Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-09-05 22:21Botnet C&CLocky
91.211.119.71
91.211.119.71 (- Ukraine)
2016-09-05 18:59Payment SiteCerber
wjtqjleommc4z46i.n8ln0w.bid
Eranet International Limited (n/a)
2016-09-05 18:36Payment SiteCerber
wjtqjleommc4z46i.5n5y6v.bid
Eranet International Limited (n/a)
2016-09-05 18:18Distribution SiteLocky
darkestzone2.wang
Todaynic com Inc (n/a)
2016-09-05 18:13Distribution SiteLocky
canonsupervideo4k.ws
Eranet International Limited173.230.130.175 (- United States)
2016-09-05 18:11Distribution SiteLocky
maxshoppppsr.biz
ERANET INTERNATIONAL LIMITED (n/a)
2016-09-05 18:11Distribution SiteLocky
bookinghotworld.ws
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-09-05 16:58Distribution SiteLocky
www.rossorelli.ru
DOMENUS-RU78.110.50.113 (- Russian Federation)
2016-09-05 16:57Distribution SiteLocky
www.madonnaceleste.com
REGISTER.IT SPA195.110.124.148 (- Italy)
2016-09-05 16:57Distribution SiteLocky
foto.hasimehrou.cz
REG-IGNUM78.24.9.81 (- Czech Republic)
2016-09-05 16:57Distribution SiteLocky
lcc.vtrbandaancha.net
REGISTER.COM, INC.200.83.3.52 (- Chile)
2016-09-05 16:57Distribution SiteLocky
www.yacht-market.eu
DotRoll Kft.104.28.28.235 (- United States) +1 A record(s) 104.28.29.235 (AS13335, - United States)
2016-09-05 16:56Distribution SiteLocky
rakutenka.tuzikaze.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-09-05 16:56Distribution SiteLocky
amii.50webs.com
GODADDY.COM, LLC162.210.101.7 (- United States)
2016-09-05 16:56Distribution SiteLocky
www.officinaomc.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]62.149.189.71 (- Italy)
2016-09-05 16:55Distribution SiteLocky
gregor-weiss.business.t-online.de
80.150.6.138 (- Germany)
2016-09-05 16:54Distribution SiteLocky
bbruo.edurm.ru
RU-CENTER-RU85.95.169.19 (- Russian Federation)
2016-09-05 16:54Distribution SiteLocky
jvelizg.vtrbandaancha.net
REGISTER.COM, INC.200.83.3.52 (- Chile)
2016-09-05 16:54Distribution SiteLocky
tensai.wallst.ru
RU-CENTER-RU212.46.196.141 (- Russian Federation)
2016-09-05 16:54Distribution SiteLocky
kakeekoda.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.134 (- United States)
2016-09-05 16:53Distribution SiteLocky
deemc.homepage.t-online.de
80.150.6.138 (- Germany)
2016-09-05 16:53Distribution SiteLocky
seikeiradioclub.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.16 (- United States)
2016-09-05 16:53Distribution SiteLocky
www.fabriziolovino.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.40.169 (- Italy)
2016-09-05 16:52Distribution SiteLocky
mojejeze.republika.pl
Domeny.pl sp. z o.o.213.180.141.189 (- Poland)
2016-09-05 16:51Distribution SiteLocky
yggithuq.utawebhost.at
195.248.63.109 (- Austria)
2016-09-05 16:50Distribution SiteLocky
tvcm.com.br
177.66.162.183 (- Brazil)
2016-09-05 16:49Distribution SiteLocky
frumuseanudaniela.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-09-05 16:49Distribution SiteLocky
miyufortuneteller.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.133 (- United States)
2016-09-05 16:49Distribution SiteLocky
52433865.fn.freenet-hosting.de
81.169.145.153 (- Germany)
2016-09-05 16:48Distribution SiteLocky
lanjaron.es.mialias.net
10DENCEHISPAHARD, S.L (n/a)
2016-09-05 16:48Distribution SiteLocky
monkeeey.web.fc2.com
INSTRA CORPORATION PTY, LTD.104.244.99.133 (- United States)
2016-09-05 16:48Distribution SiteLocky
www.birthmark.go.ro
ICI - ROTLD81.196.20.134 (- Romania)
2016-09-05 16:47Distribution SiteLocky
roadstercrew-nw.homepage.t-online.de
80.150.6.138 (- Germany)
2016-09-05 16:47Distribution SiteLocky
www.equipe4.net
TUCOWS DOMAINS INC.195.238.0.64 (- Belgium)
2016-09-05 16:47Payment SiteCerber
52uo5k3t73ypjije.pfija1.bid
Eranet International Limited (n/a)
2016-09-05 16:46Distribution SiteLocky
quietvain.nobody.jp
112.140.42.29 (- Japan)
2016-09-05 16:46Distribution SiteLocky
www.poli-mec.it
TISCALIDOMAIN-REG213.205.38.34 (- Italy)
2016-09-05 16:46Distribution SiteLocky
www.bals.nichost.ru
RU-CENTER-RU195.208.1.101 (- Russian Federation)
2016-09-05 16:45Distribution SiteLocky
www.masamaru.net
GMO INTERNET, INC. DBA ONAMAE.CO[...] (n/a)
2016-09-05 12:34Botnet C&CLocky
qsbfwgtedexirbyoq.pw
Namecheap95.211.174.92 (- Netherlands)
2016-09-05 12:34Botnet C&CLocky
cdxbbpngq.pw
Registrar of Domain Names REG.RU[...]n/a
2016-09-05 11:55Payment SiteCerber
wjtqjleommc4z46i.fw1bwy.bid
Eranet International Limited (n/a)
2016-09-05 11:44Payment SiteCerber
52uo5k3t73ypjije.35u068.bid
Eranet International Limited (n/a)
2016-09-05 11:01Distribution SiteLocky
canonsupervideo4k.ws
Eranet International Limited173.230.130.175 (- United States)
2016-09-05 09:29Distribution SiteLocky
darkestzone2.wang
Todaynic com Inc (n/a)
2016-09-05 05:40Payment SiteCerber
52uo5k3t73ypjije.z97f9v.bid
Eranet International Limited (n/a)
2016-09-04 21:32Payment SiteCerber
52uo5k3t73ypjije.ojx58b.bid
Eranet International Limited (n/a)
2016-09-04 18:48Payment SiteCerber
52uo5k3t73ypjije.wl52rt.bid
Eranet International Limited (n/a)
2016-09-04 18:43Payment SiteCerber
wjtqjleommc4z46i.w3r6a4.bid
Eranet International Limited (n/a)
2016-09-04 18:32Payment SiteCerber
52uo5k3t73ypjije.80yabh.bid
Eranet International Limited (n/a)
2016-09-04 15:55Payment SiteCerber
4kqd3hmqgptupi3p.barberryshin.casa
Alpnames (n/a)
2016-09-04 15:11Payment SiteCerber
4kqd3hmqgptupi3p.clockhate.loan
Alpnames Limited (n/a)
2016-09-04 14:51Payment SiteCerber
4kqd3hmqgptupi3p.athere.in
Endurance Domains Technology Pvt[...] (n/a)
2016-09-04 14:46Payment SiteCerber
unocl45trpuoefft.igrj6t.bid
Eranet International Limited (n/a)
2016-09-04 13:23Payment SiteCerber
52uo5k3t73ypjije.ih9te2.bid
Eranet International Limited (n/a)
2016-09-04 11:36Payment SiteCerber
unocl45trpuoefft.6w3rkc.bid
Eranet International Limited (n/a)
2016-09-04 07:51Payment SiteCerber
unocl45trpuoefft.p1gneb.bid
Eranet International Limited (n/a)
2016-09-04 07:04Payment SiteCerber
wjtqjleommc4z46i.8a9r2h.bid
Eranet International Limited (n/a)
2016-09-04 06:38Payment SiteCerber
52uo5k3t73ypjije.cfu46r.bid
Eranet International Limited (n/a)
2016-09-04 06:35Payment SiteCerber
52uo5k3t73ypjije.uv39h5.bid
Eranet International Limited (n/a)
2016-09-04 03:09Payment SiteCerber
wjtqjleommc4z46i.f0jlbj.bid
Eranet International Limited (n/a)
2016-09-04 01:03Payment SiteCerber
unocl45trpuoefft.x9kjcn.bid
Eranet International Limited (n/a)
2016-09-03 22:37Payment SiteCerber
4kqd3hmqgptupi3p.boxsame.kim
Alpnames Limited (n/a)
2016-09-03 20:39Payment SiteCerber
4kqd3hmqgptupi3p.wallluck.date
Alpnames Limited (n/a)
2016-09-03 17:57Payment SiteCerber
4kqd3hmqgptupi3p.metmet.win
Alpnames Limited (n/a)
2016-09-03 16:28Payment SiteCerber
wjtqjleommc4z46i.efyh72.bid
Eranet International Limited (n/a)
2016-09-03 15:34Payment SiteCerber
4kqd3hmqgptupi3p.itdrink.club
Alpnames Limited (n/a)
2016-09-03 14:55Payment SiteCerber
52uo5k3t73ypjije.kwnw1b.bid
Eranet International Limited (n/a)
2016-09-03 14:34Payment SiteCerber
52uo5k3t73ypjije.oef1sh.bid
Eranet International Limited (n/a)
2016-09-03 14:05Payment SiteCerber
unocl45trpuoefft.l97i5a.bid
Eranet International Limited (n/a)
2016-09-03 13:40Payment SiteCerber
52uo5k3t73ypjije.vkslju.bid
Eranet International Limited (n/a)
2016-09-03 12:58Payment SiteCerber
4kqd3hmqgptupi3p.sayssales.bid
Alpnames Limited (n/a)
2016-09-03 12:46Payment SiteCerber
52uo5k3t73ypjije.das34.com
ERANET INTERNATIONAL LIMITED (n/a)
2016-09-03 11:51Payment SiteCerber
unocl45trpuoefft.9bjnlk.bid
Eranet International Limited (n/a)
2016-09-03 11:45Payment SiteCerber
52uo5k3t73ypjije.zzis8p.bid
Eranet International Limited (n/a)
2016-09-03 10:35Payment SiteCerber
unocl45trpuoefft.18xhww.bid
Eranet International Limited (n/a)
2016-09-03 08:43Payment SiteCerber
unocl45trpuoefft.ih301a.bid
Eranet International Limited (n/a)
2016-09-03 06:56Payment SiteCerber
52uo5k3t73ypjije.u36ik0.bid
Eranet International Limited (n/a)
2016-09-03 06:52Payment SiteCerber
unocl45trpuoefft.v4kx51.bid
Eranet International Limited (n/a)
2016-09-03 06:50Payment SiteCerber
52uo5k3t73ypjije.k21zey.bid
Eranet International Limited (n/a)
2016-09-03 06:49Payment SiteCerber
52uo5k3t73ypjije.6w3rkc.bid
Eranet International Limited (n/a)
2016-09-03 06:41Payment SiteCerber
unocl45trpuoefft.a4v4c3.bid
Eranet International Limited (n/a)
2016-09-03 05:51Payment SiteCerber
4kqd3hmqgptupi3p.hessale.pw
AlpNames Limited141.8.226.58 (- Switzerland)
2016-09-03 04:21Payment SiteCerber
wjtqjleommc4z46i.nh47ri.bid
Eranet International Limited (n/a)
2016-09-03 03:48Payment SiteCerber
wjtqjleommc4z46i.ldsl8m.bid
Eranet International Limited (n/a)
2016-09-03 03:29Payment SiteCerber
pmenboeqhyrpvomq.nh47ri.bid
Eranet International Limited (n/a)
2016-09-03 02:04Payment SiteCerber
52uo5k3t73ypjije.czzg7f.bid
Eranet International Limited (n/a)
2016-09-03 01:41Payment SiteCerber
wjtqjleommc4z46i.35u068.bid
Eranet International Limited (n/a)
2016-09-03 01:09Payment SiteCerber
52uo5k3t73ypjije.g5196b.bid
Eranet International Limited (n/a)
2016-09-03 00:40Payment SiteCerber
4kqd3hmqgptupi3p.he81tz.bid
Eranet International Limited (n/a)
2016-09-02 23:19Payment SiteCerber
4kqd3hmqgptupi3p.gio6f6.bid
Eranet International Limited (n/a)
2016-09-02 15:43Payment SiteCerber
52uo5k3t73ypjije.myurv5.bid
Eranet International Limited (n/a)
2016-09-02 14:24Distribution SiteLocky
www.valerypro.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]213.205.38.38 (- Italy)
2016-09-02 14:23Distribution SiteLocky
www.impresadeambrosis.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-02 14:23Distribution SiteLocky
www.empolio.com
ENOM, INC.213.204.1.56 (- Italy)
2016-09-02 14:22Distribution SiteLocky
immobilien1000.de
217.22.207.207 (- Germany)
2016-09-02 14:22Distribution SiteLocky
www.erretisnc.it
TISCALIDOMAIN-REG213.205.40.169 (- Italy)
2016-09-02 14:22Distribution SiteLocky
www.gebrvanorsouw.nl
Tele2 zakelijk62.250.4.180 (- Netherlands)
2016-09-02 14:22Distribution SiteLocky
www.imaginarium.home.ro
ICI - ROTLD81.196.20.133 (- Romania)
2016-09-02 14:22Distribution SiteLocky
www.ediazahar.com
NOMINALIA INTERNET S.L.62.42.230.17 (- Spain)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >