Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-08-19 12:00Distribution SiteLocky
romantschenko.grafi-offshore.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]130.211.84.29 (- United States)
2016-08-19 12:00Distribution SiteLocky
210.118.170.181
n/a
2016-08-19 11:59Distribution SiteLocky
www.assetzone.ro
ICI - ROTLD89.42.223.221 (- Romania)
2016-08-19 09:56Payment SiteCerber
unocl45trpuoefft.uog1ky.bid
Eranet International Limited (n/a)
2016-08-19 09:18Payment SiteCerber
unocl45trpuoefft.sirchi.bid
Eranet International Limited (n/a)
2016-08-19 09:12Payment SiteCerber
52uo5k3t73ypjije.gu7eao.bid
Eranet International Limited (n/a)
2016-08-19 08:00Payment SiteCerber
52uo5k3t73ypjije.rdmwha.bid
Eranet International Limited (n/a)
2016-08-19 07:54Payment SiteCerber
pmenboeqhyrpvomq.89m6y8.bid
Eranet International Limited (n/a)
2016-08-19 07:50Payment SiteCerber
unocl45trpuoefft.60c61d.bid
Eranet International Limited (n/a)
2016-08-19 05:06Payment SiteCerber
52uo5k3t73ypjije.2llgoy.bid
Eranet International Limited (n/a)
2016-08-19 04:58Payment SiteCerber
52uo5k3t73ypjije.1ufr2v.bid
Eranet International Limited (n/a)
2016-08-19 04:19Payment SiteCerber
52uo5k3t73ypjije.4yl1hr.bid
Eranet International Limited (n/a)
2016-08-19 03:59Payment SiteCerber
unocl45trpuoefft.42wunw.bid
Eranet International Limited (n/a)
2016-08-18 20:54Payment SiteCerber
52uo5k3t73ypjije.5vhk5r.bid
Eranet International Limited (n/a)
2016-08-18 20:23Payment SiteCerber
52uo5k3t73ypjije.givxuf.bid
Eranet International Limited (n/a)
2016-08-18 19:27Payment SiteCerber
wjtqjleommc4z46i.kzhzuc.top
Alpnames Limited (n/a)
2016-08-18 18:33Payment SiteCerber
unocl45trpuoefft.efebgv.bid
Eranet International Limited (n/a)
2016-08-18 16:45Payment SiteCerber
52uo5k3t73ypjije.9tftgh.bid
Eranet International Limited (n/a)
2016-08-18 14:39Distribution SiteLocky
punam.dommel.be
SCHEDOM NV / DOMMEL.COM193.109.184.81 (- Belgium)
2016-08-18 14:19Payment SiteCerber
52uo5k3t73ypjije.er05vm.bid
Eranet International Limited (n/a)
2016-08-18 12:01Distribution SiteLocky
sulportale.50webs.com
GODADDY.COM, LLC162.210.101.108 (- United States)
2016-08-18 12:01Distribution SiteLocky
edios.vzpsoft.com
ENOM, INC.91.196.124.73 (- Bulgaria)
2016-08-18 12:01Distribution SiteLocky
concurs.kzh.hi2.ro
ICI - ROTLD (n/a)
2016-08-18 12:01Distribution SiteLocky
www.ceccatobassano.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-18 12:01Distribution SiteLocky
wb4rsun8c.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-18 12:01Distribution SiteLocky
entree22.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-18 12:01Distribution SiteLocky
infocoard.50webs.com
GODADDY.COM, LLC162.210.101.85 (- United States)
2016-08-18 12:01Distribution SiteLocky
www.lechner-maria.de
(n/a)
2016-08-18 12:01Distribution SiteLocky
www.pulsefl.0catch.com
FASTDOMAIN, INC.66.219.202.10 (- United States)
2016-08-18 12:01Distribution SiteLocky
www.unice.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-18 12:01Distribution SiteLocky
www.alexpalmieri.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-08-18 12:01Distribution SiteLocky
zsp17.y0.pl
Abc Hosting Ltd.95.211.144.68 (- Netherlands)
2016-08-18 12:01Distribution SiteLocky
dasproject.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-18 12:01Distribution SiteLocky
hanakago3.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.45 (- United States)
2016-08-18 12:01Distribution SiteLocky
mortony.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-18 12:00Distribution SiteLocky
www.1-anwalt.de
81.169.145.194 (- Germany)
2016-08-18 12:00Distribution SiteLocky
www.bkcelje.50webs.com
GODADDY.COM, LLC (n/a)
2016-08-18 12:00Distribution SiteLocky
www.kdr.easynet.co.uk
Nexinto GmbH t/a Nexinto GmbH212.135.1.93 (- United Kingdom)
2016-08-18 12:00Distribution SiteLocky
www.learnetplus.org
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-08-18 12:00Distribution SiteLocky
www.pizzeriaelite.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-18 12:00Distribution SiteLocky
a-plusrijopleiding.nl
Registrar.eu62.129.139.129 (- Netherlands)
2016-08-18 12:00Distribution SiteLocky
cs-czosnusie.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-18 12:00Distribution SiteLocky
rgcgifuhashima.aikotoba.jp
112.140.42.29 (- Japan)
2016-08-18 12:00Distribution SiteLocky
www.beneli.be
Telenet BVBA5.196.134.168 (- France)
2016-08-18 12:00Distribution SiteLocky
www.fabriziorossi.it
TISCALIDOMAIN-REG31.11.34.35 (- Italy)
2016-08-18 12:00Distribution SiteLocky
ramenman.okoshi-yasu.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-08-18 12:00Distribution SiteLocky
cloud9surfphilippines.com
IN2NET NETWORK, INC.69.161.143.26 (- Canada)
2016-08-18 11:59Distribution SiteLocky
www.jphmvossen.nl
Tele2 zakelijk217.149.192.84 (- Netherlands)
2016-08-18 11:59Distribution SiteLocky
www.parma-vivai.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-18 11:59Distribution SiteLocky
entrematicomstyle.com
NETWORK SOLUTIONS, LLC.81.88.57.70 (- Italy)
2016-08-18 02:33Botnet C&CLocky
qdvkdyvrtpjc.pw
Namecheap208.100.26.234 (- United States)
2016-08-18 01:39Payment SiteCerber
52uo5k3t73ypjije.b2s4ch.bid
Eranet International Limited (n/a)
2016-08-18 01:36Payment SiteCerber
52uo5k3t73ypjije.rv50gt.bid
Eranet International Limited (n/a)
2016-08-18 00:12Payment SiteCerber
52uo5k3t73ypjije.uwazu7.bid
Eranet International Limited (n/a)
2016-08-17 21:07Payment SiteCerber
52uo5k3t73ypjije.01fake.bid
Eranet International Limited (n/a)
2016-08-17 17:56Payment SiteCerber
52uo5k3t73ypjije.ei9evn.top
Alpnames Limited (n/a)
2016-08-17 13:30Distribution SiteLocky
www.athenaph.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-17 13:29Distribution SiteLocky
www.soliferm.com
OVH213.186.33.24 (- France)
2016-08-17 13:28Distribution SiteLocky
www.irisgoetz.net
PSI-USA, INC. DBA DOMAIN ROBOT85.124.51.104 (- Austria)
2016-08-17 13:26Distribution SiteLocky
www.baune.be
OVH213.186.33.4 (- France)
2016-08-17 13:01Distribution SiteLocky
www.spirality.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-17 13:00Distribution SiteLocky
allgaeu-papparatzi.de
80.237.133.218 (- Germany)
2016-08-17 12:58Distribution SiteLocky
sora1221.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.39 (- United States)
2016-08-17 12:36Distribution SiteLocky
cronininc.us
DELUXE SMALL BUSINESS SALES, INC[...]64.29.151.221 (- United States)
2016-08-17 12:35Distribution SiteLocky
alynawebx.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-17 12:34Distribution SiteLocky
littleredcrane.50webs.com
GODADDY.COM, LLC162.210.101.109 (- United States)
2016-08-17 12:33Distribution SiteLocky
www.dog-portrait.com
NETWORK SOLUTIONS, LLC.213.205.40.169 (- Italy)
2016-08-17 12:30Distribution SiteLocky
rund-ums-haus-rosner.de
217.119.54.212 (- Germany)
2016-08-17 12:30Distribution SiteLocky
dou43.rybadm.ru
RU-CENTER-RU91.201.210.24 (- Russian Federation)
2016-08-17 08:11Payment SiteCerber
4kqd3hmqgptupi3p.z8ijgn.bid
Eranet International Limited (n/a)
2016-08-17 07:50Payment SiteTorrentLocker
vrympoqs5ra34nfo.smartbus.at
(n/a)
2016-08-17 07:43Payment SiteTorrentLocker
vrympoqs5ra34nfo.bigbird.at
(n/a)
2016-08-17 05:40Payment SiteTorrentLocker
vrympoqs5ra34nfo.torhelper.pl
EPAG Domainservices GmbH (n/a)
2016-08-17 00:51Payment SiteCerber
52uo5k3t73ypjije.x7fylp.bid
Eranet International Limited (n/a)
2016-08-16 20:25Payment SiteCerber
unocl45trpuoefft.um1x6z.bid
Eranet International Limited (n/a)
2016-08-16 15:12Payment SiteCerber
unocl45trpuoefft.tcly4s.bid
Eranet International Limited (n/a)
2016-08-16 11:52Distribution SiteLocky
hoshiomi.yu-nagi.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-08-16 11:52Distribution SiteLocky
www.netman.plus.com
ENOM, INC.212.159.8.91 (- United Kingdom) +1 A record(s) 212.159.9.91 (AS6871, - United Kingdom)
2016-08-16 11:51Distribution SiteLocky
www.enola.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-16 11:47Distribution SiteLocky
www.gcs-crostolo.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-16 11:47Distribution SiteLocky
www.greatidea.de
212.72.183.216 (- Germany)
2016-08-16 10:53Payment SiteCerber
52uo5k3t73ypjije.tzgwdf.top
Alpnames Limited (n/a)
2016-08-16 10:48Distribution SiteLocky
soma-holidays.co.uk
Fasthosts Internet Ltd78.47.142.219 (- Germany)
2016-08-16 10:48Distribution SiteLocky
gury.com.br
191.252.46.139 (- Brazil)
2016-08-16 10:48Distribution SiteLocky
depic.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-16 10:47Distribution SiteLocky
www.gran.mari-el.ru
RU-CENTER-RU77.40.0.4 (- Russian Federation)
2016-08-16 10:46Distribution SiteLocky
manutencao-de-celulares.com.br
187.45.195.14 (- Brazil)
2016-08-16 10:46Distribution SiteLocky
www.ferienhaus-mesa.at
77.244.243.38 (- Austria)
2016-08-16 10:46Distribution SiteLocky
www.enola.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-16 10:45Distribution SiteLocky
www.gianlucaboezio.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-16 10:45Distribution SiteLocky
fereastrazmeilor.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-16 10:45Distribution SiteLocky
www.heilen-und-entspannen.de
81.169.145.224 (- Germany)
2016-08-16 10:45Distribution SiteLocky
www.batsch-nass.de
185.53.178.9 (- Germany)
2016-08-16 10:45Distribution SiteLocky
www.lefaos.50webs.com
GODADDY.COM, LLC (n/a)
2016-08-16 10:44Distribution SiteLocky
ermt.ikidane.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-08-16 10:44Distribution SiteLocky
www.concime.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]69.172.201.153 (- United States)
2016-08-16 10:44Distribution SiteLocky
testtameshi2009.web.fc2.com
INSTRA CORPORATION PTY, LTD.208.71.106.35 (- United States)
2016-08-16 10:43Distribution SiteLocky
franzi66.50webs.com
GODADDY.COM, LLC198.23.52.96 (- United States)
2016-08-16 10:43Distribution SiteLocky
zarexbytonia.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-16 10:43Distribution SiteLocky
www.mediatoponline.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)

# of rows displayed: 100
# of entries in database: 12'899

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 >