Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-08-22 16:26Distribution SiteLocky
w0662mb5g.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-22 16:26Distribution SiteLocky
martin-decker.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-22 16:26Distribution SiteLocky
mail.mgeducation.org
Net 4 India Limited216.58.217.83 (- United States)
2016-08-22 16:26Distribution SiteLocky
tritermia.es
134.0.15.13 (- Spain)
2016-08-22 16:26Distribution SiteLocky
gardenoakshomes.com
NETWORK SOLUTIONS, LLC.206.188.192.29 (- United States)
2016-08-22 16:25Distribution SiteLocky
tatakiage.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.16 (- United States)
2016-08-22 16:25Distribution SiteLocky
webtestde.grafi-offshore.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]35.204.116.33 (- United States)
2016-08-22 16:25Distribution SiteLocky
www.c-ambergreen.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]103.8.25.98 (- Malaysia)
2016-08-22 16:25Distribution SiteLocky
minkastudio.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.26 (- United States)
2016-08-22 16:24Distribution SiteLocky
jmriba.endoterapiavegetal.com
TUCOWS DOMAINS INC.188.93.75.91 (- Spain)
2016-08-22 16:24Distribution SiteLocky
satnew.rew.pl
DINFO - Systemy Internetowe Sylw[...] (n/a)
2016-08-22 16:24Distribution SiteLocky
raptorbobo.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-22 16:24Distribution SiteLocky
ofcoursesports.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.136 (- United States)
2016-08-22 16:24Distribution SiteLocky
seiwa1202.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.136 (- United States)
2016-08-22 16:08Payment SiteCerber
4kqd3hmqgptupi3p.dozensby.loan
Alpnames Limited (n/a)
2016-08-22 14:08Payment SiteTorrentLocker
vrympoqs5ra34nfo.bigclear.at
(n/a)
2016-08-22 12:41Payment SiteCerber
unocl45trpuoefft.m03t72.bid
Eranet International Limited (n/a)
2016-08-22 12:16Payment SiteCerber
unocl45trpuoefft.n94lrn.bid
Eranet International Limited (n/a)
2016-08-22 03:32Payment SiteCerber
52uo5k3t73ypjije.3zotov.bid
Eranet International Limited (n/a)
2016-08-21 21:41Payment SiteCerber
52uo5k3t73ypjije.o0hwme.bid
Eranet International Limited (n/a)
2016-08-21 18:16Payment SiteCerber
wjtqjleommc4z46i.e53rg4.bid
Eranet International Limited (n/a)
2016-08-21 08:35Payment SiteCerber
52uo5k3t73ypjije.kzhzuc.top
Alpnames Limited (n/a)
2016-08-21 06:58Payment SiteCerber
52uo5k3t73ypjije.neekll.bid
Eranet International Limited (n/a)
2016-08-21 04:59Payment SiteCerber
unocl45trpuoefft.vfuvsv.bid
Eranet International Limited (n/a)
2016-08-21 04:57Payment SiteCerber
52uo5k3t73ypjije.9kxz23.bid
Eranet International Limited (n/a)
2016-08-21 04:07Payment SiteCerber
52uo5k3t73ypjije.f242v5.bid
Eranet International Limited (n/a)
2016-08-21 03:08Payment SiteCerber
52uo5k3t73ypjije.w6sj06.bid
Eranet International Limited (n/a)
2016-08-21 01:52Botnet C&CLocky
egerdpkvutvodmtsy.pw
Namecheap208.100.26.234 (- United States)
2016-08-21 00:37Payment SiteCerber
unocl45trpuoefft.ozlrnx.bid
Eranet International Limited (n/a)
2016-08-21 00:24Payment SiteCerber
52uo5k3t73ypjije.o6fa2g.bid
Eranet International Limited (n/a)
2016-08-20 20:54Payment SiteCerber
unocl45trpuoefft.m9a225.top
Alpnames Limited (n/a)
2016-08-20 19:36Payment SiteCerber
52uo5k3t73ypjije.1g0vo2.bid
Eranet International Limited (n/a)
2016-08-20 18:25Payment SiteCerber
wjtqjleommc4z46i.h8prbu.top
Alpnames Limited (n/a)
2016-08-20 17:04Payment SiteCerber
unocl45trpuoefft.791sd5.bid
Eranet International Limited (n/a)
2016-08-20 16:40Payment SiteCerber
52uo5k3t73ypjije.ssh3ln.bid
Eranet International Limited (n/a)
2016-08-20 09:47Payment SiteCerber
52uo5k3t73ypjije.e78hjo.bid
Eranet International Limited (n/a)
2016-08-20 07:27Payment SiteCerber
52uo5k3t73ypjije.nb83bp.bid
Eranet International Limited (n/a)
2016-08-20 06:42Payment SiteCerber
unocl45trpuoefft.054t69.bid
Eranet International Limited (n/a)
2016-08-20 06:27Payment SiteCerber
52uo5k3t73ypjije.bj9eea.bid
Eranet International Limited (n/a)
2016-08-20 03:30Payment SiteCerber
52uo5k3t73ypjije.95ovzy.top
Alpnames Limited (n/a)
2016-08-20 02:43Payment SiteCerber
unocl45trpuoefft.cifbp9.bid
Eranet International Limited (n/a)
2016-08-20 01:57Payment SiteCerber
52uo5k3t73ypjije.bcjl1h.top
Alpnames Limited (n/a)
2016-08-20 00:46Payment SiteCerber
wjtqjleommc4z46i.obx4vo.bid
Eranet International Limited (n/a)
2016-08-20 00:26Payment SiteCerber
52uo5k3t73ypjije.x2kl7t.top
Alpnames Limited (n/a)
2016-08-19 22:57Payment SiteCerber
52uo5k3t73ypjije.bp9mn8.bid
Eranet International Limited (n/a)
2016-08-19 16:39Payment SiteCerber
52uo5k3t73ypjije.6ec2xb.bid
Eranet International Limited (n/a)
2016-08-19 13:44Payment SiteCerber
unocl45trpuoefft.i561zy.bid
Eranet International Limited (n/a)
2016-08-19 12:18Payment SiteCerber
52uo5k3t73ypjije.zcwrhe.bid
Eranet International Limited (n/a)
2016-08-19 12:02Distribution SiteLocky
bigbonsai-music.de
89.107.184.60 (- Germany)
2016-08-19 12:02Distribution SiteLocky
www.soresinafranco.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-08-19 12:02Distribution SiteLocky
w2kk31x4j.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-19 12:02Distribution SiteLocky
umihaku000time.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.16 (- United States)
2016-08-19 12:02Distribution SiteLocky
site1374499202.provisorio.ws
GoDaddy.com186.202.153.170 (- Brazil)
2016-08-19 12:02Distribution SiteLocky
www.arboretum.hu
193.178.119.185 (- Hungary)
2016-08-19 12:02Distribution SiteLocky
www.depraetere.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-08-19 12:02Distribution SiteLocky
amint.eu
Schlund+Partner AG217.160.0.249 (- Germany)
2016-08-19 12:02Distribution SiteLocky
thebluestar.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.42 (- United States)
2016-08-19 12:02Distribution SiteLocky
wzukoees.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-19 12:02Distribution SiteLocky
chambresdhotesbruges.fr
LIGNE WEB SERVICES - LWS91.216.107.228 (- France)
2016-08-19 12:02Distribution SiteLocky
tennensekigazou.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.47 (- United States)
2016-08-19 12:01Distribution SiteLocky
www.speedhobby-rg.de
85.183.254.23 (- Germany)
2016-08-19 12:01Distribution SiteLocky
www.dmc-finland.fi
192.130.146.168 (- Finland)
2016-08-19 12:01Distribution SiteLocky
fiorepromozioni.info
eNom, Inc. (n/a)
2016-08-19 12:01Distribution SiteLocky
update2.comped.info
Mijn InternetOplossing B.V.37.230.99.211 (- Netherlands)
2016-08-19 12:01Distribution SiteLocky
argos.aadec.org
PDR Ltd. d/b/a PublicDomainRegis[...]181.88.192.60 (- Argentina)
2016-08-19 12:01Distribution SiteLocky
www.adventa.info
Ascio Technologies, Inc. Danmark[...]213.205.40.169 (- Italy)
2016-08-19 12:01Distribution SiteLocky
www.joosenbrandstoffen.be
Proximus nv/sa195.238.0.64 (- Belgium)
2016-08-19 12:01Distribution SiteLocky
rdinformatique.akeonet.com
GANDI SAS86.65.123.70 (- France)
2016-08-19 12:01Distribution SiteLocky
www.juridic.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-08-19 12:00Distribution SiteLocky
qriswell.50webs.com
GODADDY.COM, LLC162.210.101.122 (- United States)
2016-08-19 12:00Distribution SiteLocky
ts12345678home.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.16 (- United States)
2016-08-19 12:00Distribution SiteLocky
schaafschaduw.dommel.be
SCHEDOM NV / DOMMEL.COM (n/a)
2016-08-19 12:00Distribution SiteLocky
solhp2012.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.42 (- United States)
2016-08-19 12:00Distribution SiteLocky
bbcinemas.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.46 (- United States)
2016-08-19 12:00Distribution SiteLocky
romantschenko.grafi-offshore.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]35.204.116.33 (- United States)
2016-08-19 12:00Distribution SiteLocky
210.118.170.181
n/a
2016-08-19 11:59Distribution SiteLocky
www.assetzone.ro
ICI - ROTLD89.42.223.221 (- Romania)
2016-08-19 09:56Payment SiteCerber
unocl45trpuoefft.uog1ky.bid
Eranet International Limited (n/a)
2016-08-19 09:18Payment SiteCerber
unocl45trpuoefft.sirchi.bid
Eranet International Limited (n/a)
2016-08-19 09:12Payment SiteCerber
52uo5k3t73ypjije.gu7eao.bid
Eranet International Limited (n/a)
2016-08-19 08:00Payment SiteCerber
52uo5k3t73ypjije.rdmwha.bid
Eranet International Limited (n/a)
2016-08-19 07:54Payment SiteCerber
pmenboeqhyrpvomq.89m6y8.bid
Eranet International Limited (n/a)
2016-08-19 07:50Payment SiteCerber
unocl45trpuoefft.60c61d.bid
Eranet International Limited (n/a)
2016-08-19 05:06Payment SiteCerber
52uo5k3t73ypjije.2llgoy.bid
Eranet International Limited (n/a)
2016-08-19 04:58Payment SiteCerber
52uo5k3t73ypjije.1ufr2v.bid
Eranet International Limited (n/a)
2016-08-19 04:19Payment SiteCerber
52uo5k3t73ypjije.4yl1hr.bid
Eranet International Limited (n/a)
2016-08-19 03:59Payment SiteCerber
unocl45trpuoefft.42wunw.bid
Eranet International Limited (n/a)
2016-08-18 20:54Payment SiteCerber
52uo5k3t73ypjije.5vhk5r.bid
Eranet International Limited (n/a)
2016-08-18 20:23Payment SiteCerber
52uo5k3t73ypjije.givxuf.bid
Eranet International Limited (n/a)
2016-08-18 19:27Payment SiteCerber
wjtqjleommc4z46i.kzhzuc.top
Alpnames Limited (n/a)
2016-08-18 18:33Payment SiteCerber
unocl45trpuoefft.efebgv.bid
Eranet International Limited (n/a)
2016-08-18 16:45Payment SiteCerber
52uo5k3t73ypjije.9tftgh.bid
Eranet International Limited (n/a)
2016-08-18 14:39Distribution SiteLocky
punam.dommel.be
SCHEDOM NV / DOMMEL.COM (n/a)
2016-08-18 14:19Payment SiteCerber
52uo5k3t73ypjije.er05vm.bid
Eranet International Limited (n/a)
2016-08-18 12:01Distribution SiteLocky
sulportale.50webs.com
GODADDY.COM, LLC162.210.101.108 (- United States)
2016-08-18 12:01Distribution SiteLocky
edios.vzpsoft.com
ENOM, INC.91.196.124.73 (- Bulgaria)
2016-08-18 12:01Distribution SiteLocky
concurs.kzh.hi2.ro
ICI - ROTLD (n/a)
2016-08-18 12:01Distribution SiteLocky
www.ceccatobassano.it
TISCALIDOMAIN-REG (n/a)
2016-08-18 12:01Distribution SiteLocky
wb4rsun8c.homepage.t-online.de
80.150.6.138 (- Germany)
2016-08-18 12:01Distribution SiteLocky
entree22.homepage.t-online.de
80.150.6.138 (- Germany)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >