Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-04-19 07:49Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.torclassik.li
(n/a)
2016-04-19 04:25Botnet C&CLocky
ahsqbeospcdrngfv.info
101domain, Inc195.22.28.198 (- Portugal)
2016-04-19 04:24Botnet C&CLocky
cxlgwofgrjfoaa.info
101domain, Inc195.22.28.197 (- Portugal)
2016-04-18 10:00Botnet C&CLocky
91.234.35.243
91.234.35.243 (- Ukraine)
2016-04-18 05:26Botnet C&CTeslaCrypt
4turka.com
FBS INC.185.12.108.138 (- Turkey)
2016-04-17 15:06Botnet C&CLocky
185.14.28.30
185.14.28.30 (- Netherlands)
2016-04-17 06:49Botnet C&CLocky
91.230.211.103
91.230.211.103 (- Russian Federation)
2016-04-17 06:49Botnet C&CLocky
31.184.196.74
31.184.196.74 (- Russian Federation)
2016-04-17 05:07Botnet C&CLocky
91.219.29.81
91.219.29.81 (- Ukraine)
2016-04-16 16:42Botnet C&CLocky
jghbktqepe.pw
101Domain, Inc.195.22.28.198 (- Portugal)
2016-04-16 14:31Botnet C&CPayCrypt
jfheubdh.cc
KEY-SYSTEMS GMBH85.25.194.97 (- Germany)
2016-04-16 14:31Botnet C&CPayCrypt
jfheubdh.cc
KEY-SYSTEMS GMBH85.25.194.97 (- Germany)
2016-04-15 18:53Botnet C&CTeslaCrypt
lorangeriedelareine.fr
ONLINE SAS62.210.116.247 (- France)
2016-04-15 10:39Botnet C&CLocky
uhhvhjqowpgopq.xyz
Namecheap208.100.26.234 (- United States)
2016-04-15 10:39Botnet C&CLocky
gfcuxnaek.ru
101DOMAIN-RU195.22.28.199 (- Portugal)
2016-04-14 13:19Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.tordonator.li
(n/a)
2016-04-14 10:56Botnet C&CLocky
ampjsppmftmfdblpt.info
101domain, Inc195.22.28.199 (- Portugal)
2016-04-14 10:21Payment SiteTorrentLocker
stgg5jv6mqiibmax.torcreator.li
(n/a)
2016-04-14 02:22Botnet C&CLocky
207.244.97.230
207.244.97.230 (- United States)
2016-04-13 19:46Botnet C&CLocky
46.165.253.93
46.165.253.93 (- Germany)
2016-04-13 17:05Botnet C&CTeslaCrypt
thinktrimbebeautiful.com.au
Web Address Registration182.50.149.1 (- Singapore)
2016-04-13 16:05Botnet C&CTeslaCrypt
baby.teasso.com
LIQUIDNET LTD.162.210.102.32 (- United States)
2016-04-13 12:44Botnet C&CTorrentLocker
dirtyslim.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-04-13 07:52Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.torreactor.li
(n/a)
2016-04-13 06:02Botnet C&CTorrentLocker
bigdoggi.biz
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-04-12 16:17Botnet C&CTeslaCrypt
helcel.com
TUCOWS DOMAINS INC.72.41.18.2 (- United States)
2016-04-12 11:48Distribution SiteTeslaCrypt
greetingsyoungqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-12 11:48Distribution SiteTeslaCrypt
greetingsyoungqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-12 11:48Distribution SiteTeslaCrypt
greetingsyoungqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-12 11:48Distribution SiteTeslaCrypt
greetingsyoungqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-12 05:24Botnet C&CTeslaCrypt
loseweightwithmysite.com
FASTDOMAIN, INC.74.220.207.112 (- United States)
2016-04-12 05:17Botnet C&CLocky
nhhyxorxbxarxe.org
101domain, Inc.195.22.28.196 (- Portugal)
2016-04-11 21:08Botnet C&CLocky
gsebqsi.ru
101DOMAIN-RU195.22.28.198 (- Portugal)
2016-04-11 16:33Botnet C&CTeslaCrypt
onguso.com
ENOM, INC.72.41.18.2 (- United States)
2016-04-11 12:39Botnet C&CPayCrypt
www.hiverhoney.com
GODADDY.COM, LLC162.253.144.139 (- United States)
2016-04-11 12:36Botnet C&CLocky
ywjgjvpuyitnbiw.info
101domain, Inc195.22.28.198 (- Portugal)
2016-04-11 10:47Botnet C&CLocky
omeaswslhgdw.xyz
Namecheap208.100.26.234 (- United States)
2016-04-11 10:47Botnet C&CLocky
kcdfajaxngiff.info
101domain, Inc195.22.28.199 (- Portugal)
2016-04-11 06:34Botnet C&CLocky
91.219.31.15
91.219.31.15 (- Russian Federation)
2016-04-11 05:21Botnet C&CTeslaCrypt
silocot.com
NAMESILO, LLC62.210.88.33 (- France)
2016-04-10 06:28Botnet C&CTeslaCrypt
gooseart.com
CSL COMPUTER SERVICE LANGENBACH [...]195.128.174.143 (- Denmark)
2016-04-09 17:36Botnet C&CLocky
88.214.237.57
88.214.237.57 (- Russian Federation)
2016-04-09 15:26Botnet C&CLocky
91.219.28.44
91.219.28.44 (- Netherlands)
2016-04-09 11:22Payment SiteTeslaCrypt
k3cxd.pileanoted.com
KEY-SYSTEMS GMBH184.105.192.2 (- United States)
2016-04-09 08:40Botnet C&CTorrentLocker
kinomix.org
Registrar of Domain Names REG.RU[...]n/a
2016-04-09 08:19Botnet C&CTorrentLocker
verekt.biz
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-04-09 08:11Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.tormain.li
(n/a)
2016-04-08 17:14Botnet C&CTeslaCrypt
bluedreambd.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-04-08 13:31Botnet C&CTeslaCrypt
colinmccarthynfl.com
GODADDY.COM, LLC50.62.250.1 (- United States)
2016-04-08 13:27Botnet C&CLocky
193.9.28.49
193.9.28.49 (- United States)
2016-04-07 20:42Botnet C&CLocky
37.139.2.214
37.139.2.214 (- Netherlands)
2016-04-07 13:49Botnet C&CTorrentLocker
feellgood.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-04-07 13:20Payment SiteTeslaCrypt
o4dm3.leaama.at
(n/a)
2016-04-07 10:29Payment SiteTeslaCrypt
as3ws.fopyirr.com
KEY-SYSTEMS GMBH184.105.192.2 (- United States)
2016-04-07 06:49Botnet C&CTeslaCrypt
naomihawkins.com
GODADDY.COM, LLC50.63.97.1 (- United States)
2016-04-07 06:49Botnet C&CTeslaCrypt
getdiscounts.org
GoDaddy.com, LLC205.144.171.76 (- United States)
2016-04-07 06:49Botnet C&CTeslaCrypt
43nutrientes.com
GODADDY.COM, LLC50.87.149.41 (- United States)
2016-04-06 16:54Botnet C&CTeslaCrypt
traditions-and-custom.com
GODADDY.COM, LLC72.41.18.212 (- United States)
2016-04-06 10:01Botnet C&CTeslaCrypt
closerdaybyday.info
eNom, Inc.192.185.151.39 (- United States)
2016-04-06 06:44Distribution SiteTeslaCrypt
marvellrulesqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-06 06:39Distribution SiteTeslaCrypt
marvellrulescc.asia
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-04-06 06:38Distribution SiteTeslaCrypt
marvellrulesqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-05 16:00Botnet C&CTeslaCrypt
coldheartedny.com
GODADDY.COM, LLC107.180.26.75 (- United States)
2016-04-05 14:02Botnet C&CLocky
31.148.99.241
31.148.99.241 (- Russian Federation)
2016-04-05 13:42Botnet C&CTeslaCrypt
helpdesk.keldon.info
Ascio Technologies, Inc. Danmark[...]194.228.3.204 (- Czech Republic)
2016-04-05 11:07Botnet C&CTorrentLocker
baggir.org
Registrar of Domain Names REG.RU[...]194.58.56.153 (- Russian Federation)
2016-04-05 09:31Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.tormaster.ch
(n/a)
2016-04-05 09:29Botnet C&CTeslaCrypt
addagapublicschool.com
GODADDY.COM, LLC23.229.239.227 (- United States)
2016-04-04 14:24Distribution SiteTeslaCrypt
greetingseuropasqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-04 14:24Distribution SiteTeslaCrypt
greetingseuropasqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-04 14:23Distribution SiteTeslaCrypt
greetingseuropasqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-04 14:22Botnet C&CTeslaCrypt
thejonesact.com
GODADDY.COM, LLC192.186.220.8 (- United States)
2016-04-04 13:49Distribution SiteTeslaCrypt
greetingseuropasqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-04 10:20Botnet C&CTeslaCrypt
theoneflooring.com
GODADDY.COM, LLC107.180.4.122 (- United States)
2016-04-04 10:20Botnet C&CTeslaCrypt
studiosundaytv.com
GODADDY.COM, LLC76.162.168.113 (- United States)
2016-04-04 06:51Payment SiteTeslaCrypt
h3ds4.maconslab.com
BIZCN.COM, INC.184.105.192.2 (- United States)
2016-04-03 13:26Distribution SiteLocky
mossafes.ru
NAUNET-RU (n/a)
2016-04-03 10:06Botnet C&CTorrentLocker
olimpian.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-04-03 08:42Distribution SiteLocky
www.harmonyhealthandbeautyclinic.com
TUCOWS DOMAINS INC.212.48.75.234 (- United Kingdom)
2016-04-03 08:42Distribution SiteLocky
toysnet.nl
Registrar.eu (n/a)
2016-04-03 08:42Distribution SiteLocky
ledivinecomedie.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]209.99.40.222 (- United States)
2016-04-03 08:42Distribution SiteLocky
garmulewicz.pl
Consulting Service Sp. z o.o.127.0.0.1 (n/a)
2016-04-03 08:42Distribution SiteLocky
teamlight-pro.ru
REGRU-RU (n/a)
2016-04-03 08:41Distribution SiteLocky
grafikeria.pl
Consulting Service Sp. z o.o.193.106.238.29 (- Poland)
2016-04-03 08:41Distribution SiteLocky
xn--80ailp.com
INTERNET INVEST, LTD. DBA IMENA.[...]93.190.41.193 (- Ukraine)
2016-04-03 08:41Distribution SiteLocky
ekotrade.linuxpl.info
GoDaddy.com, LLC95.211.176.130 (- Netherlands)
2016-04-03 08:41Distribution SiteLocky
prawoiznaki.pl
home.pl S.A.193.106.238.29 (- Poland)
2016-04-03 08:41Distribution SiteLocky
xn--as-wqa.org.pl
Consulting Service Sp. z o.o.193.106.238.29 (- Poland)
2016-04-03 08:41Distribution SiteLocky
saltoelite.com
GODADDY.COM, LLC (n/a)
2016-04-03 08:41Distribution SiteLocky
www.realistikkampanya.info
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-04-03 08:40Distribution SiteLocky
atlantisjuwelier.nl
AXC185.182.56.95 (- Netherlands)
2016-04-03 08:40Distribution SiteLocky
promologicllc.com
GODADDY.COM, LLC199.0.184.165 (- United States)
2016-04-03 08:40Distribution SiteLocky
thediscipleshipplace.org
eNom, Inc.52.84.86.102 (- United States) +7 A record(s) 52.84.86.141 (AS16509, - United States)
52.84.86.176 (AS16509, - United States)
52.84.86.179 (AS16509, - United States)
52.84.86.210 (AS16509, - United States)
52.84.86.39 (AS16509, - United States)
52.84.86.58 (AS16509, - United States)
52.84.86.94 (AS16509, - United States)
2016-04-03 08:40Distribution SiteLocky
slacwpa.org
Network Solutions, LLC67.205.163.17 (- United States)
2016-04-03 08:40Distribution SiteLocky
canceralia.eu
Schlund+Partner AG88.198.231.1 (- Germany)
2016-04-03 08:40Distribution SiteLocky
bqsc.pt
(n/a)
2016-04-03 08:40Distribution SiteLocky
rocketsrange.com
ENOM, INC.41.185.8.177 (- South Africa)
2016-04-03 08:40Distribution SiteLocky
buygrocery.nz
192.185.157.116 (- United States)
2016-04-03 08:40Distribution SiteLocky
spicythaicafe.com
VODIEN INTERNET SOLUTIONS PTE LT[...]119.31.235.70 (- Singapore)
2016-04-03 08:40Distribution SiteLocky
iwonderlifestyle.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]119.18.59.39 (- India)

# of rows displayed: 100
# of entries in database: 12'877

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 >