
maihama.2jikai-p.net
GMO INTERNET, INC. DBA ONAMAE.CO[...]157.7.144.96 (- Japan)
2016-07-12 14:34Distribution SiteLocky
choogo.net
GABIA, INC.183.101.113.29 (- Korea)
2016-07-12 14:34Distribution SiteLocky
wineroutes.ru
R01-RU77.222.56.73 (- Russian Federation)
2016-07-12 14:34Distribution SiteLocky
zoomwalls.com
GODADDY.COM, LLC67.227.226.241 (- United States)
2016-07-12 14:34Distribution SiteLocky
tvernedra.ru
RU-CENTER-RU178.210.88.28 (- Russian Federation)
2016-07-12 14:34Distribution SiteLocky
eusekkei.co.jp
157.112.183.98 (- Japan)
2016-07-12 14:33Distribution SiteLocky
valsystem.cl
NIC Chile204.93.172.128 (- United States)
2016-07-12 14:33Distribution SiteLocky
control3.com.br
192.185.209.37 (- United States)
2016-07-12 14:33Distribution SiteLocky
kveldeil.no
176.111.200.27 (- Norway)
2016-07-12 14:33Distribution SiteLocky
samaju.se
Zitcom A/S94.231.103.104 (- Denmark)
2016-07-12 14:33Distribution SiteLocky
repair-service.london
GoDaddy160.153.16.21 (- United States)
2016-07-12 14:33Distribution SiteLocky
jstudio.com.my
220.158.200.83 (- Malaysia)
2016-07-12 14:33Distribution SiteLocky
www.ital.com.mx
Akky (Una division de NIC Mexico[...]173.236.228.227 (- United States)
2016-07-12 14:33Distribution SiteLocky
zachphoto.7u.cz
REG-BANAN77.93.211.244 (- Czech Republic)
2016-07-12 14:33Distribution SiteLocky
ppf.com.pk
(n/a)
2016-07-12 14:33Distribution SiteLocky
ferozsons-labs.com
TUCOWS DOMAINS INC.144.208.71.126 (- United States)
2016-07-12 14:33Distribution SiteLocky
www.inextenso.hu
217.116.47.122 (- Hungary)
2016-07-12 10:22Payment SiteCerber
52uo5k3t73ypjije.b7mciu.top
Eranet International Limited (n/a)
2016-07-12 09:35Payment SiteCerber
pmenboeqhyrpvomq.hasterlyston.cloud
Alpnames Limited (n/a)
2016-07-12 07:53Payment SiteCerber
52uo5k3t73ypjije.hlu8yz.top
Eranet International Limited (n/a)
2016-07-12 02:33Payment SiteCerber
pmenboeqhyrpvomq.gletterstan.trade
Alpnames Limited (n/a)
2016-07-11 23:50Payment SiteCerber
52uo5k3t73ypjije.fe98iy.top
Eranet International Limited (n/a)
2016-07-11 23:38Payment SiteCerber
4kqd3hmqgptupi3p.nameuser.site
AlpNames Limited (n/a)
2016-07-11 22:33Payment SiteCerber
52uo5k3t73ypjije.dmrueo.top
Eranet International Limited (n/a)
2016-07-11 22:15Payment SiteCerber
pmenboeqhyrpvomq.azwsxe.top
Eranet International Limited (n/a)
2016-07-11 22:02Payment SiteCerber
4kqd3hmqgptupi3p.ezm0r5.top
Eranet International Limited (n/a)
2016-07-11 21:04Payment SiteCerber
4kqd3hmqgptupi3p.b7mciu.top
Eranet International Limited (n/a)
2016-07-11 17:39Payment SiteCerber
pmenboeqhyrpvomq.fm0cga.top
Eranet International Limited (n/a)
2016-07-11 15:57Payment SiteCerber
52uo5k3t73ypjije.self56.top
Eranet International Limited (n/a)
2016-07-11 15:46Payment SiteCerber
52uo5k3t73ypjije.ddwub3.top
Eranet International Limited (n/a)
2016-07-11 13:27Payment SiteCerber
27lelchgcvs2wpm7.h9ihx3.top
Eranet International Limited (n/a)
2016-07-11 13:25Payment SiteCerber
52uo5k3t73ypjije.ezm0r5.top
Eranet International Limited (n/a)
2016-07-11 13:09Botnet C&CPadCrypt
nehvc5m3fs57dyrz.onion.link
103.198.0.2 (- Singapore)
2016-07-11 11:11Payment SiteTorrentLocker
mz7oyb3v32vshcvk.tormidle.at
(n/a)
2016-07-11 08:15Payment SiteCerber
pmenboeqhyrpvomq.p8rruv.top
Eranet International Limited (n/a)
2016-07-11 06:38Payment SiteCerber
52uo5k3t73ypjije.wins4n.win
Eranet International Limited (n/a)
2016-07-11 04:50Distribution SiteTorrentLocker
siasibisaat.com
GODADDY.COM, LLC (n/a)
2016-07-11 03:31Botnet C&CLocky
eaxpifdtwsv.biz
BIZCN.COM, INC.95.46.114.97 (- Russian Federation)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >