Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-09-14 11:37Distribution SiteLocky
roome.co.il
192.124.249.165 (- United States)
2016-09-14 11:37Distribution SiteLocky
miprimercole.org
PlanetDomain Pty Ltd5.39.82.224 (- France)
2016-09-14 11:37Distribution SiteLocky
kristinchurch.ca
Promo People Inc.70.33.241.150 (- United States)
2016-09-14 11:37Distribution SiteLocky
ygc1688.com
HICHINA ZHICHENG TECHNOLOGY LTD.115.159.97.197 (- China)
2016-09-14 11:37Distribution SiteLocky
olevendingcanarias.com
SOLUCIONES CORPORATIVAS IP, SL139.162.216.32 (- United States)
2016-09-14 11:36Distribution SiteLocky
outformat.com
GODADDY.COM, LLC52.204.129.22 (- United States) +1 A record(s) 54.85.127.70 (AS26496, - United States)
2016-09-14 11:36Distribution SiteLocky
1jamprofit.com
ENOM, INC.139.162.59.65 (- United States)
2016-09-14 11:36Distribution SiteLocky
onlypost.ru
RU-CENTER-RU185.11.246.59 (- Russian Federation)
2016-09-14 02:19Payment SiteCerber
4kqd3hmqgptupi3p.asfall.in
Endurance Domains Technology Pvt[...] (n/a)
2016-09-14 01:22Payment SiteCerber
unocl45trpuoefft.78of7m.bid
Eranet International Limited (n/a)
2016-09-14 00:02Payment SiteCerber
52uo5k3t73ypjije.n8niwa.bid
Eranet International Limited (n/a)
2016-09-13 21:53Payment SiteCerber
52uo5k3t73ypjije.7ud98m.bid
Eranet International Limited (n/a)
2016-09-13 21:53Payment SiteCerber
wjtqjleommc4z46i.c3fz3z.bid
Eranet International Limited (n/a)
2016-09-13 21:38Payment SiteCerber
52uo5k3t73ypjije.bipa9k.bid
Eranet International Limited (n/a)
2016-09-13 15:25Payment SiteCerber
unocl45trpuoefft.36u6mp.bid
Eranet International Limited (n/a)
2016-09-13 13:41Payment SiteCerber
52uo5k3t73ypjije.cc0r87.bid
Eranet International Limited (n/a)
2016-09-13 12:07Payment SiteCerber
unocl45trpuoefft.s7b63k.bid
Eranet International Limited (n/a)
2016-09-13 08:17Payment SiteCerber
52uo5k3t73ypjije.2ym6om.bid
Eranet International Limited (n/a)
2016-09-13 05:17Payment SiteCerber
wjtqjleommc4z46i.jujthy.bid
Eranet International Limited (n/a)
2016-09-12 23:47Payment SiteCerber
52uo5k3t73ypjije.r4z3o5.bid
Eranet International Limited (n/a)
2016-09-12 20:16Payment SiteCerber
52uo5k3t73ypjije.kyjw0g.bid
Eranet International Limited (n/a)
2016-09-12 20:14Payment SiteCerber
unocl45trpuoefft.4bb9vz.bid
Eranet International Limited (n/a)
2016-09-12 19:02Payment SiteCerber
unocl45trpuoefft.l69xgc.bid
Eranet International Limited (n/a)
2016-09-12 17:07Botnet C&CLocky
yofkhfskdyiqo.biz
DYNADOT LLC69.195.129.70 (- United States)
2016-09-12 17:07Botnet C&CLocky
51.255.105.2
51.255.105.2 (- France)
2016-09-12 17:00Payment SiteCerber
unocl45trpuoefft.c3fz3z.bid
Eranet International Limited (n/a)
2016-09-12 16:33Payment SiteCerber
52uo5k3t73ypjije.zed84j.bid
Eranet International Limited (n/a)
2016-09-12 15:29Payment SiteCerber
unocl45trpuoefft.mezy7j.bid
Eranet International Limited (n/a)
2016-09-12 15:29Payment SiteCerber
52uo5k3t73ypjije.nmapwy.bid
Eranet International Limited (n/a)
2016-09-12 15:25Payment SiteCerber
52uo5k3t73ypjije.csdbnk.bid
Eranet International Limited (n/a)
2016-09-12 15:06Payment SiteCerber
52uo5k3t73ypjije.209kai.bid
Eranet International Limited (n/a)
2016-09-12 14:58Payment SiteCerber
unocl45trpuoefft.ttabop.bid
Eranet International Limited (n/a)
2016-09-10 19:02Payment SiteCerber
4kqd3hmqgptupi3p.bestergo.pw
AlpNames Limited (n/a)
2016-09-10 12:31Payment SiteCerber
wjtqjleommc4z46i.bipa9k.bid
Eranet International Limited (n/a)
2016-09-09 20:16Payment SiteCerber
52uo5k3t73ypjije.7j6htz.bid
Eranet International Limited (n/a)
2016-09-09 20:14Payment SiteCerber
4kqd3hmqgptupi3p.mustspace.us
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-09-09 19:04Payment SiteCerber
52uo5k3t73ypjije.i8zh1k.bid
Eranet International Limited (n/a)
2016-09-09 18:46Payment SiteCerber
unocl45trpuoefft.ev6i0x.bid
Eranet International Limited (n/a)
2016-09-09 18:29Payment SiteCerber
wjtqjleommc4z46i.kyjw0g.bid
Eranet International Limited (n/a)
2016-09-09 18:26Payment SiteCerber
unocl45trpuoefft.54m2k3.bid
Eranet International Limited (n/a)
2016-09-09 18:05Payment SiteCerber
52uo5k3t73ypjije.5ctoeb.bid
Eranet International Limited (n/a)
2016-09-09 17:32Payment SiteCerber
4kqd3hmqgptupi3p.seemby.loan
Alpnames Limited (n/a)
2016-09-09 17:27Botnet C&CLocky
91.214.71.101
91.214.71.101 (- Russian Federation)
2016-09-09 17:00Payment SiteCerber
unocl45trpuoefft.kg5bof.bid
Eranet International Limited (n/a)
2016-09-09 16:51Payment SiteCerber
unocl45trpuoefft.lcyznu.bid
Eranet International Limited (n/a)
2016-09-09 16:08Payment SiteCerber
52uo5k3t73ypjije.uwckha.bid
Eranet International Limited (n/a)
2016-09-09 14:53Payment SiteCerber
52uo5k3t73ypjije.9bjnlk.bid
Eranet International Limited (n/a)
2016-09-09 14:53Botnet C&CLocky
ifohvkxmyp.biz
NAMECHEAP, INC.95.211.174.92 (- Netherlands)
2016-09-09 14:46Payment SiteCerber
4kqd3hmqgptupi3p.stageend.link
Alpnames Limited (n/a)
2016-09-09 08:54Payment SiteCerber
4kqd3hmqgptupi3p.5ctoeb.bid
Eranet International Limited (n/a)
2016-09-09 03:29Payment SiteCerber
4kqd3hmqgptupi3p.ownamount.pro
(n/a)
2016-09-08 23:30Payment SiteCerber
4kqd3hmqgptupi3p.foodtopic.mobi
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-09-08 14:55Payment SiteCerber
52uo5k3t73ypjije.rexjyp.bid
Eranet International Limited (n/a)
2016-09-08 12:41Payment SiteCerber
unocl45trpuoefft.3n9lut.bid
Eranet International Limited (n/a)
2016-09-08 10:40Payment SiteCerber
52uo5k3t73ypjije.86rhzr.bid
Eranet International Limited (n/a)
2016-09-08 10:22Distribution SiteLocky
www.association-julescatoire.fr
LIGNE WEB SERVICES - LWS192.162.71.76 (- France)
2016-09-08 10:22Distribution SiteLocky
dcqoutlet.es
134.0.11.123 (- Spain)
2016-09-08 10:22Distribution SiteLocky
www.agridiving.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-09-08 10:22Distribution SiteLocky
sp-moto.ru
REGTIME-RU62.109.31.246 (- Russian Federation)
2016-09-08 10:21Distribution SiteLocky
www.gengokk.co.jp
202.224.59.191 (- Japan)
2016-09-08 10:21Distribution SiteLocky
www.one-clap.jp
202.224.63.6 (- Japan)
2016-09-08 10:21Distribution SiteLocky
www.bytove.jadro.szm.com
GRANSY S.R.O D/B/A SUBREG.CZ85.248.42.103 (- Slovakia)
2016-09-08 10:21Distribution SiteLocky
158.195.68.10
n/a
2016-09-08 10:20Distribution SiteLocky
gam-e20.it
SOLODOMINI-REG85.18.11.68 (- Italy)
2016-09-08 10:20Distribution SiteLocky
www.idiomestarradellas.com
NOMINALIA INTERNET S.L.185.177.152.107 (- Spain)
2016-09-08 10:20Distribution SiteLocky
tst-technik.de
81.24.34.9 (- Germany)
2016-09-08 10:19Distribution SiteLocky
www.rioual.com
OVH213.186.33.19 (- France)
2016-09-08 10:19Distribution SiteLocky
olivier.coroenne.perso.sfr.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-09-08 10:17Distribution SiteLocky
www.gebrvanorsouw.nl
Tele2 zakelijk62.250.4.180 (- Netherlands)
2016-09-08 10:16Distribution SiteLocky
209.41.183.242
n/a
2016-09-08 10:16Distribution SiteLocky
sitio655.vtrbandaancha.net
REGISTER.COM, INC.200.83.4.62 (- Chile)
2016-09-08 10:16Distribution SiteLocky
www.texelvakantiehuisje.nl
Registrar.eu185.27.141.91 (- Netherlands)
2016-09-08 10:16Distribution SiteLocky
www.hung-guan.com.tw
HINET202.133.242.244 (- Taiwan)
2016-09-08 10:14Distribution SiteLocky
www.xolod-teplo.ru
REGTIME-RU87.242.73.75 (- Russian Federation)
2016-09-08 10:14Distribution SiteLocky
fidelitas.heimat.eu
Key-Systems GmbH213.208.133.41 (- Austria)
2016-09-08 10:13Distribution SiteLocky
www.threshold-online.co.uk
Plusnet Plc t/a Madasafish Broad[...]212.159.8.151 (- United Kingdom) +1 A record(s) 212.159.9.151 (AS6871, - United Kingdom)
2016-09-08 10:13Distribution SiteLocky
josemedina.com
TUCOWS DOMAINS INC.67.225.176.60 (- United States)
2016-09-08 10:12Payment SiteCerber
4kqd3hmqgptupi3p.bookjumps.us
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-09-08 10:12Distribution SiteLocky
www.alanmorgan.plus.com
ENOM, INC.212.159.8.91 (- United Kingdom) +1 A record(s) 212.159.9.91 (AS6871, - United Kingdom)
2016-09-08 10:12Distribution SiteLocky
unimet.tmhandel.com
REGISTRYGATE GMBH213.185.87.30 (- Germany)
2016-09-08 10:12Distribution SiteLocky
kreativmanagement.homepage.t-online.de
80.150.6.138 (- Germany)
2016-09-08 10:12Distribution SiteLocky
dashman.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.45 (- United States)
2016-09-08 10:11Distribution SiteLocky
www.aldesco.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-08 10:11Distribution SiteLocky
srxrun.nobody.jp
112.140.42.29 (- Japan)
2016-09-08 10:11Distribution SiteLocky
www.alpstaxi.co.jp
211.134.181.38 (- Japan)
2016-09-08 10:11Distribution SiteLocky
thb-berlin.homepage.t-online.de
80.150.6.138 (- Germany)
2016-09-08 10:10Distribution SiteLocky
www.ccnprodusenaturiste.home.ro
ICI - ROTLD81.196.20.133 (- Romania)
2016-09-08 10:10Distribution SiteLocky
www.mikeg7hen.talktalk.net
ASCIO TECHNOLOGIES, INC. DANMARK[...]62.24.202.31 (- United Kingdom)
2016-09-08 10:10Distribution SiteLocky
dpskaunas.puslapiai.lt
UAB "Interneto vizija"79.98.25.25 (- Lithuania)
2016-09-08 10:10Distribution SiteLocky
www.laribalta.org
Ascio Technologies, Inc. Danmark[...]213.205.38.19 (- Italy)
2016-09-08 10:10Distribution SiteLocky
www.whitakerpd.co.uk
LCN.com Ltd94.126.40.48 (- United Kingdom)
2016-09-08 10:09Distribution SiteLocky
portadeenrolar.ind.br
186.202.126.199 (- Brazil)
2016-09-08 10:09Distribution SiteLocky
www.radicegioielli.com
ASCIO TECHNOLOGIES, INC. DANMARK[...] (n/a)
2016-09-08 10:09Distribution SiteLocky
www.spiritueelcentrumaum.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-09-08 09:56Payment SiteCerber
wjtqjleommc4z46i.i8zh1k.bid
Eranet International Limited (n/a)
2016-09-08 09:29Distribution SiteLocky
canonsupervideo4k.ws
Eranet International Limited (n/a)
2016-09-08 08:07Payment SiteCerber
52uo5k3t73ypjije.sotn58.bid
Eranet International Limited (n/a)
2016-09-08 06:02Payment SiteCerber
52uo5k3t73ypjije.ojesoa.bid
Eranet International Limited (n/a)
2016-09-08 05:56Payment SiteCerber
unocl45trpuoefft.emogew.bid
Eranet International Limited (n/a)
2016-09-08 05:54Payment SiteCerber
52uo5k3t73ypjije.wg00sp.bid
Eranet International Limited (n/a)

# of rows displayed: 100
# of entries in database: 12'828

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 >