Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-09-08 10:22Distribution SiteLocky
dcqoutlet.es
(n/a)
2016-09-08 10:22Distribution SiteLocky
www.agridiving.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-09-08 10:22Distribution SiteLocky
sp-moto.ru
REGTIME-RU (n/a)
2016-09-08 10:21Distribution SiteLocky
www.gengokk.co.jp
202.224.59.191 (- Japan)
2016-09-08 10:21Distribution SiteLocky
www.one-clap.jp
163.43.80.67 (- Japan)
2016-09-08 10:21Distribution SiteLocky
www.bytove.jadro.szm.com
GRANSY S.R.O D/B/A SUBREG.CZ85.248.42.103 (- Slovakia)
2016-09-08 10:21Distribution SiteLocky
158.195.68.10
n/a
2016-09-08 10:20Distribution SiteLocky
gam-e20.it
SOLODOMINI-REG164.132.215.202 (- France)
2016-09-08 10:20Distribution SiteLocky
www.idiomestarradellas.com
NOMINALIA INTERNET S.L.185.177.152.107 (- Spain)
2016-09-08 10:20Distribution SiteLocky
tst-technik.de
81.24.34.9 (- Germany)
2016-09-08 10:19Distribution SiteLocky
www.rioual.com
OVH213.186.33.19 (- France)
2016-09-08 10:19Distribution SiteLocky
olivier.coroenne.perso.sfr.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-09-08 10:17Distribution SiteLocky
www.gebrvanorsouw.nl
Tele2 zakelijk62.250.4.180 (- Netherlands)
2016-09-08 10:16Distribution SiteLocky
209.41.183.242
n/a
2016-09-08 10:16Distribution SiteLocky
sitio655.vtrbandaancha.net
REGISTER.COM, INC.200.83.3.52 (- Chile)
2016-09-08 10:16Distribution SiteLocky
www.texelvakantiehuisje.nl
Registrar.eu217.182.3.6 (- France)
2016-09-08 10:16Distribution SiteLocky
www.hung-guan.com.tw
HINET (n/a)
2016-09-08 10:14Distribution SiteLocky
www.xolod-teplo.ru
REGTIME-RU46.254.21.127 (- Russian Federation)
2016-09-08 10:14Distribution SiteLocky
fidelitas.heimat.eu
Key-Systems GmbH213.208.133.41 (- Austria)
2016-09-08 10:13Distribution SiteLocky
www.threshold-online.co.uk
Plusnet Plc t/a Madasafish Broad[...]212.159.8.151 (- United Kingdom) +1 A record(s) 212.159.9.151 (AS6871, - United Kingdom)
2016-09-08 10:13Distribution SiteLocky
josemedina.com
TUCOWS DOMAINS INC.67.225.176.60 (- United States)
2016-09-08 10:12Payment SiteCerber
4kqd3hmqgptupi3p.bookjumps.us
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-09-08 10:12Distribution SiteLocky
www.alanmorgan.plus.com
ENOM, INC.212.159.8.91 (- United Kingdom) +1 A record(s) 212.159.9.91 (AS6871, - United Kingdom)
2016-09-08 10:12Distribution SiteLocky
unimet.tmhandel.com
REGISTRYGATE GMBH (n/a)
2016-09-08 10:12Distribution SiteLocky
kreativmanagement.homepage.t-online.de
80.150.6.138 (- Germany)
2016-09-08 10:12Distribution SiteLocky
dashman.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.44 (- United States)
2016-09-08 10:11Distribution SiteLocky
www.aldesco.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-08 10:11Distribution SiteLocky
srxrun.nobody.jp
112.140.42.29 (- Japan)
2016-09-08 10:11Distribution SiteLocky
www.alpstaxi.co.jp
211.134.181.38 (- Japan)
2016-09-08 10:11Distribution SiteLocky
thb-berlin.homepage.t-online.de
80.150.6.138 (- Germany)
2016-09-08 10:10Distribution SiteLocky
www.ccnprodusenaturiste.home.ro
ICI - ROTLD81.196.20.133 (- Romania)
2016-09-08 10:10Distribution SiteLocky
www.mikeg7hen.talktalk.net
ASCIO TECHNOLOGIES, INC. DANMARK[...]62.24.202.31 (- United Kingdom)
2016-09-08 10:10Distribution SiteLocky
dpskaunas.puslapiai.lt
UAB "Interneto vizija"79.98.25.25 (- Lithuania)
2016-09-08 10:10Distribution SiteLocky
www.laribalta.org
Ascio Technologies, Inc. Danmark[...] (n/a)
2016-09-08 10:10Distribution SiteLocky
www.whitakerpd.co.uk
LCN.com Ltd94.126.40.48 (- United Kingdom)
2016-09-08 10:09Distribution SiteLocky
portadeenrolar.ind.br
158.106.185.63 (- United States)
2016-09-08 10:09Distribution SiteLocky
www.radicegioielli.com
ASCIO TECHNOLOGIES, INC. DANMARK[...] (n/a)
2016-09-08 10:09Distribution SiteLocky
www.spiritueelcentrumaum.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-09-08 09:56Payment SiteCerber
wjtqjleommc4z46i.i8zh1k.bid
Eranet International Limited (n/a)
2016-09-08 09:29Distribution SiteLocky
canonsupervideo4k.ws
Eranet International Limited173.230.130.175 (- United States)
2016-09-08 08:07Payment SiteCerber
52uo5k3t73ypjije.sotn58.bid
Eranet International Limited (n/a)
2016-09-08 06:02Payment SiteCerber
52uo5k3t73ypjije.ojesoa.bid
Eranet International Limited (n/a)
2016-09-08 05:56Payment SiteCerber
unocl45trpuoefft.emogew.bid
Eranet International Limited (n/a)
2016-09-08 05:54Payment SiteCerber
52uo5k3t73ypjije.wg00sp.bid
Eranet International Limited (n/a)
2016-09-08 05:49Payment SiteCerber
52uo5k3t73ypjije.o8hpwj.bid
Eranet International Limited (n/a)
2016-09-08 05:46Payment SiteCerber
52uo5k3t73ypjije.1pma4t.bid
Eranet International Limited (n/a)
2016-09-08 05:32Payment SiteCerber
unocl45trpuoefft.xlxd92.bid
Eranet International Limited (n/a)
2016-09-08 04:45Payment SiteCerber
unocl45trpuoefft.hxrd02.bid
Eranet International Limited (n/a)
2016-09-08 03:18Payment SiteCerber
4kqd3hmqgptupi3p.easyits.black
Alpnames Limited (n/a)
2016-09-08 03:09Payment SiteCerber
wjtqjleommc4z46i.cgab48.bid
Eranet International Limited (n/a)
2016-09-08 02:39Payment SiteCerber
4kqd3hmqgptupi3p.heldbegun.kim
Alpnames Limited (n/a)
2016-09-07 19:44Payment SiteCerber
unocl45trpuoefft.csdbnk.bid
Eranet International Limited (n/a)
2016-09-07 17:05Payment SiteCerber
4kqd3hmqgptupi3p.liesshall.bid
Alpnames Limited (n/a)
2016-09-07 16:12Payment SiteCerber
4kqd3hmqgptupi3p.todaynine.loan
Alpnames Limited (n/a)
2016-09-07 15:47Payment SiteCerber
4kqd3hmqgptupi3p.carrygain.kim
Alpnames Limited (n/a)
2016-09-07 14:38Payment SiteCerber
52uo5k3t73ypjije.goztus.bid
Eranet International Limited (n/a)
2016-09-07 14:20Payment SiteCerber
unocl45trpuoefft.a3migu.bid
Eranet International Limited (n/a)
2016-09-07 13:54Payment SiteCerber
52uo5k3t73ypjije.cm898n.bid
Eranet International Limited (n/a)
2016-09-07 13:11Payment SiteCerber
unocl45trpuoefft.noyl9o.bid
Eranet International Limited (n/a)
2016-09-07 12:52Payment SiteCerber
unocl45trpuoefft.5o3euy.bid
Eranet International Limited (n/a)
2016-09-07 11:44Payment SiteCerber
4kqd3hmqgptupi3p.z97f9v.bid
Eranet International Limited (n/a)
2016-09-07 09:46Payment SiteCerber
unocl45trpuoefft.eo6rzt.bid
Eranet International Limited (n/a)
2016-09-07 09:30Payment SiteCerber
52uo5k3t73ypjije.56185u.bid
Eranet International Limited (n/a)
2016-09-07 08:55Payment SiteCerber
52uo5k3t73ypjije.sxjdpg.bid
Eranet International Limited (n/a)
2016-09-07 08:36Botnet C&CLocky
185.162.8.101
185.162.8.101 (- Netherlands)
2016-09-07 06:51Payment SiteCerber
4kqd3hmqgptupi3p.powersno.link
Alpnames Limited (n/a)
2016-09-07 01:30Payment SiteCerber
wjtqjleommc4z46i.fwfu4t.bid
Eranet International Limited (n/a)
2016-09-06 20:51Payment SiteCerber
4kqd3hmqgptupi3p.l6k4x7.bid
Eranet International Limited (n/a)
2016-09-06 20:34Payment SiteCerber
4kqd3hmqgptupi3p.eventeach.gdn
AlpNames Limited (n/a)
2016-09-06 19:00Payment SiteCerber
4kqd3hmqgptupi3p.pairsraw.loan
Alpnames Limited (n/a)
2016-09-06 18:17Botnet C&CLocky
158.255.6.109
158.255.6.109 (- Russian Federation)
2016-09-06 12:51Distribution SiteLocky
bookinghotworld.ws
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-09-06 12:49Distribution SiteLocky
iesjaumei.edu.gva.es
193.145.207.93 (- Spain) +1 A record(s) 195.77.17.32 (AS766, - Spain)
2016-09-06 09:52Distribution SiteLocky
canonsupervideo4k.ws
Eranet International Limited173.230.130.175 (- United States)
2016-09-06 09:17Distribution SiteLocky
www.dondana.com
TUCOWS DOMAINS INC.195.78.215.76 (- Italy)
2016-09-06 09:17Distribution SiteLocky
www.csm94.org
Ascio Technologies, Inc. Danmark[...]213.205.38.43 (- Italy)
2016-09-06 09:16Distribution SiteLocky
www.vanhoenacker.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-09-06 09:15Distribution SiteLocky
www.saumi.jazztel.es
62.14.3.195 (- Spain)
2016-09-06 09:15Distribution SiteLocky
www.leprimodels.it
TISCALIDOMAIN-REG31.11.34.87 (- Italy)
2016-09-06 09:15Distribution SiteLocky
propaganda.nichost.ru
RU-CENTER-RU178.210.92.160 (- Russian Federation)
2016-09-06 09:15Distribution SiteLocky
www.mussystems.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-09-06 09:15Distribution SiteLocky
www.lagottoromagnolo.be
Telenet BVBA195.130.132.84 (- Belgium)
2016-09-06 09:14Distribution SiteLocky
daedalus.dommel.be
SCHEDOM NV / DOMMEL.COM (n/a)
2016-09-06 09:13Distribution SiteLocky
jamesm.co.uk
Native Logic Ltd. t/a nativespac[...]212.53.86.19 (- United Kingdom)
2016-09-06 09:12Distribution SiteLocky
knochem.samsu.ru
RU-CENTER-RU195.209.65.5 (- Russian Federation)
2016-09-06 09:12Distribution SiteLocky
www.commentaborderunefille.fr
ONLINE SAS213.186.33.4 (- France)
2016-09-06 09:11Distribution SiteLocky
berufe.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.44 (- United States)
2016-09-06 09:11Distribution SiteLocky
www.ussanlorenzo.it
TISCALIDOMAIN-REG213.205.38.39 (- Italy)
2016-09-06 09:11Distribution SiteLocky
www.francogatta.it
MCLINK-REG195.78.215.76 (- Italy)
2016-09-06 09:10Distribution SiteLocky
www.assonet.org
Tucows Inc.195.110.124.133 (- Italy)
2016-09-06 09:09Distribution SiteLocky
www.carloabati.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-09-06 09:08Distribution SiteLocky
conserpa.vtrbandaancha.net
REGISTER.COM, INC.200.83.3.52 (- Chile)
2016-09-06 09:08Distribution SiteLocky
www.hotelancorariviera.com
REGISTER.IT SPA176.227.171.75 (- Italy)
2016-09-06 09:06Distribution SiteLocky
www.ieslamerced.es
62.42.230.17 (- Spain)
2016-09-06 09:05Distribution SiteLocky
immobilien1000.de
217.22.207.207 (- Germany)
2016-09-06 09:04Distribution SiteLocky
abcbureautique.abc.perso.neuf.fr
Société Française du Radioté[...]86.65.123.70 (- France)
2016-09-06 09:03Distribution SiteLocky
www.apmmc.it
BETAM-REG93.51.166.103 (- Italy)
2016-09-06 09:03Distribution SiteLocky
parlament.monar.org
PDR Ltd. d/b/a PublicDomainRegis[...]176.32.162.200 (- Poland)
2016-09-06 09:03Distribution SiteLocky
www.qualityacoustic.comcastbiz.net
CSC CORPORATE DOMAINS, INC.216.87.186.101 (- United States)
2016-09-06 05:16Payment SiteCerber
4kqd3hmqgptupi3p.tieslaws.link
Alpnames Limited (n/a)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >