Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-09-01 04:59Distribution SiteLocky
vividena.yukihotaru.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-09-01 04:59Distribution SiteLocky
www.cap114.fr
OVH213.186.33.24 (- France)
2016-09-01 04:59Distribution SiteLocky
tadayou.soragoto.net
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-09-01 04:59Distribution SiteLocky
wkq7ju89y.homepage.t-online.de
80.150.6.138 (- Germany)
2016-09-01 04:59Distribution SiteLocky
newt150.tripod.com
CSC CORPORATE DOMAINS, INC.209.202.252.66 (- United States)
2016-09-01 04:59Distribution SiteLocky
www.yerridixielandband.jazztel.es
(n/a)
2016-09-01 04:59Distribution SiteLocky
foodbiz-net.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]211.13.196.136 (- Japan)
2016-09-01 04:58Distribution SiteLocky
pkgame.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-09-01 04:58Distribution SiteLocky
wk0mez2k5.homepage.t-online.de
80.150.6.138 (- Germany)
2016-09-01 04:58Distribution SiteLocky
www.elba-scaglieri.com
ASCIO TECHNOLOGIES, INC. DANMARK[...] (n/a)
2016-09-01 04:58Distribution SiteLocky
twup.com.br
187.45.240.5 (- Brazil)
2016-09-01 04:58Distribution SiteLocky
smc.psuti.ru
NAUNET-RU94.25.37.27 (- Russian Federation)
2016-09-01 04:58Distribution SiteLocky
enigmes4saisons.perso.sfr.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-09-01 04:58Distribution SiteLocky
lievaux.com
OVH213.186.33.24 (- France)
2016-09-01 04:58Distribution SiteLocky
solesdearequito.tripod.com
CSC CORPORATE DOMAINS, INC.209.202.252.66 (- United States)
2016-09-01 04:58Distribution SiteLocky
www.meta.metro.ru
RU-CENTER-RU195.91.160.34 (- Russian Federation)
2016-09-01 04:58Distribution SiteLocky
tisystems.cz
REG-ZONER77.48.30.93 (- Czech Republic)
2016-09-01 04:58Distribution SiteLocky
virmalw.name
Eranet International Limited (n/a)
2016-09-01 04:57Distribution SiteLocky
onlybest76.xyz
ERANET INTERNATIONAL LIMITED (n/a)
2016-09-01 04:57Distribution SiteLocky
baysigorta.com
ENOM, INC.81.8.0.34 (- Turkey)
2016-09-01 04:57Distribution SiteLocky
www.orad.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-01 04:57Distribution SiteLocky
www.opal.webserwer.pl
Lingua-IT Sp. z o.o.176.32.162.200 (- Poland)
2016-09-01 04:57Distribution SiteLocky
www.daniel-mylle.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-09-01 04:57Distribution SiteLocky
www.carrelliusati.it
TISCALIDOMAIN-REG192.155.81.104 (- United States)
2016-09-01 04:57Distribution SiteLocky
bluechaos.dommel.be
SCHEDOM NV / DOMMEL.COM (n/a)
2016-09-01 04:57Distribution SiteLocky
www.arrotin.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-09-01 04:57Distribution SiteLocky
hitoribotch.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.42 (- United States)
2016-09-01 04:57Distribution SiteLocky
tombart.bluehost.cz
REG-IGNUM217.11.249.141 (- Czech Republic)
2016-09-01 04:57Distribution SiteLocky
www.osservatoriofigurale.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-01 04:57Distribution SiteLocky
www.macro1990.it
TISCALIDOMAIN-REG89.40.173.228 (- Italy)
2016-09-01 04:56Distribution SiteLocky
www.leuchten-modelle.de
81.169.145.161 (- Germany)
2016-09-01 03:53Payment SiteCerber
unocl45trpuoefft.249isv.bid
Eranet International Limited (n/a)
2016-09-01 02:31Payment SiteCerber
52uo5k3t73ypjije.izyclz.bid
Eranet International Limited (n/a)
2016-09-01 01:34Payment SiteCerber
wjtqjleommc4z46i.srmlzh.bid
Eranet International Limited (n/a)
2016-09-01 00:12Payment SiteCerber
wjtqjleommc4z46i.kt70uk.bid
Eranet International Limited (n/a)
2016-08-31 23:32Payment SiteCerber
unocl45trpuoefft.hawtzr.bid
Eranet International Limited (n/a)
2016-08-31 23:22Payment SiteCerber
pmenboeqhyrpvomq.o8hpwj.top
Eranet International Limited (n/a)
2016-08-31 21:41Payment SiteCerber
52uo5k3t73ypjije.1f1dw3.bid
Eranet International Limited (n/a)
2016-08-31 19:39Payment SiteCerber
wjtqjleommc4z46i.idw6s5.bid
Eranet International Limited (n/a)
2016-08-31 19:26Payment SiteCerber
4kqd3hmqgptupi3p.newrange.link
Alpnames Limited (n/a)
2016-08-31 17:45Payment SiteCerber
wjtqjleommc4z46i.u36ik0.bid
Eranet International Limited (n/a)
2016-08-31 14:30Payment SiteCerber
52uo5k3t73ypjije.a0g0o7.bid
Eranet International Limited (n/a)
2016-08-31 13:00Payment SiteCerber
4kqd3hmqgptupi3p.gg4dgp.bid
Eranet International Limited (n/a)
2016-08-31 10:36Payment SiteCerber
unocl45trpuoefft.j8exy2.bid
Eranet International Limited (n/a)
2016-08-31 09:02Payment SiteCerber
4kqd3hmqgptupi3p.csv7o6.bid
Eranet International Limited (n/a)
2016-08-31 08:22Payment SiteCerber
4kqd3hmqgptupi3p.8kcfnk.bid
Eranet International Limited (n/a)
2016-08-31 07:36Payment SiteCerber
4kqd3hmqgptupi3p.masterany.red
Alpnames Limited (n/a)
2016-08-31 05:12Payment SiteCerber
52uo5k3t73ypjije.gio6f6.bid
Eranet International Limited (n/a)
2016-08-31 02:59Payment SiteCerber
52uo5k3t73ypjije.csv7o6.bid
Eranet International Limited (n/a)
2016-08-31 01:19Payment SiteCerber
4kqd3hmqgptupi3p.2y4t6f.bid
Eranet International Limited (n/a)
2016-08-31 00:20Payment SiteCerber
52uo5k3t73ypjije.f0jlbj.bid
Eranet International Limited (n/a)
2016-08-30 23:38Payment SiteCerber
unocl45trpuoefft.o8hpwj.top
Eranet International Limited (n/a)
2016-08-30 22:50Payment SiteCerber
4kqd3hmqgptupi3p.f0jlbj.bid
Eranet International Limited (n/a)
2016-08-30 22:15Payment SiteCerber
52uo5k3t73ypjije.srmlzh.bid
Eranet International Limited (n/a)
2016-08-30 19:43Payment SiteCerber
52uo5k3t73ypjije.2y4t6f.bid
Eranet International Limited (n/a)
2016-08-30 18:59Payment SiteCerber
unocl45trpuoefft.8kcfnk.bid
Eranet International Limited (n/a)
2016-08-30 18:41Payment SiteCerber
52uo5k3t73ypjije.nh47ri.bid
Eranet International Limited (n/a)
2016-08-30 18:40Payment SiteCerber
unocl45trpuoefft.cm5ohx.bid
Eranet International Limited (n/a)
2016-08-30 17:54Payment SiteCerber
52uo5k3t73ypjije.91006j.bid
Eranet International Limited (n/a)
2016-08-30 17:31Payment SiteCerber
unocl45trpuoefft.ks3ghp.bid
Eranet International Limited (n/a)
2016-08-30 17:03Payment SiteCerber
unocl45trpuoefft.m33d4b.bid
Eranet International Limited (n/a)
2016-08-30 16:47Payment SiteCerber
52uo5k3t73ypjije.cm5ohx.bid
Eranet International Limited (n/a)
2016-08-30 16:22Payment SiteCerber
4kqd3hmqgptupi3p.laterugly.win
Alpnames Limited (n/a)
2016-08-30 15:45Payment SiteCerber
wjtqjleommc4z46i.cm5ohx.bid
Eranet International Limited (n/a)
2016-08-30 15:14Payment SiteCerber
52uo5k3t73ypjije.whmykv.bid
Eranet International Limited (n/a)
2016-08-30 15:08Payment SiteCerber
unocl45trpuoefft.whmykv.bid
Eranet International Limited (n/a)
2016-08-30 14:21Distribution SiteLocky
cmacos.com
WHOISNETWORKS CO., LTD.210.116.96.12 (- Korea)
2016-08-30 14:21Distribution SiteLocky
og-kaiserslautern-kft.de
72.52.4.119 (- United States)
2016-08-30 14:21Distribution SiteLocky
alians-ekb.ru
RU-CENTER-RU85.12.197.61 (- Russian Federation)
2016-08-30 14:21Distribution SiteLocky
www.vilastefania.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-30 14:21Distribution SiteLocky
marronbridge.ina-ka.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-08-30 14:21Distribution SiteLocky
wolffram.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-30 14:21Distribution SiteLocky
www.sand-mechanic.ru
REGTIME-RU194.63.140.183 (- Russian Federation)
2016-08-30 14:20Distribution SiteLocky
nishinomiyaseijunkai.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.46 (- United States)
2016-08-30 14:20Distribution SiteLocky
arcziuuucity.y0.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 14:20Distribution SiteLocky
chwiladlaciebie.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 14:20Distribution SiteLocky
www.dapaluda.it
TISCALIDOMAIN-REG (n/a)
2016-08-30 14:20Distribution SiteLocky
earthkikaku.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.44 (- United States)
2016-08-30 14:20Distribution SiteLocky
nihilismus.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.133 (- United States)
2016-08-30 14:20Distribution SiteLocky
gerochan.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.42 (- United States)
2016-08-30 14:20Distribution SiteLocky
www.lnowak.tkdami.net
OVH88.156.222.94 (- Poland)
2016-08-30 14:20Distribution SiteLocky
www.facturi.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-30 14:20Distribution SiteLocky
lacomete52.perso.sfr.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-08-30 14:20Distribution SiteLocky
www.artx.strefa.pl
Grupa Interia.pl sp. z o.o. sp. [...]217.74.65.23 (- Poland)
2016-08-30 14:20Distribution SiteLocky
gastrohurt.neostrada.pl
AZ.pl Sp. z o.o.217.97.216.17 (- Poland)
2016-08-30 14:20Distribution SiteLocky
muellerfalk.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-30 14:20Distribution SiteLocky
rs-nordsee.de
(n/a)
2016-08-30 14:20Distribution SiteLocky
www.shanty-chor-neuengoers.de
81.169.145.224 (- Germany)
2016-08-30 14:20Distribution SiteLocky
www.peritiassicurativi.org
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-08-30 13:12Payment SiteCerber
52uo5k3t73ypjije.jal9lk.bid
Eranet International Limited (n/a)
2016-08-30 12:20Payment SiteCerber
unocl45trpuoefft.c9kp0o.bid
Eranet International Limited (n/a)
2016-08-30 11:44Payment SiteCerber
unocl45trpuoefft.uso3z0.bid
Eranet International Limited (n/a)
2016-08-30 11:08Distribution SiteLocky
www.roghmann-net.de
(n/a)
2016-08-30 11:08Distribution SiteLocky
kikorpo.com.br
23.227.38.32 (- Canada)
2016-08-30 11:08Distribution SiteLocky
www.alcamo.org
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-08-30 11:08Distribution SiteLocky
bestcheats.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 11:08Distribution SiteLocky
www.lothaller.net
EPAG DOMAINSERVICES GMBH77.244.243.38 (- Austria)
2016-08-30 11:08Distribution SiteLocky
bzn.c0.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 11:08Distribution SiteLocky
www.danzenicolas.it
TISCALIDOMAIN-REG31.11.34.149 (- Italy)
2016-08-30 11:08Distribution SiteLocky
akihitomu.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.16 (- United States)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >