Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-07-15 10:11Distribution SiteLocky
blanquerna.eresmas.net
ENTORNO DIGITAL, S.A.62.37.237.59 (- Spain)
2016-07-15 10:11Distribution SiteLocky
adsnight.com
GODADDY.COM, LLC166.62.10.52 (- United States)
2016-07-15 10:11Distribution SiteLocky
newgeneration2010.it
WIDE-REG217.73.226.220 (- Italy)
2016-07-15 10:11Distribution SiteLocky
sichenia.omniadvert.it
ARUBA-REG (n/a)
2016-07-15 10:11Distribution SiteLocky
nuovo.shaolinsoccer.it
WIDE-REG217.73.227.40 (- Italy)
2016-07-15 10:11Distribution SiteLocky
rough-orange.com
ENOM, INC.75.101.134.208 (- United States)
2016-07-15 10:11Distribution SiteLocky
idd00dnu.eresmas.net
ENTORNO DIGITAL, S.A.62.37.237.59 (- Spain)
2016-07-15 10:11Distribution SiteLocky
shintyaku.ame-zaiku.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]112.140.42.29 (- Japan)
2016-07-15 10:11Distribution SiteLocky
mvco.de
54.72.9.51 (- Ireland)
2016-07-15 10:11Distribution SiteLocky
sfabinc.com
WILD WEST DOMAINS, LLC40.114.93.130 (- United States)
2016-07-15 10:11Distribution SiteLocky
www.italius.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]52.58.78.16 (- Germany)
2016-07-15 10:11Distribution SiteLocky
ebnmp.com
NETWORK SOLUTIONS, LLC.192.95.11.250 (- Canada)
2016-07-15 10:11Distribution SiteLocky
seroca.com
TECNOCRATICA CENTRO DE DATOS, S.[...]46.226.47.21 (- Spain)
2016-07-15 10:00Payment SiteCerber
52uo5k3t73ypjije.3rr6ao.top
Eranet International Limited (n/a)
2016-07-15 08:51Payment SiteCerber
52uo5k3t73ypjije.i5cgcw.top
Eranet International Limited (n/a)
2016-07-15 07:33Payment SiteCerber
52uo5k3t73ypjije.sg62es.top
Eranet International Limited (n/a)
2016-07-15 03:38Payment SiteCerber
52uo5k3t73ypjije.5kb3dl.top
Eranet International Limited (n/a)
2016-07-15 02:01Payment SiteCerber
52uo5k3t73ypjije.p2lsgr.top
Eranet International Limited (n/a)
2016-07-14 23:28Payment SiteCerber
52uo5k3t73ypjije.kcufx4.top
Eranet International Limited (n/a)
2016-07-14 21:41Payment SiteCerber
52uo5k3t73ypjije.7jiff7.top
Eranet International Limited (n/a)
2016-07-14 19:44Payment SiteCerber
52uo5k3t73ypjije.j92msu.top
Eranet International Limited (n/a)
2016-07-14 19:35Payment SiteCerber
52uo5k3t73ypjije.ka0te8.top
Eranet International Limited (n/a)
2016-07-14 19:31Payment SiteCerber
pmenboeqhyrpvomq.x1kofw.top
Eranet International Limited (n/a)
2016-07-14 18:25Payment SiteCerber
52uo5k3t73ypjije.ujtwhg.top
Eranet International Limited (n/a)
2016-07-14 16:07Payment SiteCerber
pmenboeqhyrpvomq.b7mciu.top
Eranet International Limited (n/a)
2016-07-14 14:01Payment SiteCerber
4kqd3hmqgptupi3p.9ildst.top
Eranet International Limited (n/a)
2016-07-14 12:24Payment SiteLocky
mphtadhci5mrdlju.tor2web.org
Tucows Inc.185.100.85.150 (- Romania)
2016-07-14 12:10Payment SiteCerber
4kqd3hmqgptupi3p.chargecar.vip
Alpnames (n/a)
2016-07-14 09:58Payment SiteCerber
27lelchgcvs2wpm7.vrid8l.top
Eranet International Limited (n/a)
2016-07-14 09:51Payment SiteCerber
52uo5k3t73ypjije.9ildst.top
Eranet International Limited (n/a)
2016-07-14 09:26Distribution SiteLocky
giuko.com
TUCOWS DOMAINS INC.80.88.87.24 (- Italy)
2016-07-14 09:26Distribution SiteLocky
www.mystyleparrucchieri.com
TUCOWS DOMAINS INC.80.88.87.96 (- Italy)
2016-07-14 09:26Distribution SiteLocky
sandrosgrill.com
NOMINALIA INTERNET S.L. (n/a)
2016-07-14 09:26Distribution SiteLocky
www.comervillamil.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]127.0.0.1 (n/a)
2016-07-14 09:26Distribution SiteLocky
univerzing.com
ONLINENIC, INC. (n/a)
2016-07-14 09:26Distribution SiteLocky
tecnoaspirazioni.com
REGISTER.IT SPA195.110.124.133 (- Italy)
2016-07-14 09:26Distribution SiteLocky
www.mariefrancepochna.com
REGISTER.IT SPA (n/a)
2016-07-14 09:26Distribution SiteLocky
kenestyonline.com
GODADDY.COM, LLC (n/a)
2016-07-14 09:26Distribution SiteLocky
marcrabassa.com
NOMINALIA INTERNET S.L.81.88.48.71 (- Italy)
2016-07-14 09:26Distribution SiteLocky
isknife.com
GABIA, INC. (n/a)
2016-07-14 09:25Distribution SiteLocky
ibsactividades.com
1&1 INTERNET SE (n/a)
2016-07-14 09:25Distribution SiteLocky
myphychoice.com
DOMAINPEOPLE, INC.216.110.144.157 (- United States)
2016-07-14 09:25Distribution SiteLocky
control3.com.br
192.185.209.37 (- United States)
2016-07-14 09:25Distribution SiteLocky
sollove.com.br
186.202.153.144 (- Brazil)
2016-07-14 09:25Distribution SiteLocky
hw.srca.org
GoDaddy.com, LLC192.186.224.37 (- United States)
2016-07-14 09:25Distribution SiteLocky
joslinsalesltd.com
NETWORK SOLUTIONS, LLC.23.236.62.147 (- United States)
2016-07-14 09:25Distribution SiteLocky
biovinci.com.br
108.179.193.134 (- United States)
2016-07-14 09:25Distribution SiteLocky
right-livelihoods.org
PDR Ltd. d/b/a PublicDomainRegis[...]163.44.198.41 (- Thailand)
2016-07-14 09:25Distribution SiteLocky
nmfabb.com
TUCOWS DOMAINS INC.184.168.221.45 (- United States)
2016-07-14 09:25Distribution SiteLocky
webidator.co.il
(n/a)
2016-07-14 09:24Distribution SiteLocky
jem-111.com
GMO INTERNET, INC. DBA ONAMAE.CO[...]157.112.152.21 (- Japan)
2016-07-14 09:24Distribution SiteLocky
www.fabricemontoyo.com
REGISTER.IT SPA81.88.57.68 (- Italy)
2016-07-14 09:24Distribution SiteLocky
sophoula.com
GODADDY.COM, LLC216.187.94.181 (- United States)
2016-07-14 09:24Distribution SiteLocky
valdemarincapital.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.142.108 (- Spain)
2016-07-14 09:24Distribution SiteLocky
mystyleparrucchieri.com
TUCOWS DOMAINS INC.80.88.87.96 (- Italy)
2016-07-14 09:24Distribution SiteLocky
hiramteran.com
GODADDY.COM, LLC207.174.215.153 (- United States)
2016-07-14 09:24Distribution SiteLocky
choogo.net
GABIA, INC.183.101.113.29 (- Korea)
2016-07-14 09:24Distribution SiteLocky
heonybaby.synology.me
GoDaddy.com, LLC (n/a)
2016-07-14 09:24Distribution SiteLocky
mindfocus.com.br
108.179.193.134 (- United States)
2016-07-14 09:24Distribution SiteLocky
ejdadim.com
22NET, INC. (n/a)
2016-07-14 09:24Distribution SiteLocky
www.thephoneguy.talktalk.net
ASCIO TECHNOLOGIES, INC. DANMARK[...]62.24.202.31 (- United Kingdom)
2016-07-14 09:24Distribution SiteLocky
grandfm.com
GODADDY.COM, LLC104.155.128.51 (- United States)
2016-07-14 09:24Distribution SiteLocky
alanakamine.com.br
108.179.193.133 (- United States)
2016-07-14 09:24Distribution SiteLocky
heavenboundministry.com
WILD WEST DOMAINS, LLC199.83.129.223 (- United States) +1 A record(s) 199.83.131.223 (AS19551, - United States)
2016-07-14 09:23Distribution SiteLocky
lifecare-hc.com
GODADDY.COM, LLC50.63.202.42 (- United States)
2016-07-14 09:23Distribution SiteLocky
pierre-rottet.com
REGISTER.IT SPA (n/a)
2016-07-14 09:23Distribution SiteLocky
iddaatahmin.com
ENOM, INC.159.253.45.45 (- Turkey)
2016-07-14 09:23Distribution SiteLocky
hrlpk.com
ONLINENIC, INC.203.124.44.95 (- Pakistan)
2016-07-14 09:23Distribution SiteLocky
intracorpwestsidecollection.com
ENOM, INC.192.199.204.103 (- Canada)
2016-07-14 09:23Distribution SiteLocky
tozdance.com
NETPIA.COM, INC.61.14.209.175 (- Korea)
2016-07-14 09:23Distribution SiteLocky
infocuscreative.net
GODADDY.COM, LLC192.249.112.224 (- United States)
2016-07-14 09:23Distribution SiteLocky
rue-de-champagne.com
NETWORK SOLUTIONS, LLC.81.88.57.68 (- Italy)
2016-07-14 09:23Distribution SiteLocky
intracorp.ca
Go Daddy Domains Canada, Inc192.199.204.103 (- Canada)
2016-07-14 09:23Distribution SiteLocky
kveldeil.no
176.111.200.27 (- Norway)
2016-07-14 09:22Distribution SiteLocky
khalifacapital.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.142.108 (- Spain)
2016-07-14 08:58Payment SiteCerber
27lelchgcvs2wpm7.ag082d.top
Eranet International Limited (n/a)
2016-07-14 08:27Payment SiteCerber
4kqd3hmqgptupi3p.xmfru5.top
Eranet International Limited (n/a)
2016-07-14 06:50Distribution SiteTorrentLocker
robberseeiland.nl
Net Ground B.V.87.253.134.150 (- Netherlands)
2016-07-14 02:56Payment SiteCerber
52uo5k3t73ypjije.thyx30.top
Eranet International Limited (n/a)
2016-07-14 01:25Payment SiteCerber
27lelchgcvs2wpm7.b7mciu.top
Eranet International Limited (n/a)
2016-07-14 00:52Payment SiteCerber
27lelchgcvs2wpm7.thyx30.top
Eranet International Limited (n/a)
2016-07-14 00:51Payment SiteCerber
4kqd3hmqgptupi3p.bigfooters.loan
Alpnames Limited (n/a)
2016-07-13 20:30Botnet C&CLocky
77.222.54.202
77.222.54.202 (- Russian Federation)
2016-07-13 16:01Payment SiteCerber
52uo5k3t73ypjije.bt7r70.top
Eranet International Limited (n/a)
2016-07-13 15:35Payment SiteCerber
4kqd3hmqgptupi3p.gletterstan.trade
Alpnames Limited (n/a)
2016-07-13 14:33Payment SiteCerber
52uo5k3t73ypjije.xmfru5.top
Eranet International Limited (n/a)
2016-07-13 13:04Payment SiteCerber
4kqd3hmqgptupi3p.thyx30.top
Eranet International Limited (n/a)
2016-07-13 11:44Distribution SiteLocky
gromantique.com
DREAMHOST, LLC208.113.187.64 (- United States)
2016-07-13 11:44Distribution SiteLocky
khalifacapital.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.142.108 (- Spain)
2016-07-13 11:44Distribution SiteLocky
alanakamine.com.br
108.179.193.133 (- United States)
2016-07-13 11:44Distribution SiteLocky
mindfocus.com.br
108.179.193.134 (- United States)
2016-07-13 11:44Distribution SiteLocky
webidator.co.il
(n/a)
2016-07-13 11:44Distribution SiteLocky
biovinci.com.br
108.179.193.134 (- United States)
2016-07-13 11:44Distribution SiteLocky
khalifacapital.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.142.108 (- Spain)
2016-07-13 11:44Distribution SiteLocky
www.mystyleparrucchieri.com
TUCOWS DOMAINS INC.80.88.87.96 (- Italy)
2016-07-13 11:44Distribution SiteLocky
geslexsport.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]127.0.0.1 (n/a)
2016-07-13 11:44Distribution SiteLocky
jonathonbelotti.com
FASTDOMAIN, INC.192.30.252.153 (- United States) +1 A record(s) 192.30.252.154 (AS36459, - United States)
2016-07-13 11:44Distribution SiteLocky
www.comervillamil.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]127.0.0.1 (n/a)
2016-07-13 11:44Distribution SiteLocky
valdemarincapital.com
ARSYS INTERNET, S.L. D/B/A NICLI[...]217.76.142.108 (- Spain)
2016-07-13 11:43Distribution SiteLocky
anttention.tv
GODADDY.COM, LLC (n/a)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >