Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-08-30 11:08Distribution SiteLocky
www.fabioalbini.com
TUCOWS DOMAINS INC.195.78.215.76 (- Italy)
2016-08-30 11:08Distribution SiteLocky
hacca.kitunebi.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-08-30 11:08Distribution SiteLocky
ra-russold.com
KEY-SYSTEMS GMBH176.123.54.21 (- Germany)
2016-08-30 11:08Distribution SiteLocky
11011020.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.46 (- United States)
2016-08-30 11:08Distribution SiteLocky
www.spartania.de
188.40.26.208 (- Germany)
2016-08-30 11:08Distribution SiteLocky
pruszcz.cba.pl
Abc Hosting Ltd.95.211.144.65 (- Netherlands)
2016-08-30 11:07Distribution SiteLocky
teixeiraonline.com.br
(n/a)
2016-08-30 11:07Distribution SiteLocky
westcolors.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.46 (- United States)
2016-08-30 11:07Distribution SiteLocky
kikorpo.com.br
23.227.38.32 (- Canada)
2016-08-30 11:07Distribution SiteLocky
externografico.com
10DENCEHISPAHARD, S.L134.0.10.36 (- Spain)
2016-08-30 11:07Distribution SiteLocky
www.almaservice.it
TISCALIDOMAIN-REG31.11.34.33 (- Italy)
2016-08-30 11:07Distribution SiteLocky
www.mocca-lounge.at
81.19.159.71 (- Austria)
2016-08-30 11:07Distribution SiteLocky
gonjiri64.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.26 (- United States)
2016-08-30 11:07Distribution SiteLocky
chchic.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.38 (- United States)
2016-08-30 11:07Distribution SiteLocky
jonpickerill.co.uk
Nuco Technologies Ltd t/a Host-i[...]194.150.252.101 (- United Kingdom)
2016-08-30 11:07Distribution SiteLocky
www.placetel.es
62.42.230.17 (- Spain)
2016-08-30 11:07Distribution SiteLocky
www.gabinator.republika.pl
Domeny.pl sp. z o.o.213.180.141.189 (- Poland)
2016-08-30 11:07Distribution SiteLocky
xremx.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.47 (- United States)
2016-08-30 11:07Distribution SiteLocky
madziaadam.republika.pl
Domeny.pl sp. z o.o.213.180.141.189 (- Poland)
2016-08-30 11:07Distribution SiteLocky
michikawano.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.42 (- United States)
2016-08-30 11:07Distribution SiteLocky
www.vanachte.be
Telenet BVBA195.130.132.84 (- Belgium)
2016-08-30 11:07Distribution SiteLocky
www.opiekanadogrodem.pl
Michau Enterprises Ltd.95.211.144.65 (- Netherlands)
2016-08-30 11:07Distribution SiteLocky
87.106.38.204
n/a
2016-08-30 11:07Distribution SiteLocky
www.faberpoli.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-30 11:06Distribution SiteLocky
msnobu.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.133 (- United States)
2016-08-30 11:06Distribution SiteLocky
www.microsap.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-30 10:24Payment SiteCerber
unocl45trpuoefft.csv7o6.bid
Eranet International Limited (n/a)
2016-08-30 10:19Payment SiteCerber
52uo5k3t73ypjije.249isv.bid
Eranet International Limited (n/a)
2016-08-30 10:09Payment SiteCerber
unocl45trpuoefft.gio6f6.bid
Eranet International Limited (n/a)
2016-08-30 04:57Payment SiteCerber
52uo5k3t73ypjije.o8hpwj.top
Eranet International Limited (n/a)
2016-08-30 01:57Payment SiteCerber
unocl45trpuoefft.ageshere.club
Alpnames Limited (n/a)
2016-08-30 00:20Payment SiteCerber
unocl45trpuoefft.lak8wd.bid
Eranet International Limited (n/a)
2016-08-29 23:39Payment SiteCerber
52uo5k3t73ypjije.sdfztr.bid
Eranet International Limited (n/a)
2016-08-29 20:51Payment SiteCerber
unocl45trpuoefft.2y4t6f.bid
Eranet International Limited (n/a)
2016-08-29 20:47Payment SiteCerber
52uo5k3t73ypjije.8kcfnk.bid
Eranet International Limited (n/a)
2016-08-29 19:19Payment SiteCerber
4kqd3hmqgptupi3p.a0g0o7.bid
Eranet International Limited (n/a)
2016-08-29 18:21Payment SiteCerber
52uo5k3t73ypjije.nxmu0x.bid
Eranet International Limited (n/a)
2016-08-29 16:12Payment SiteCerber
unocl45trpuoefft.idw6s5.bid
Eranet International Limited (n/a)
2016-08-29 14:26Payment SiteCerber
unocl45trpuoefft.i1wcrl.bid
Eranet International Limited (n/a)
2016-08-29 10:52Payment SiteCerber
4kqd3hmqgptupi3p.whmykv.bid
Eranet International Limited (n/a)
2016-08-29 09:18Payment SiteCerber
unocl45trpuoefft.moonsides.faith
Alpnames Limited (n/a)
2016-08-29 07:51Botnet C&CLocky
trxswbwxhr.xyz
Registrar of Domain Names REG.RU[...]91.226.92.208 (- Russian Federation)
2016-08-29 07:31Botnet C&CLocky
195.64.154.114
195.64.154.114 (- Ukraine)
2016-08-29 00:35Payment SiteCerber
wjtqjleommc4z46i.249isv.bid
Eranet International Limited (n/a)
2016-08-28 22:24Payment SiteCerber
4kqd3hmqgptupi3p.variedtax.kim
Alpnames Limited (n/a)
2016-08-28 21:02Payment SiteCerber
4kqd3hmqgptupi3p.o8hpwj.top
Eranet International Limited (n/a)
2016-08-28 18:32Payment SiteCerber
unocl45trpuoefft.he81tz.bid
Eranet International Limited (n/a)
2016-08-28 18:27Payment SiteCerber
4kqd3hmqgptupi3p.y12acl.bid
Eranet International Limited (n/a)
2016-08-28 17:48Payment SiteCerber
52uo5k3t73ypjije.s2xb1s.bid
Eranet International Limited (n/a)
2016-08-28 17:47Payment SiteCerber
52uo5k3t73ypjije.hawtzr.bid
Eranet International Limited (n/a)
2016-08-28 17:38Payment SiteCerber
unocl45trpuoefft.54drms.bid
Eranet International Limited (n/a)
2016-08-28 17:36Payment SiteCerber
52uo5k3t73ypjije.uwckha.top
Eranet International Limited (n/a)
2016-08-28 17:35Payment SiteCerber
52uo5k3t73ypjije.gg4dgp.bid
Eranet International Limited (n/a)
2016-08-28 01:20Payment SiteCerber
52uo5k3t73ypjije.kas17.com
ERANET INTERNATIONAL LIMITED (n/a)
2016-08-28 00:12Payment SiteCerber
52uo5k3t73ypjije.mbwxyg.bid
Eranet International Limited (n/a)
2016-08-27 23:58Payment SiteCerber
unocl45trpuoefft.freshsdog.loan
Alpnames Limited (n/a)
2016-08-27 22:22Payment SiteCerber
52uo5k3t73ypjije.o5xcnd.bid
Eranet International Limited (n/a)
2016-08-27 21:26Payment SiteCerber
4kqd3hmqgptupi3p.249isv.bid
Eranet International Limited (n/a)
2016-08-27 18:02Payment SiteCerber
52uo5k3t73ypjije.94ycl8.bid
Eranet International Limited (n/a)
2016-08-27 18:01Botnet C&CLocky
wvltrlrnf.xyz
Namecheap208.100.26.234 (- United States)
2016-08-27 17:53Payment SiteCerber
4kqd3hmqgptupi3p.jal9lk.bid
Eranet International Limited (n/a)
2016-08-27 17:43Payment SiteCerber
wjtqjleommc4z46i.uwckha.top
Eranet International Limited (n/a)
2016-08-27 17:40Payment SiteCerber
4kqd3hmqgptupi3p.salethe.gdn
AlpNames Limited (n/a)
2016-08-27 17:37Payment SiteCerber
52uo5k3t73ypjije.loanshown.info
Alpnames Limited (n/a)
2016-08-27 16:55Payment SiteCerber
4kqd3hmqgptupi3p.nh47ri.bid
Eranet International Limited (n/a)
2016-08-27 16:41Payment SiteCerber
52uo5k3t73ypjije.p0lxvm.bid
Eranet International Limited (n/a)
2016-08-27 14:23Payment SiteCerber
52uo5k3t73ypjije.6j7jcn.bid
Eranet International Limited (n/a)
2016-08-27 01:48Payment SiteCerber
52uo5k3t73ypjije.u50s89.bid
Eranet International Limited (n/a)
2016-08-27 01:09Payment SiteCerber
52uo5k3t73ypjije.5tb8hy.bid
Eranet International Limited (n/a)
2016-08-27 00:35Payment SiteCerber
4kqd3hmqgptupi3p.nxmu0x.bid
Eranet International Limited (n/a)
2016-08-26 23:58Payment SiteCerber
unocl45trpuoefft.mbwxyg.bid
Eranet International Limited (n/a)
2016-08-26 23:34Payment SiteCerber
wjtqjleommc4z46i.salethe.gdn
AlpNames Limited (n/a)
2016-08-26 14:26Payment SiteCerber
unocl45trpuoefft.n20b1c.top
Eranet International Limited (n/a)
2016-08-26 14:18Payment SiteCerber
unocl45trpuoefft.vlwbcz.bid
Eranet International Limited (n/a)
2016-08-26 13:33Payment SiteCerber
wjtqjleommc4z46i.z7uxzg.bid
Eranet International Limited (n/a)
2016-08-26 12:29Payment SiteCerber
unocl45trpuoefft.na2iuz.bid
Eranet International Limited (n/a)
2016-08-26 11:48Payment SiteCerber
52uo5k3t73ypjije.yrd7v5.bid
Eranet International Limited (n/a)
2016-08-26 11:15Payment SiteCerber
52uo5k3t73ypjije.26lpul.bid
Eranet International Limited (n/a)
2016-08-26 10:24Payment SiteCerber
52uo5k3t73ypjije.7156et.bid
Eranet International Limited (n/a)
2016-08-26 08:38Distribution SiteLocky
www.caffematto.it
TISCALIDOMAIN-REG213.205.38.39 (- Italy)
2016-08-26 08:37Distribution SiteLocky
tpllaw.com
DOMAINPEOPLE, INC.216.87.186.90 (- United States)
2016-08-26 08:36Distribution SiteLocky
www.fenit.net
ASCIO TECHNOLOGIES, INC. DANMARK[...] (n/a)
2016-08-26 08:35Distribution SiteLocky
www.imaginarium.home.ro
ICI - ROTLD81.196.20.133 (- Romania)
2016-08-26 08:34Distribution SiteLocky
www.agriturismoigirasoli.it
TISCALIDOMAIN-REG62.149.128.45 (- Italy)
2016-08-26 08:34Distribution SiteLocky
www.saumi.jazztel.es
62.14.3.195 (- Spain)
2016-08-26 08:34Distribution SiteLocky
spic.bakufu.org
GMO Internet, Inc. d/b/a Onamae.[...]112.140.42.29 (- Japan)
2016-08-26 08:33Distribution SiteLocky
abcbureautique.abc.perso.neuf.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-08-26 08:32Distribution SiteLocky
www.dialektika.extra.hu
(n/a)
2016-08-26 08:31Distribution SiteLocky
immobilien1000.de
217.22.207.207 (- Germany)
2016-08-26 08:29Payment SiteCerber
4kqd3hmqgptupi3p.yg767p.bid
Eranet International Limited (n/a)
2016-08-26 06:42Payment SiteCerber
52uo5k3t73ypjije.w8yolm.bid
Eranet International Limited (n/a)
2016-08-26 01:34Payment SiteCerber
52uo5k3t73ypjije.lio2wr.bid
Eranet International Limited (n/a)
2016-08-25 20:20Payment SiteCerber
wjtqjleommc4z46i.t4jp3w.bid
Eranet International Limited (n/a)
2016-08-25 18:33Payment SiteCerber
4kqd3hmqgptupi3p.gameswarm.loan
Alpnames Limited (n/a)
2016-08-25 18:08Payment SiteCerber
4kqd3hmqgptupi3p.themevery.win
Alpnames Limited (n/a)
2016-08-25 17:19Payment SiteCerber
unocl45trpuoefft.at9gwv.bid
Eranet International Limited (n/a)
2016-08-25 15:56Payment SiteCerber
unocl45trpuoefft.lio2wr.bid
Eranet International Limited (n/a)
2016-08-25 14:32Payment SiteCerber
unocl45trpuoefft.metpast.date
Alpnames Limited (n/a)
2016-08-25 12:14Distribution SiteLocky
www.peterswebsite.dommel.be
SCHEDOM NV / DOMMEL.COM (n/a)
2016-08-25 12:14Distribution SiteLocky
69.61.11.216
n/a

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >