Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-09-01 04:58Distribution SiteLocky
smc.psuti.ru
NAUNET-RU94.25.37.27 (- Russian Federation)
2016-09-01 04:58Distribution SiteLocky
enigmes4saisons.perso.sfr.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-09-01 04:58Distribution SiteLocky
lievaux.com
OVH213.186.33.24 (- France)
2016-09-01 04:58Distribution SiteLocky
solesdearequito.tripod.com
CSC CORPORATE DOMAINS, INC.209.202.252.66 (- United States)
2016-09-01 04:58Distribution SiteLocky
www.meta.metro.ru
RU-CENTER-RU195.91.160.34 (- Russian Federation)
2016-09-01 04:58Distribution SiteLocky
tisystems.cz
REG-ZONER77.48.30.93 (- Czech Republic)
2016-09-01 04:58Distribution SiteLocky
virmalw.name
Eranet International Limited (n/a)
2016-09-01 04:57Distribution SiteLocky
onlybest76.xyz
ERANET INTERNATIONAL LIMITED (n/a)
2016-09-01 04:57Distribution SiteLocky
baysigorta.com
ENOM, INC.81.8.0.22 (- Turkey)
2016-09-01 04:57Distribution SiteLocky
www.orad.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-01 04:57Distribution SiteLocky
www.opal.webserwer.pl
Lingua-IT Sp. z o.o.176.32.162.200 (- Poland)
2016-09-01 04:57Distribution SiteLocky
www.daniel-mylle.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-09-01 04:57Distribution SiteLocky
www.carrelliusati.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-01 04:57Distribution SiteLocky
bluechaos.dommel.be
SCHEDOM NV / DOMMEL.COM193.109.184.81 (- Belgium)
2016-09-01 04:57Distribution SiteLocky
www.arrotin.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-09-01 04:57Distribution SiteLocky
hitoribotch.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.49 (- United States)
2016-09-01 04:57Distribution SiteLocky
tombart.bluehost.cz
REG-IGNUM217.11.249.141 (- Czech Republic)
2016-09-01 04:57Distribution SiteLocky
www.osservatoriofigurale.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-01 04:57Distribution SiteLocky
www.macro1990.it
TISCALIDOMAIN-REG89.40.172.12 (- Italy)
2016-09-01 04:56Distribution SiteLocky
www.leuchten-modelle.de
81.169.145.161 (- Germany)
2016-09-01 03:53Payment SiteCerber
unocl45trpuoefft.249isv.bid
Eranet International Limited (n/a)
2016-09-01 02:31Payment SiteCerber
52uo5k3t73ypjije.izyclz.bid
Eranet International Limited (n/a)
2016-09-01 01:34Payment SiteCerber
wjtqjleommc4z46i.srmlzh.bid
Eranet International Limited (n/a)
2016-09-01 00:12Payment SiteCerber
wjtqjleommc4z46i.kt70uk.bid
Eranet International Limited (n/a)
2016-08-31 23:32Payment SiteCerber
unocl45trpuoefft.hawtzr.bid
Eranet International Limited (n/a)
2016-08-31 23:22Payment SiteCerber
pmenboeqhyrpvomq.o8hpwj.top
Eranet International Limited (n/a)
2016-08-31 21:41Payment SiteCerber
52uo5k3t73ypjije.1f1dw3.bid
Eranet International Limited (n/a)
2016-08-31 19:39Payment SiteCerber
wjtqjleommc4z46i.idw6s5.bid
Eranet International Limited (n/a)
2016-08-31 19:26Payment SiteCerber
4kqd3hmqgptupi3p.newrange.link
Alpnames Limited (n/a)
2016-08-31 17:45Payment SiteCerber
wjtqjleommc4z46i.u36ik0.bid
Eranet International Limited (n/a)
2016-08-31 14:30Payment SiteCerber
52uo5k3t73ypjije.a0g0o7.bid
Eranet International Limited (n/a)
2016-08-31 13:00Payment SiteCerber
4kqd3hmqgptupi3p.gg4dgp.bid
Eranet International Limited (n/a)
2016-08-31 10:36Payment SiteCerber
unocl45trpuoefft.j8exy2.bid
Eranet International Limited (n/a)
2016-08-31 09:02Payment SiteCerber
4kqd3hmqgptupi3p.csv7o6.bid
Eranet International Limited (n/a)
2016-08-31 08:22Payment SiteCerber
4kqd3hmqgptupi3p.8kcfnk.bid
Eranet International Limited (n/a)
2016-08-31 07:36Payment SiteCerber
4kqd3hmqgptupi3p.masterany.red
Alpnames Limited (n/a)
2016-08-31 05:12Payment SiteCerber
52uo5k3t73ypjije.gio6f6.bid
Eranet International Limited (n/a)
2016-08-31 02:59Payment SiteCerber
52uo5k3t73ypjije.csv7o6.bid
Eranet International Limited (n/a)
2016-08-31 01:19Payment SiteCerber
4kqd3hmqgptupi3p.2y4t6f.bid
Eranet International Limited (n/a)
2016-08-31 00:20Payment SiteCerber
52uo5k3t73ypjije.f0jlbj.bid
Eranet International Limited (n/a)
2016-08-30 23:38Payment SiteCerber
unocl45trpuoefft.o8hpwj.top
Eranet International Limited (n/a)
2016-08-30 22:50Payment SiteCerber
4kqd3hmqgptupi3p.f0jlbj.bid
Eranet International Limited (n/a)
2016-08-30 22:15Payment SiteCerber
52uo5k3t73ypjije.srmlzh.bid
Eranet International Limited (n/a)
2016-08-30 19:43Payment SiteCerber
52uo5k3t73ypjije.2y4t6f.bid
Eranet International Limited (n/a)
2016-08-30 18:59Payment SiteCerber
unocl45trpuoefft.8kcfnk.bid
Eranet International Limited (n/a)
2016-08-30 18:41Payment SiteCerber
52uo5k3t73ypjije.nh47ri.bid
Eranet International Limited (n/a)
2016-08-30 18:40Payment SiteCerber
unocl45trpuoefft.cm5ohx.bid
Eranet International Limited (n/a)
2016-08-30 17:54Payment SiteCerber
52uo5k3t73ypjije.91006j.bid
Eranet International Limited (n/a)
2016-08-30 17:31Payment SiteCerber
unocl45trpuoefft.ks3ghp.bid
Eranet International Limited (n/a)
2016-08-30 17:03Payment SiteCerber
unocl45trpuoefft.m33d4b.bid
Eranet International Limited (n/a)
2016-08-30 16:47Payment SiteCerber
52uo5k3t73ypjije.cm5ohx.bid
Eranet International Limited (n/a)
2016-08-30 16:22Payment SiteCerber
4kqd3hmqgptupi3p.laterugly.win
Alpnames Limited (n/a)
2016-08-30 15:45Payment SiteCerber
wjtqjleommc4z46i.cm5ohx.bid
Eranet International Limited (n/a)
2016-08-30 15:14Payment SiteCerber
52uo5k3t73ypjije.whmykv.bid
Eranet International Limited (n/a)
2016-08-30 15:08Payment SiteCerber
unocl45trpuoefft.whmykv.bid
Eranet International Limited (n/a)
2016-08-30 14:21Distribution SiteLocky
cmacos.com
WHOISNETWORKS CO., LTD.210.116.96.12 (- Korea)
2016-08-30 14:21Distribution SiteLocky
og-kaiserslautern-kft.de
109.237.140.28 (- Germany)
2016-08-30 14:21Distribution SiteLocky
alians-ekb.ru
RU-CENTER-RU85.12.197.61 (- Russian Federation)
2016-08-30 14:21Distribution SiteLocky
www.vilastefania.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-30 14:21Distribution SiteLocky
marronbridge.ina-ka.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-08-30 14:21Distribution SiteLocky
wolffram.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-30 14:21Distribution SiteLocky
www.sand-mechanic.ru
REGTIME-RU194.63.140.183 (- Russian Federation)
2016-08-30 14:20Distribution SiteLocky
nishinomiyaseijunkai.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.37 (- United States)
2016-08-30 14:20Distribution SiteLocky
arcziuuucity.y0.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 14:20Distribution SiteLocky
chwiladlaciebie.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 14:20Distribution SiteLocky
www.dapaluda.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-30 14:20Distribution SiteLocky
earthkikaku.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.45 (- United States)
2016-08-30 14:20Distribution SiteLocky
nihilismus.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.62 (- United States)
2016-08-30 14:20Distribution SiteLocky
gerochan.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.49 (- United States)
2016-08-30 14:20Distribution SiteLocky
www.lnowak.tkdami.net
OVH88.156.222.94 (- Poland)
2016-08-30 14:20Distribution SiteLocky
www.facturi.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-30 14:20Distribution SiteLocky
lacomete52.perso.sfr.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-08-30 14:20Distribution SiteLocky
www.artx.strefa.pl
Grupa Interia.pl sp. z o.o. sp. [...]217.74.66.167 (- Poland)
2016-08-30 14:20Distribution SiteLocky
gastrohurt.neostrada.pl
AZ.pl Sp. z o.o.217.97.216.17 (- Poland)
2016-08-30 14:20Distribution SiteLocky
muellerfalk.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-30 14:20Distribution SiteLocky
rs-nordsee.de
109.237.140.18 (- Germany)
2016-08-30 14:20Distribution SiteLocky
www.shanty-chor-neuengoers.de
81.169.145.224 (- Germany)
2016-08-30 14:20Distribution SiteLocky
www.peritiassicurativi.org
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-08-30 13:12Payment SiteCerber
52uo5k3t73ypjije.jal9lk.bid
Eranet International Limited (n/a)
2016-08-30 12:20Payment SiteCerber
unocl45trpuoefft.c9kp0o.bid
Eranet International Limited (n/a)
2016-08-30 11:44Payment SiteCerber
unocl45trpuoefft.uso3z0.bid
Eranet International Limited (n/a)
2016-08-30 11:08Distribution SiteLocky
www.roghmann-net.de
(n/a)
2016-08-30 11:08Distribution SiteLocky
kikorpo.com.br
187.45.193.168 (- Brazil)
2016-08-30 11:08Distribution SiteLocky
www.alcamo.org
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-08-30 11:08Distribution SiteLocky
bestcheats.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 11:08Distribution SiteLocky
www.lothaller.net
EPAG DOMAINSERVICES GMBH77.244.243.38 (- Austria)
2016-08-30 11:08Distribution SiteLocky
bzn.c0.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 11:08Distribution SiteLocky
www.danzenicolas.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-30 11:08Distribution SiteLocky
akihitomu.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.61 (- United States)
2016-08-30 11:08Distribution SiteLocky
www.fabioalbini.com
TUCOWS DOMAINS INC.195.78.215.76 (- Italy)
2016-08-30 11:08Distribution SiteLocky
hacca.kitunebi.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-08-30 11:08Distribution SiteLocky
ra-russold.com
KEY-SYSTEMS GMBH86.59.4.231 (- Austria)
2016-08-30 11:08Distribution SiteLocky
11011020.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.37 (- United States)
2016-08-30 11:08Distribution SiteLocky
www.spartania.de
81.169.145.194 (- Germany)
2016-08-30 11:08Distribution SiteLocky
pruszcz.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 11:07Distribution SiteLocky
teixeiraonline.com.br
(n/a)
2016-08-30 11:07Distribution SiteLocky
westcolors.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.62 (- United States)
2016-08-30 11:07Distribution SiteLocky
kikorpo.com.br
187.45.193.168 (- Brazil)
2016-08-30 11:07Distribution SiteLocky
externografico.com
10DENCEHISPAHARD, S.L134.0.10.36 (- Spain)
2016-08-30 11:07Distribution SiteLocky
www.almaservice.it
TISCALIDOMAIN-REG31.11.34.33 (- Italy)

# of rows displayed: 100
# of entries in database: 12'863

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 >