Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-04-03 08:42Distribution SiteLocky
www.harmonyhealthandbeautyclinic.com
TUCOWS DOMAINS INC.212.48.75.234 (- United Kingdom)
2016-04-03 08:42Distribution SiteLocky
toysnet.nl
Registrar.eu (n/a)
2016-04-03 08:42Distribution SiteLocky
ledivinecomedie.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]209.99.40.222 (- United States)
2016-04-03 08:42Distribution SiteLocky
garmulewicz.pl
Consulting Service Sp. z o.o.127.0.0.1 (n/a)
2016-04-03 08:42Distribution SiteLocky
teamlight-pro.ru
REGRU-RU (n/a)
2016-04-03 08:41Distribution SiteLocky
grafikeria.pl
Consulting Service Sp. z o.o.193.106.238.29 (- Poland)
2016-04-03 08:41Distribution SiteLocky
xn--80ailp.com
INTERNET INVEST, LTD. DBA IMENA.[...]93.190.41.193 (- Ukraine)
2016-04-03 08:41Distribution SiteLocky
ekotrade.linuxpl.info
GoDaddy.com, LLC95.211.176.130 (- Netherlands)
2016-04-03 08:41Distribution SiteLocky
prawoiznaki.pl
home.pl S.A.193.106.238.29 (- Poland)
2016-04-03 08:41Distribution SiteLocky
xn--as-wqa.org.pl
Consulting Service Sp. z o.o.193.106.238.29 (- Poland)
2016-04-03 08:41Distribution SiteLocky
saltoelite.com
GODADDY.COM, LLC (n/a)
2016-04-03 08:41Distribution SiteLocky
www.realistikkampanya.info
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-04-03 08:40Distribution SiteLocky
atlantisjuwelier.nl
AXC185.182.56.95 (- Netherlands)
2016-04-03 08:40Distribution SiteLocky
promologicllc.com
GODADDY.COM, LLC199.0.184.165 (- United States)
2016-04-03 08:40Distribution SiteLocky
thediscipleshipplace.org
eNom, Inc.52.84.86.102 (- United States) +7 A record(s) 52.84.86.141 (AS16509, - United States)
52.84.86.176 (AS16509, - United States)
52.84.86.179 (AS16509, - United States)
52.84.86.210 (AS16509, - United States)
52.84.86.39 (AS16509, - United States)
52.84.86.58 (AS16509, - United States)
52.84.86.94 (AS16509, - United States)
2016-04-03 08:40Distribution SiteLocky
slacwpa.org
Network Solutions, LLC67.205.163.17 (- United States)
2016-04-03 08:40Distribution SiteLocky
canceralia.eu
Schlund+Partner AG88.198.231.1 (- Germany)
2016-04-03 08:40Distribution SiteLocky
bqsc.pt
(n/a)
2016-04-03 08:40Distribution SiteLocky
rocketsrange.com
ENOM, INC.41.185.8.177 (- South Africa)
2016-04-03 08:40Distribution SiteLocky
buygrocery.nz
192.185.157.116 (- United States)
2016-04-03 08:40Distribution SiteLocky
spicythaicafe.com
VODIEN INTERNET SOLUTIONS PTE LT[...]119.31.235.70 (- Singapore)
2016-04-03 08:40Distribution SiteLocky
iwonderlifestyle.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]119.18.59.39 (- India)
2016-04-03 08:39Distribution SiteLocky
hdtech-pro.com
P.A. VIET NAM COMPANY LIMITED204.11.56.48 (- Virgin Islands)
2016-04-02 11:26Payment SiteTeslaCrypt
k34ew.keyedgell.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-04-02 11:22Botnet C&CTeslaCrypt
goldberg-share.com
GODADDY.COM, LLC107.180.43.132 (- United States)
2016-04-02 07:51Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.torprovider.li
(n/a)
2016-04-02 06:10Botnet C&CLocky
91.223.180.240
91.223.180.240 (- Ukraine)
2016-04-01 21:14Botnet C&CLocky
45.55.192.133
45.55.192.133 (- United States)
2016-04-01 19:49Botnet C&CTeslaCrypt
hotcasinogames.org
GoDaddy.com, LLC217.70.180.150 (- France)
2016-04-01 17:39Botnet C&CLocky
91.209.77.86
91.209.77.86 (- Czech Republic)
2016-04-01 15:06Distribution SiteLocky
docmate.com
ENOM, INC.52.38.216.226 (- United States)
2016-04-01 15:05Distribution SiteLocky
anmchosp.com
GODADDY.COM, LLC108.179.230.38 (- United States)
2016-04-01 13:28Distribution SiteLocky
zagool.nl
OVH (n/a)
2016-04-01 13:28Distribution SiteLocky
avanteconsultores.com
NETEARTH ONE INC. D/B/A NETEARTH82.165.195.128 (- Germany)
2016-04-01 05:56Distribution SiteLocky
a-ntsuhan.com
ENOM, INC.103.224.212.222 (- Australia)
2016-04-01 05:56Distribution SiteLocky
vtdrive.kz
HOSTER.KZ (n/a)
2016-04-01 05:56Distribution SiteLocky
storepro.ir
185.94.97.106 (- Iran)
2016-04-01 05:56Distribution SiteLocky
zwei.audio
1&1 Internet SE217.160.0.111 (- Germany)
2016-04-01 05:56Distribution SiteLocky
anttela.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]202.75.56.132 (- Malaysia)
2016-03-31 23:21Botnet C&CLocky
88.198.119.177
88.198.119.177 (- Germany)
2016-03-31 20:53Botnet C&CTeslaCrypt
mahmutersan.com.tr
160.153.18.235 (- United States)
2016-03-31 20:53Botnet C&CTeslaCrypt
kknk-shop.dev.onnetdigital.com
ENOM, INC.176.9.2.244 (- Germany)
2016-03-31 20:53Botnet C&CTeslaCrypt
forms.net.in
GoDaddy.com, LLC (R101-AFIN)160.153.51.192 (- United States)
2016-03-31 20:26Botnet C&CLocky
sqrgvbgfyya.org
Dynadot, LLC69.195.129.70 (- United States)
2016-03-31 20:26Botnet C&CLocky
barjhxoye.info
101domain, Inc195.22.28.197 (- Portugal)
2016-03-31 20:06Botnet C&CLocky
81.177.181.164
81.177.181.164 (- Russian Federation)
2016-03-31 17:53Distribution SiteLocky
greenellebox.com
OVH217.160.223.72 (- Germany)
2016-03-31 17:52Distribution SiteLocky
www.aluguerdiadema.com
NETWORK SOLUTIONS, LLC.185.2.4.74 (- Italy)
2016-03-31 17:52Distribution SiteLocky
icurlers.com
GODADDY.COM, LLC138.201.79.116 (- Germany)
2016-03-31 17:52Distribution SiteLocky
shopyb.com
DOMAINCLUB.COM LLC23.227.38.32 (- Canada)
2016-03-31 17:51Distribution SiteLocky
mentalmathcompetition.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]185.116.213.93 (- United Kingdom)
2016-03-31 17:51Distribution SiteLocky
hollandfoodexchange.com
KEY-SYSTEMS GMBH78.46.245.40 (- Germany)
2016-03-31 17:49Distribution SiteLocky
mylookalikedoll.com
GODADDY.COM, LLC204.11.56.48 (- Virgin Islands)
2016-03-31 17:48Distribution SiteLocky
be-stlines-tore.com
ENOM, INC. (n/a)
2016-03-31 17:48Distribution SiteLocky
aaacollectionsjewelry.com
ENOM, INC. (n/a)
2016-03-31 17:45Distribution SiteLocky
internetsimplificada.com.br
198.46.81.219 (- United States)
2016-03-31 17:44Distribution SiteLocky
easyvisa.com
GODADDY.COM, LLC192.154.96.199 (- United States)
2016-03-31 17:44Distribution SiteLocky
easyvisa.com
GODADDY.COM, LLC192.154.96.199 (- United States)
2016-03-31 17:20Distribution SiteLocky
beimeihuifu.com
FASTDOMAIN, INC. (n/a)
2016-03-31 16:56Payment SiteTeslaCrypt
i5ndw.titlecorta.at
(n/a)
2016-03-31 16:53Payment SiteTeslaCrypt
d34fa.lasmeio.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-31 16:11Botnet C&CTeslaCrypt
casasembargada.com
GODADDY.COM, LLC23.229.166.194 (- United States)
2016-03-31 15:57Distribution SiteLocky
santekhnicheskie-raboti.ru
REGRU-RU31.31.205.31 (- Russian Federation)
2016-03-31 15:56Distribution SiteLocky
smartbs-cameroun.com
NAMEWEB BVBA (n/a)
2016-03-31 15:44Distribution SiteLocky
drirenaeris.com.au
Web Address Registration110.232.140.74 (- Australia)
2016-03-31 15:44Distribution SiteLocky
abnreview.com.au
Web Address Registration110.232.140.74 (- Australia)
2016-03-31 15:43Distribution SiteLocky
buketrose.ru
REGRU-RU (n/a)
2016-03-31 15:43Distribution SiteLocky
zakaz-sharikov.ru
REGRU-RU (n/a)
2016-03-31 15:43Distribution SiteLocky
brand-obuv.ru
REGRU-RU (n/a)
2016-03-31 13:59Botnet C&CLocky
dwytqrgblrynsgtew.org
Dynadot, LLC69.195.129.70 (- United States)
2016-03-31 13:37Botnet C&CTeslaCrypt
csskol.org
GoDaddy.com, LLC160.153.51.192 (- United States)
2016-03-31 12:59Payment SiteTorrentLocker
stgg5jv6mqiibmax.torpoint.ch
(n/a)
2016-03-31 12:41Botnet C&CTorrentLocker
bedrifg.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-31 12:26Distribution SiteLocky
epegasus.pl
Consulting Service Sp. z o.o.91.200.184.116 (- Poland)
2016-03-31 12:26Distribution SiteLocky
grzegorzschreiber.pl
AZ.pl Sp. z o.o.193.106.238.29 (- Poland)
2016-03-31 10:26Distribution SiteLocky
pure-line.com.pl
Consulting Service Sp. z o.o.193.106.238.29 (- Poland)
2016-03-31 10:26Distribution SiteLocky
new.teamlight.ru
REGRU-RU (n/a)
2016-03-31 08:50Distribution SiteLocky
assura-courtage.org
1 & 1 Internet AG212.227.247.72 (- Germany)
2016-03-31 08:49Distribution SiteLocky
bonares.pl
Consulting Service Sp. z o.o.188.40.44.195 (- Germany)
2016-03-31 08:48Distribution SiteLocky
arcfestoheni.hu
178.238.222.219 (- Hungary)
2016-03-31 08:48Distribution SiteLocky
xn--po-wqa.pl
Consulting Service Sp. z o.o.193.106.238.29 (- Poland)
2016-03-31 08:46Distribution SiteLocky
oceancraftnepal.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-03-31 07:53Botnet C&CTorrentLocker
velodrivve.biz
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-03-31 06:04Distribution SiteLocky
photronlamp.com
PLANETDOMAIN PTY LTD.101.0.69.226 (- Australia)
2016-03-31 05:29Botnet C&CLocky
31.41.44.130
31.41.44.130 (- Russian Federation)
2016-03-31 05:28Botnet C&CLocky
51.254.240.45
51.254.240.45 (- France)
2016-03-31 05:18Distribution SiteLocky
blog.saletron.net
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]91.215.216.56 (- Bulgaria)
2016-03-31 05:18Distribution SiteLocky
hiddenhandbags.com
CSL COMPUTER SERVICE LANGENBACH [...]217.69.44.35 (- United Kingdom)
2016-03-31 05:17Distribution SiteLocky
lojaagrometal.com.br
209.126.22.187 (- United States)
2016-03-31 05:15Distribution SiteLocky
blog.insite.pt
193.126.240.145 (- Portugal)
2016-03-31 05:14Distribution SiteLocky
dev.orolatina.com
GODADDY.COM, LLC162.252.104.207 (- United States)
2016-03-31 05:14Distribution SiteLocky
itead-europe.com
1 API GMBH213.9.21.88 (- Germany)
2016-03-31 05:14Distribution SiteLocky
zilton.com
ASCIO TECHNOLOGIES, INC. DANMARK[...]81.95.122.229 (- Belgium)
2016-03-31 05:14Distribution SiteLocky
caferacerpneus.com.br
177.185.194.112 (- Brazil)
2016-03-30 22:06Botnet C&CLocky
82.146.37.200
82.146.37.200 (- Russian Federation)
2016-03-30 16:34Distribution SiteLocky
kingsstaging.consines.in
ZNet Technologies Private Limite[...] (n/a)
2016-03-30 16:33Distribution SiteLocky
srijanexportstowelwarmers.co.uk
PDR Ltd. d/b/a PublicDomainRegis[...]213.52.128.146 (- United Kingdom)
2016-03-30 15:54Botnet C&CTeslaCrypt
grosirkecantikan.com
ENOM, INC.192.185.51.87 (- United States)
2016-03-30 14:02Botnet C&CLocky
93.170.131.108
93.170.131.108 (- Russian Federation)
2016-03-30 13:29Distribution SiteLocky
fabiocaminero.com
NETEARTH ONE INC. D/B/A NETEARTH (n/a)

# of rows displayed: 100
# of entries in database: 12'899

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 >