Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-07-14 09:26Distribution SiteLocky
isknife.com
GABIA, INC. (n/a)
2016-07-14 09:25Distribution SiteLocky
ibsactividades.com
1&1 INTERNET SE51.254.127.111 (- France)
2016-07-14 09:25Distribution SiteLocky
myphychoice.com
DOMAINPEOPLE, INC.216.110.144.157 (- United States)
2016-07-14 09:25Distribution SiteLocky
control3.com.br
192.185.209.37 (- United States)
2016-07-14 09:25Distribution SiteLocky
sollove.com.br
186.202.153.144 (- Brazil)
2016-07-14 09:25Distribution SiteLocky
hw.srca.org
GoDaddy.com, LLC192.186.224.37 (- United States)
2016-07-14 09:25Distribution SiteLocky
joslinsalesltd.com
NETWORK SOLUTIONS, LLC.23.236.62.147 (- United States)
2016-07-14 09:25Distribution SiteLocky
biovinci.com.br
108.179.193.134 (- United States)
2016-07-14 09:25Distribution SiteLocky
right-livelihoods.org
PDR Ltd. d/b/a PublicDomainRegis[...]163.44.198.41 (- Japan)
2016-07-14 09:25Distribution SiteLocky
nmfabb.com
TUCOWS DOMAINS INC.216.55.149.9 (- United States)
2016-07-14 09:25Distribution SiteLocky
webidator.co.il
(n/a)
2016-07-14 09:24Distribution SiteLocky
jem-111.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]153.122.18.175 (- Japan)
2016-07-14 09:24Distribution SiteLocky
www.fabricemontoyo.com
REGISTER.IT SPA81.88.57.68 (- Italy)
2016-07-14 09:24Distribution SiteLocky
sophoula.com
GODADDY.COM, LLC216.187.94.181 (- United States)
2016-07-14 09:24Distribution SiteLocky
valdemarincapital.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.142.108 (- Spain)
2016-07-14 09:24Distribution SiteLocky
mystyleparrucchieri.com
TUCOWS DOMAINS INC.80.88.87.96 (- Italy)
2016-07-14 09:24Distribution SiteLocky
hiramteran.com
GODADDY.COM, LLC207.174.215.153 (- United States)
2016-07-14 09:24Distribution SiteLocky
choogo.net
GABIA, INC.121.125.79.171 (- Korea)
2016-07-14 09:24Distribution SiteLocky
heonybaby.synology.me
GoDaddy.com, LLC (n/a)
2016-07-14 09:24Distribution SiteLocky
mindfocus.com.br
108.179.193.134 (- United States)
2016-07-14 09:24Distribution SiteLocky
ejdadim.com
22NET, INC.139.129.234.97 (- China)
2016-07-14 09:24Distribution SiteLocky
www.thephoneguy.talktalk.net
ASCIO TECHNOLOGIES, INC. DANMARK[...]62.24.202.31 (- United Kingdom)
2016-07-14 09:24Distribution SiteLocky
grandfm.com
GODADDY.COM, LLC61.12.36.98 (- India)
2016-07-14 09:24Distribution SiteLocky
alanakamine.com.br
108.179.193.133 (- United States)
2016-07-14 09:24Distribution SiteLocky
heavenboundministry.com
WILD WEST DOMAINS, LLC199.83.129.223 (- United States) +1 A record(s) 199.83.131.223 (AS19551, - United States)
2016-07-14 09:23Distribution SiteLocky
lifecare-hc.com
GODADDY.COM, LLC (n/a)
2016-07-14 09:23Distribution SiteLocky
pierre-rottet.com
REGISTER.IT SPA81.88.57.68 (- Italy)
2016-07-14 09:23Distribution SiteLocky
iddaatahmin.com
ENOM, INC.162.255.119.24 (- United States)
2016-07-14 09:23Distribution SiteLocky
hrlpk.com
ONLINENIC, INC.203.124.43.229 (- Pakistan)
2016-07-14 09:23Distribution SiteLocky
intracorpwestsidecollection.com
ENOM, INC.192.199.204.103 (- Canada)
2016-07-14 09:23Distribution SiteLocky
tozdance.com
NETPIA.COM, INC.61.14.209.175 (- Korea)
2016-07-14 09:23Distribution SiteLocky
infocuscreative.net
GODADDY.COM, LLC192.249.112.224 (- United States)
2016-07-14 09:23Distribution SiteLocky
rue-de-champagne.com
NETWORK SOLUTIONS, LLC.81.88.57.68 (- Italy)
2016-07-14 09:23Distribution SiteLocky
intracorp.ca
Go Daddy Domains Canada, Inc192.124.249.159 (- United States)
2016-07-14 09:23Distribution SiteLocky
kveldeil.no
176.111.200.27 (- Norway)
2016-07-14 09:22Distribution SiteLocky
khalifacapital.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.142.108 (- Spain)
2016-07-14 08:58Payment SiteCerber
27lelchgcvs2wpm7.ag082d.top
Eranet International Limited (n/a)
2016-07-14 08:27Payment SiteCerber
4kqd3hmqgptupi3p.xmfru5.top
Eranet International Limited (n/a)
2016-07-14 06:50Distribution SiteTorrentLocker
robberseeiland.nl
Net Ground B.V.87.253.134.150 (- Netherlands)
2016-07-14 02:56Payment SiteCerber
52uo5k3t73ypjije.thyx30.top
Eranet International Limited (n/a)
2016-07-14 01:25Payment SiteCerber
27lelchgcvs2wpm7.b7mciu.top
Eranet International Limited (n/a)
2016-07-14 00:52Payment SiteCerber
27lelchgcvs2wpm7.thyx30.top
Eranet International Limited (n/a)
2016-07-14 00:51Payment SiteCerber
4kqd3hmqgptupi3p.bigfooters.loan
Alpnames Limited (n/a)
2016-07-13 20:30Botnet C&CLocky
77.222.54.202
77.222.54.202 (- Russian Federation)
2016-07-13 16:01Payment SiteCerber
52uo5k3t73ypjije.bt7r70.top
Eranet International Limited (n/a)
2016-07-13 15:35Payment SiteCerber
4kqd3hmqgptupi3p.gletterstan.trade
Alpnames Limited (n/a)
2016-07-13 14:33Payment SiteCerber
52uo5k3t73ypjije.xmfru5.top
Eranet International Limited (n/a)
2016-07-13 13:04Payment SiteCerber
4kqd3hmqgptupi3p.thyx30.top
Eranet International Limited (n/a)
2016-07-13 11:44Distribution SiteLocky
gromantique.com
DREAMHOST, LLC208.113.187.64 (- United States)
2016-07-13 11:44Distribution SiteLocky
khalifacapital.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.142.108 (- Spain)
2016-07-13 11:44Distribution SiteLocky
alanakamine.com.br
108.179.193.133 (- United States)
2016-07-13 11:44Distribution SiteLocky
mindfocus.com.br
108.179.193.134 (- United States)
2016-07-13 11:44Distribution SiteLocky
webidator.co.il
(n/a)
2016-07-13 11:44Distribution SiteLocky
biovinci.com.br
108.179.193.134 (- United States)
2016-07-13 11:44Distribution SiteLocky
khalifacapital.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.142.108 (- Spain)
2016-07-13 11:44Distribution SiteLocky
www.mystyleparrucchieri.com
TUCOWS DOMAINS INC.80.88.87.96 (- Italy)
2016-07-13 11:44Distribution SiteLocky
geslexsport.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]127.0.0.1 (n/a)
2016-07-13 11:44Distribution SiteLocky
jonathonbelotti.com
FASTDOMAIN, INC.192.30.252.153 (- United States) +1 A record(s) 192.30.252.154 (AS36459, - United States)
2016-07-13 11:44Distribution SiteLocky
www.comervillamil.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]127.0.0.1 (n/a)
2016-07-13 11:44Distribution SiteLocky
valdemarincapital.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.142.108 (- Spain)
2016-07-13 11:43Distribution SiteLocky
anttention.tv
GODADDY.COM, LLC184.168.221.17 (- United States)
2016-07-13 11:43Distribution SiteLocky
webidator.co.il
(n/a)
2016-07-13 11:43Distribution SiteLocky
ampexholdings.com
UNIVERSO ONLINE S/A (UOL)104.156.51.130 (- United States)
2016-07-13 11:43Distribution SiteLocky
valdemarincapital.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.142.108 (- Spain)
2016-07-13 11:43Distribution SiteLocky
clinicasantabeatriz.es
87.98.231.87 (- Spain)
2016-07-13 11:43Distribution SiteLocky
graficador.ch
82.220.37.15 (- Switzerland)
2016-07-13 11:43Distribution SiteLocky
www.inextenso.hu
217.116.47.122 (- Hungary)
2016-07-13 11:43Distribution SiteLocky
geslexsport.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]127.0.0.1 (n/a)
2016-07-13 11:43Distribution SiteLocky
pernelkul.hu
194.38.104.131 (- Hungary)
2016-07-13 11:43Distribution SiteLocky
237travellin.com
OVH213.186.33.104 (- France)
2016-07-13 11:43Distribution SiteLocky
lifecare-hc.com
GODADDY.COM, LLC (n/a)
2016-07-13 11:43Distribution SiteLocky
www.comervillamil.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]127.0.0.1 (n/a)
2016-07-13 11:43Distribution SiteLocky
limpiezamecanizada.com.mx
Akky (Una division de NIC Mexico[...]208.113.217.75 (- United States)
2016-07-13 11:43Distribution SiteLocky
mystyleparrucchieri.com
TUCOWS DOMAINS INC.80.88.87.96 (- Italy)
2016-07-13 11:43Distribution SiteLocky
areaslimpias.com.mx
Akky (Una division de NIC Mexico[...] (n/a)
2016-07-13 11:43Distribution SiteLocky
subang.go.id
103.247.11.52 (- Indonesia)
2016-07-13 11:42Distribution SiteLocky
digitacaoveloz.com.br
191.252.51.6 (- Brazil)
2016-07-13 11:42Distribution SiteLocky
zoomwalls.com
GODADDY.COM, LLC50.28.32.162 (- United States)
2016-07-13 11:42Distribution SiteLocky
areaslimpias.com.mx
Akky (Una division de NIC Mexico[...] (n/a)
2016-07-13 11:42Distribution SiteLocky
237travellin.com
OVH213.186.33.104 (- France)
2016-07-13 11:42Distribution SiteLocky
www.mystyleparrucchieri.com
TUCOWS DOMAINS INC.80.88.87.96 (- Italy)
2016-07-13 11:42Distribution SiteLocky
jsbaden.jemk.ch
217.150.253.193 (- Switzerland)
2016-07-13 11:42Distribution SiteLocky
pakar.com.my
103.6.198.134 (- Malaysia)
2016-07-13 11:42Distribution SiteLocky
lifecare-hc.com
GODADDY.COM, LLC (n/a)
2016-07-13 11:42Distribution SiteLocky
www.appoutpost.com
GODADDY.COM, LLC67.225.146.147 (- United States)
2016-07-13 11:42Distribution SiteLocky
hiramteran.com
GODADDY.COM, LLC207.174.215.153 (- United States)
2016-07-13 11:42Distribution SiteLocky
sollove.com.br
186.202.153.144 (- Brazil)
2016-07-13 08:35Botnet C&CLocky
yuysikankhqvdwdv.xyz
Namecheap208.100.26.234 (- United States)
2016-07-13 08:17Distribution SiteTorrentLocker
opieka.info.pl
home.pl S.A.212.85.98.171 (- Poland)
2016-07-13 05:29Payment SiteCerber
pmenboeqhyrpvomq.5b1s82.top
Eranet International Limited (n/a)
2016-07-13 05:12Payment SiteCerber
27lelchgcvs2wpm7.7jiff7.top
Eranet International Limited (n/a)
2016-07-13 00:22Botnet C&CLocky
tqlcjh.fr
1API GmbH208.100.26.234 (- United States)
2016-07-12 23:31Payment SiteCerber
pmenboeqhyrpvomq.afteghonte.lol
Alpnames Limited (n/a)
2016-07-12 19:59Payment SiteCerber
52uo5k3t73ypjije.c7ex9n.top
Eranet International Limited (n/a)
2016-07-12 16:32Payment SiteCerber
27lelchgcvs2wpm7.bonbestal.asia
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-07-12 15:54Botnet C&CCryptoWall
audetlaw.com
GODADDY.COM, LLC72.10.54.86 (- United States)
2016-07-12 14:36Distribution SiteLocky
acepipesdeli.com.br
186.202.153.125 (- Brazil)
2016-07-12 14:36Distribution SiteLocky
quaint.com.br
191.252.51.21 (- Brazil)
2016-07-12 14:35Distribution SiteLocky
games4games.com.br
186.202.153.56 (- Brazil)
2016-07-12 14:35Distribution SiteLocky
agbiz.co.za
197.221.10.206 (- South Africa)

# of rows displayed: 100
# of entries in database: 12'829

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 >