Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-12-20 19:31Distribution SiteLocky
gages-56.com
ENOM, INC.8.5.1.50 (- United States)
2016-12-20 19:31Distribution SiteLocky
isriir.com
TUCOWS DOMAINS INC. (n/a)
2016-12-20 19:31Distribution SiteLocky
nanomedilac.com
TUCOWS DOMAINS INC. (n/a)
2016-12-20 19:31Distribution SiteLocky
hostingjoomla.be
Behostings.be193.105.73.20 (- Belgium)
2016-12-20 19:30Distribution SiteLocky
jayacoat-industries.com.my
116.0.121.235 (- Malaysia)
2016-12-20 19:30Distribution SiteLocky
corlouis.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]209.99.40.223 (- United States)
2016-12-20 19:30Distribution SiteLocky
fallingspringrun.com
GODADDY.COM, LLC192.185.238.132 (- United States)
2016-12-20 19:30Distribution SiteLocky
mplanning.com
JAPAN REGISTRY SERVICES CO., LTD[...]211.9.200.74 (- Japan)
2016-12-20 19:30Distribution SiteLocky
huanlitools.com
HICHINA ZHICHENG TECHNOLOGY LTD.47.99.137.160 (- China)
2016-12-20 19:30Distribution SiteLocky
kakamiao.com
HICHINA ZHICHENG TECHNOLOGY LTD. (n/a)
2016-12-20 19:29Distribution SiteLocky
keralavoter.com
GODADDY.COM, LLC (n/a)
2016-12-20 19:29Distribution SiteLocky
www.langeoog-meerleben.de
217.160.0.166 (- Germany)
2016-12-20 19:29Distribution SiteLocky
www.judo-hattingen.de
217.160.231.175 (- Germany)
2016-12-20 19:29Distribution SiteLocky
minilab.ca
Tucows.com Co.67.205.76.174 (- Canada)
2016-12-20 19:29Distribution SiteLocky
kayju.com
GODADDY.COM, LLC108.160.159.123 (- United States)
2016-12-20 19:29Distribution SiteLocky
webplatter.com
ENOM, INC.146.66.103.209 (- United States)
2016-12-20 19:28Distribution SiteLocky
artlab.co.il
139.162.168.106 (- Germany)
2016-12-20 19:28Distribution SiteLocky
liukeli.cn
成都西维数码科技有限[...]111.230.185.84 (- China)
2016-12-20 19:28Distribution SiteLocky
mk-beauty.de
(n/a)
2016-12-20 19:28Distribution SiteLocky
householdanimals.50webs.com
GODADDY.COM, LLC162.210.101.89 (- United States)
2016-12-20 19:28Distribution SiteLocky
noosnegah.com
REALTIME REGISTER BV (n/a)
2016-12-20 19:28Distribution SiteLocky
seolandia.pl
Consulting Service Sp. z o.o.193.106.106.118 (- Poland)
2016-12-20 19:28Distribution SiteLocky
dwdesigns.us
REGISTER.COM, INC. (n/a)
2016-12-20 19:28Distribution SiteLocky
kmwine.ge
217.147.239.38 (- Georgia)
2016-12-20 19:28Distribution SiteLocky
frankfoeckler.de
91.233.85.206 (- Germany)
2016-12-20 19:28Distribution SiteLocky
jzcolorful.com
35 TECHNOLOGY CO., LTD216.12.169.149 (- United States)
2016-12-20 19:27Distribution SiteLocky
phayamengrai.chiangrai.doae.go.th
T.H.NIC Co., Ltd.122.154.24.201 (- Thailand)
2016-12-20 19:27Distribution SiteLocky
macoinservicios.com
MESH DIGITAL LIMITED176.28.103.205 (- Spain)
2016-12-20 19:27Distribution SiteLocky
revolutionarymom.com
GODADDY.COM, LLC204.11.56.48 (- Virgin Islands)
2016-12-20 19:27Distribution SiteLocky
stav-reporter.ru
REGISTRATOR-RU80.93.176.26 (- Russian Federation)
2016-12-20 19:27Distribution SiteLocky
theservantsoflove.com
ENOM, INC.88.99.3.75 (- Germany)
2016-12-20 19:27Distribution SiteLocky
aministudio.com
GODADDY.COM, LLC69.28.199.100 (- Canada)
2016-12-20 19:27Distribution SiteLocky
paplanindustries.com
ONLINENIC, INC.88.151.100.224 (- Hungary)
2016-12-20 19:27Distribution SiteLocky
www.rencontreparis.org
OVH91.134.167.248 (- France)
2016-12-20 19:26Distribution SiteLocky
ventureorchestra.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]208.91.197.46 (- Virgin Islands)
2016-12-20 19:26Distribution SiteLocky
yorkshire-pm.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]103.11.101.46 (- Hong Kong)
2016-12-20 19:26Distribution SiteLocky
www.junaida.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]157.7.188.240 (- Japan)
2016-12-20 19:26Distribution SiteLocky
ipt.se
SE Direkt89.221.250.15 (- Sweden)
2016-12-20 11:27Distribution SiteLocky
www.inglesenveranoenjavea.com
ENOM, INC. (n/a)
2016-12-20 11:27Distribution SiteLocky
www.grupoaex.es
(n/a)
2016-12-20 11:25Distribution SiteLocky
bluelunar.net
GODADDY.COM, LLC108.167.143.111 (- United States)
2016-12-20 11:25Distribution SiteLocky
guide4health.info
GoDaddy.com, LLC (n/a)
2016-12-20 11:24Distribution SiteLocky
todoalojamiento.es
81.169.245.216 (- Germany)
2016-12-20 11:24Distribution SiteLocky
www.genesisbilling.net
GODADDY.COM, LLC198.57.247.149 (- United States)
2016-12-20 10:40Distribution SiteLocky
pliki-kirbyworld.50webs.com
GODADDY.COM, LLC162.210.101.117 (- United States)
2016-12-20 10:39Distribution SiteLocky
bastacycling.com
HOSTING CONCEPTS B.V. D/B/A OPEN[...]82.150.137.151 (- Netherlands)
2016-12-20 10:38Distribution SiteLocky
halogen.dp.ua
195.248.190.128 (- Ukraine)
2016-12-20 08:00Payment SiteCerber
ffoqr3ug7m726zou.17vj7b.top
Eranet International Limited (n/a)
2016-12-20 07:24Payment SiteCerber
avsxrcoq2q5fgrw2.17vj7b.top
Eranet International Limited (n/a)
2016-12-20 06:18Distribution SiteLocky
drareum.com
KOREA SERVER HOSTING INC. (n/a)
2016-12-20 06:18Distribution SiteLocky
lombardimobili.it
1API-REG162.210.96.129 (- United States)
2016-12-20 06:18Distribution SiteLocky
hansfilz.de
81.169.145.151 (- Germany)
2016-12-20 06:18Distribution SiteLocky
digital1.50webs.com
GODADDY.COM, LLC162.210.101.126 (- United States)
2016-12-20 06:18Distribution SiteLocky
forhealthatividadesfisicas.com
ENOM, INC.189.38.86.17 (- Brazil)
2016-12-20 06:18Distribution SiteLocky
lib.yoll.net
LIQUIDNET LTD.198.23.52.92 (- United States)
2016-12-20 06:17Distribution SiteLocky
alavatotal.com
DOMAINPEOPLE, INC. (n/a)
2016-12-20 06:17Distribution SiteLocky
drzalai.hu
178.63.68.72 (- Germany)
2016-12-20 06:17Distribution SiteLocky
hiveapps.co
GODADDY.COM, INC.50.63.202.55 (- United States)
2016-12-20 06:17Distribution SiteLocky
followme.si
Gorec d.o.o., registracija domen (n/a)
2016-12-20 06:17Distribution SiteLocky
bummeln-um-die-welt.de
(n/a)
2016-12-20 06:17Distribution SiteLocky
www.cryoniq.com
GODADDY.COM, LLC37.9.175.23 (- Slovakia)
2016-12-20 06:17Distribution SiteLocky
hennesseywelding.com
TUCOWS DOMAINS INC. (n/a)
2016-12-20 06:17Distribution SiteLocky
chmedonline.com
BEIJING INNOVATIVE LINKAGE TECHN[...]45.192.120.185 (- South Africa)
2016-12-20 06:16Distribution SiteLocky
deltaclub.org
Register.com, Inc.50.59.205.101 (- United States)
2016-12-20 06:16Distribution SiteLocky
www.galerie-idees.fr
OVH213.186.33.5 (- France)
2016-12-20 06:16Distribution SiteLocky
faithfull.kdm.pl
AZ.pl Sp. z o.o.193.239.80.67 (- Poland)
2016-12-20 06:16Distribution SiteLocky
designerdogwear.com
ENOM, INC.172.104.50.36 (- Singapore)
2016-12-20 06:16Distribution SiteLocky
jira.fastfine.ru
REGRU-RU109.69.62.220 (- United Kingdom)
2016-12-20 06:16Distribution SiteLocky
elfrasha.com
GODADDY.COM, LLC208.91.197.46 (- Virgin Islands)
2016-12-20 06:16Distribution SiteLocky
conor.com.mx
Akky (Una division de NIC Mexico[...]192.185.131.113 (- United States)
2016-12-20 06:16Distribution SiteLocky
hanavanpools.com
DOMAINPEOPLE, INC. (n/a)
2016-12-20 01:00Payment SiteCerber
fnmi62725zfti2vy.17vj7b.top
Eranet International Limited (n/a)
2016-12-19 19:48Payment SiteCerber
ftoxmpdipwobp4qy.17vj7b.top
Eranet International Limited (n/a)
2016-12-19 14:02Distribution SiteLocky
baugildealtmark.de
54.72.9.51 (- Ireland)
2016-12-19 14:02Distribution SiteLocky
023pc.cn
烟台帝思普网络科技有[...] (n/a)
2016-12-19 14:02Distribution SiteLocky
audehd.com
KOREA SERVER HOSTING INC. (n/a)
2016-12-19 14:02Distribution SiteLocky
aguamineralsantacruz.com.br
(n/a)
2016-12-19 14:02Distribution SiteLocky
www.foyerstg.pro
109.234.160.29 (- France)
2016-12-19 14:02Distribution SiteLocky
delreywindows.com
NETWORK SOLUTIONS, LLC.24.154.1.97 (- United States)
2016-12-19 14:02Distribution SiteLocky
democracyandsecurity.org
Gransy s.r.o. d/b/a subreg.cz185.183.8.169 (- Czech Republic)
2016-12-19 14:01Distribution SiteLocky
allard-g.be
Telenet BVBA185.35.52.164 (- Belgium)
2016-12-19 14:01Distribution SiteLocky
aspecta-aso.net
GMO INTERNET, INC. DBA ONAMAE.CO[...]157.7.188.176 (- Japan)
2016-12-19 14:01Distribution SiteLocky
audreyetsteve.fr
OVH37.187.126.106 (- France)
2016-12-19 14:01Distribution SiteLocky
brainfreezeapp.com
GODADDY.COM, LLC (n/a)
2016-12-19 14:01Distribution SiteLocky
bperes.com.br
187.45.240.114 (- Brazil)
2016-12-19 14:01Distribution SiteLocky
www.neumayr-alkoven.com
WORLD4YOU INTERNET SERVICES GMBH122.209.220.2 (- Japan)
2016-12-19 14:01Distribution SiteLocky
birdhausdesign.com
DOMAINPEOPLE, INC.64.71.33.17 (- United States)
2016-12-19 14:01Distribution SiteLocky
garosero5.com
KOREA SERVER HOSTING INC. (n/a)
2016-12-19 14:00Distribution SiteLocky
as-kanal-rohrreinigung.de
85.13.144.197 (- Germany)
2016-12-19 14:00Distribution SiteLocky
www.globalchristiantrust.com
123-REG LIMITED109.68.33.25 (- United Kingdom)
2016-12-19 14:00Distribution SiteLocky
factoryfreeapparel.com
1&1 INTERNET SE195.22.26.248 (- Portugal)
2016-12-18 13:20Botnet C&CLocky
dolfexalto.com
GRANSY S.R.O D/B/A SUBREG.CZ185.162.8.94 (- Netherlands)
2016-12-18 08:02Payment SiteCerber
ffoqr3ug7m726zou.13inb1.top
Eranet International Limited (n/a)
2016-12-18 07:46Payment SiteCerber
avsxrcoq2q5fgrw2.13inb1.top
Eranet International Limited (n/a)
2016-12-18 07:26Payment SiteCerber
pe2cku7pebkpgeko.13inb1.top
Eranet International Limited (n/a)
2016-12-18 03:46Payment SiteCerber
fnmi62725zfti2vy.13inb1.top
Eranet International Limited (n/a)
2016-12-16 17:15Distribution SiteLocky
kirulya.com
GODADDY.COM, LLC37.48.103.240 (- Netherlands)
2016-12-16 17:15Distribution SiteLocky
www.servipisos.com.ar
190.105.238.43 (- Argentina)
2016-12-16 17:15Distribution SiteLocky
kayamuh.sarf.com.tr
(n/a)
2016-12-16 17:15Distribution SiteLocky
ilasd.org
GoDaddy.com, LLC130.211.230.135 (- United States)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >