Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-09-01 05:25Distribution SiteLocky
roger.pierrieau.perso.sfr.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-09-01 05:25Distribution SiteLocky
w07q93g5g.homepage.t-online.de
80.150.6.138 (- Germany)
2016-09-01 05:25Distribution SiteLocky
www.ieslamerced.es
62.42.230.17 (- Spain)
2016-09-01 05:25Distribution SiteLocky
18vek.spb.ru
RU-CENTER-RU217.148.216.220 (- Russian Federation)
2016-09-01 05:24Distribution SiteLocky
nkbzryw.republika.pl
Domeny.pl sp. z o.o.213.180.150.17 (- Poland)
2016-09-01 05:24Distribution SiteLocky
www.hotelancorariviera.com
REGISTER.IT SPA80.91.55.42 (- Italy)
2016-09-01 05:24Distribution SiteLocky
alc-okadakogyo.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]210.157.28.18 (- Japan)
2016-09-01 05:24Distribution SiteLocky
www.personalshoppingservice.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-01 05:24Distribution SiteLocky
a-tconsulting.co.uk
Plusnet Plc t/a Plusnet PLC212.159.8.91 (- United Kingdom) +1 A record(s) 212.159.9.91 (AS6871, - United Kingdom)
2016-09-01 05:06Payment SiteCerber
wjtqjleommc4z46i.m33d4b.bid
Eranet International Limited (n/a)
2016-09-01 05:03Distribution SiteLocky
www.drvandenbroeck.be
Telenet BVBA195.130.132.84 (- Belgium)
2016-09-01 05:03Distribution SiteLocky
hikodge.zashiki.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-09-01 05:03Distribution SiteLocky
specialist.homepage.t-online.de
80.150.6.138 (- Germany)
2016-09-01 05:03Distribution SiteLocky
web2.v45.ncsrv.de
89.110.144.59 (- Germany)
2016-09-01 05:02Distribution SiteLocky
cyfrowemotywy.cba.pl
Abc Hosting Ltd.95.211.80.4 (- Netherlands)
2016-09-01 05:02Distribution SiteLocky
www.plastimonza.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-09-01 05:02Payment SiteCerber
unocl45trpuoefft.j0cia7.bid
Eranet International Limited (n/a)
2016-09-01 05:02Distribution SiteLocky
www.mediawareonline.it
INIT-REG212.104.43.3 (- Italy)
2016-09-01 05:02Distribution SiteLocky
www.smoes.net
TUCOWS DOMAINS INC.62.173.164.20 (- Italy)
2016-09-01 05:02Distribution SiteLocky
kallait.szm.com
GRANSY S.R.O D/B/A SUBREG.CZ85.248.42.103 (- Slovakia)
2016-09-01 05:02Payment SiteCerber
pmenboeqhyrpvomq.8kcfnk.bid
Eranet International Limited (n/a)
2016-09-01 05:01Payment SiteCerber
wjtqjleommc4z46i.whmykv.bid
Eranet International Limited (n/a)
2016-09-01 05:01Distribution SiteLocky
ventkanal.ru
REGISTRATOR-RU90.156.201.107 (- Russian Federation) +3 A record(s) 90.156.201.118 (AS25532, - Russian Federation)
90.156.201.79 (AS25532, - Russian Federation)
90.156.201.97 (AS25532, - Russian Federation)
2016-09-01 05:01Distribution SiteLocky
www.energetica.it
TISCALIDOMAIN-REG31.11.34.18 (- Italy)
2016-09-01 05:01Distribution SiteLocky
www.jramirez.com
NOMINALIA INTERNET S.L.151.80.196.96 (- France)
2016-09-01 05:01Distribution SiteLocky
jago-computerservice.homepage.t-online.de
80.150.6.138 (- Germany)
2016-09-01 05:01Distribution SiteLocky
www.shivartatoo.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-09-01 05:01Distribution SiteLocky
w92k6t3fp.homepage.t-online.de
80.150.6.138 (- Germany)
2016-09-01 05:01Distribution SiteLocky
wishmaster.dommel.be
SCHEDOM NV / DOMMEL.COM193.109.184.81 (- Belgium)
2016-09-01 05:00Distribution SiteLocky
angeluna.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.48 (- United States)
2016-09-01 05:00Distribution SiteLocky
www.visionaero.com
NETWORK SOLUTIONS, LLC.64.71.34.45 (- United States)
2016-09-01 05:00Distribution SiteLocky
web529.can29.de
188.138.66.29 (- Germany)
2016-09-01 05:00Distribution SiteLocky
ydona.ru
RU-CENTER-RU195.208.1.143 (- Russian Federation)
2016-09-01 05:00Distribution SiteLocky
clubofmalw.ws
Eranet International Limited (n/a)
2016-09-01 04:59Distribution SiteLocky
vinciunion.co.th
T.H.NIC Co., Ltd.103.246.18.22 (- Thailand)
2016-09-01 04:59Distribution SiteLocky
vividena.yukihotaru.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-09-01 04:59Distribution SiteLocky
www.cap114.fr
OVH213.186.33.24 (- France)
2016-09-01 04:59Distribution SiteLocky
tadayou.soragoto.net
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-09-01 04:59Distribution SiteLocky
wkq7ju89y.homepage.t-online.de
80.150.6.138 (- Germany)
2016-09-01 04:59Distribution SiteLocky
www.yerridixielandband.jazztel.es
(n/a)
2016-09-01 04:58Distribution SiteLocky
pkgame.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-09-01 04:58Distribution SiteLocky
wk0mez2k5.homepage.t-online.de
80.150.6.138 (- Germany)
2016-09-01 04:58Distribution SiteLocky
www.elba-scaglieri.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-09-01 04:58Distribution SiteLocky
twup.com.br
187.45.240.5 (- Brazil)
2016-09-01 04:58Distribution SiteLocky
enigmes4saisons.perso.sfr.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-09-01 04:58Distribution SiteLocky
lievaux.com
OVH213.186.33.24 (- France)
2016-09-01 04:58Distribution SiteLocky
solesdearequito.tripod.com
CSC CORPORATE DOMAINS, INC.209.202.252.50 (- United States)
2016-09-01 04:58Distribution SiteLocky
virmalw.name
Eranet International Limited (n/a)
2016-09-01 04:57Distribution SiteLocky
onlybest76.xyz
(n/a)
2016-09-01 04:57Distribution SiteLocky
baysigorta.com
ENOM, INC.81.8.0.22 (- Turkey)
2016-09-01 04:57Distribution SiteLocky
www.orad.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-01 04:57Distribution SiteLocky
www.opal.webserwer.pl
Lingua-IT Sp. z o.o.176.32.162.200 (- Poland)
2016-09-01 04:57Distribution SiteLocky
www.daniel-mylle.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-09-01 04:57Distribution SiteLocky
bluechaos.dommel.be
SCHEDOM NV / DOMMEL.COM193.109.184.81 (- Belgium)
2016-09-01 04:57Distribution SiteLocky
tombart.bluehost.cz
REG-IGNUM217.11.249.141 (- Czech Republic)
2016-09-01 04:57Distribution SiteLocky
www.osservatoriofigurale.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-01 03:53Payment SiteCerber
unocl45trpuoefft.249isv.bid
Eranet International Limited (n/a)
2016-09-01 02:31Payment SiteCerber
52uo5k3t73ypjije.izyclz.bid
Eranet International Limited (n/a)
2016-09-01 01:34Payment SiteCerber
wjtqjleommc4z46i.srmlzh.bid
Eranet International Limited (n/a)
2016-09-01 00:12Payment SiteCerber
wjtqjleommc4z46i.kt70uk.bid
Eranet International Limited (n/a)
2016-08-31 23:32Payment SiteCerber
unocl45trpuoefft.hawtzr.bid
Eranet International Limited (n/a)
2016-08-31 23:22Payment SiteCerber
pmenboeqhyrpvomq.o8hpwj.top
Eranet International Limited (n/a)
2016-08-31 21:41Payment SiteCerber
52uo5k3t73ypjije.1f1dw3.bid
Eranet International Limited (n/a)
2016-08-31 19:39Payment SiteCerber
wjtqjleommc4z46i.idw6s5.bid
Eranet International Limited (n/a)
2016-08-31 19:26Payment SiteCerber
4kqd3hmqgptupi3p.newrange.link
Alpnames Limited (n/a)
2016-08-31 17:45Payment SiteCerber
wjtqjleommc4z46i.u36ik0.bid
Eranet International Limited (n/a)
2016-08-31 14:30Payment SiteCerber
52uo5k3t73ypjije.a0g0o7.bid
Eranet International Limited (n/a)
2016-08-31 13:00Payment SiteCerber
4kqd3hmqgptupi3p.gg4dgp.bid
Eranet International Limited (n/a)
2016-08-31 10:36Payment SiteCerber
unocl45trpuoefft.j8exy2.bid
Eranet International Limited (n/a)
2016-08-31 09:02Payment SiteCerber
4kqd3hmqgptupi3p.csv7o6.bid
Eranet International Limited (n/a)
2016-08-31 08:22Payment SiteCerber
4kqd3hmqgptupi3p.8kcfnk.bid
Eranet International Limited (n/a)
2016-08-31 07:36Payment SiteCerber
4kqd3hmqgptupi3p.masterany.red
(n/a)
2016-08-31 05:12Payment SiteCerber
52uo5k3t73ypjije.gio6f6.bid
Eranet International Limited (n/a)
2016-08-31 02:59Payment SiteCerber
52uo5k3t73ypjije.csv7o6.bid
Eranet International Limited (n/a)
2016-08-31 01:19Payment SiteCerber
4kqd3hmqgptupi3p.2y4t6f.bid
Eranet International Limited (n/a)
2016-08-31 00:20Payment SiteCerber
52uo5k3t73ypjije.f0jlbj.bid
Eranet International Limited (n/a)
2016-08-30 23:38Payment SiteCerber
unocl45trpuoefft.o8hpwj.top
Eranet International Limited (n/a)
2016-08-30 22:50Payment SiteCerber
4kqd3hmqgptupi3p.f0jlbj.bid
Eranet International Limited (n/a)
2016-08-30 22:15Payment SiteCerber
52uo5k3t73ypjije.srmlzh.bid
Eranet International Limited (n/a)
2016-08-30 19:43Payment SiteCerber
52uo5k3t73ypjije.2y4t6f.bid
Eranet International Limited (n/a)
2016-08-30 18:59Payment SiteCerber
unocl45trpuoefft.8kcfnk.bid
Eranet International Limited (n/a)
2016-08-30 18:41Payment SiteCerber
52uo5k3t73ypjije.nh47ri.bid
Eranet International Limited (n/a)
2016-08-30 18:40Payment SiteCerber
unocl45trpuoefft.cm5ohx.bid
Eranet International Limited (n/a)
2016-08-30 17:54Payment SiteCerber
52uo5k3t73ypjije.91006j.bid
Eranet International Limited (n/a)
2016-08-30 17:31Payment SiteCerber
unocl45trpuoefft.ks3ghp.bid
Eranet International Limited (n/a)
2016-08-30 17:03Payment SiteCerber
unocl45trpuoefft.m33d4b.bid
Eranet International Limited (n/a)
2016-08-30 16:47Payment SiteCerber
52uo5k3t73ypjije.cm5ohx.bid
Eranet International Limited (n/a)
2016-08-30 16:22Payment SiteCerber
4kqd3hmqgptupi3p.laterugly.win
Alpnames Limited (n/a)
2016-08-30 15:45Payment SiteCerber
wjtqjleommc4z46i.cm5ohx.bid
Eranet International Limited (n/a)
2016-08-30 15:14Payment SiteCerber
52uo5k3t73ypjije.whmykv.bid
Eranet International Limited (n/a)
2016-08-30 15:08Payment SiteCerber
unocl45trpuoefft.whmykv.bid
Eranet International Limited (n/a)
2016-08-30 14:21Distribution SiteLocky
cmacos.com
WHOISNETWORKS CO., LTD.210.116.96.12 (- Korea)
2016-08-30 14:21Distribution SiteLocky
og-kaiserslautern-kft.de
109.237.140.28 (- Germany)
2016-08-30 14:21Distribution SiteLocky
alians-ekb.ru
RU-CENTER-RU85.12.197.61 (- Russian Federation)
2016-08-30 14:21Distribution SiteLocky
www.vilastefania.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-30 14:21Distribution SiteLocky
marronbridge.ina-ka.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-08-30 14:21Distribution SiteLocky
wolffram.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-30 14:21Distribution SiteLocky
www.sand-mechanic.ru
REGTIME-RU194.63.140.183 (- Russian Federation)
2016-08-30 14:20Distribution SiteLocky
nishinomiyaseijunkai.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.37 (- United States)
2016-08-30 14:20Distribution SiteLocky
arcziuuucity.y0.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)

# of rows displayed: 100
# of entries in database: 9'210

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 >