Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-03-27 09:21Distribution SiteLocky
emprendamosjuntos.com
NEUBOX INTERNET SA DE CV52.204.129.22 (- United States) +1 A record(s) 54.85.127.70 (AS3900, - United States)
2016-03-27 09:21Distribution SiteLocky
famouscouponcodes.com
GODADDY.COM, LLC45.33.9.234 (- United States)
2016-03-27 09:21Distribution SiteLocky
catalog.olegran.com
TUCOWS DOMAINS INC. (n/a)
2016-03-27 09:20Distribution SiteLocky
enticemetwo.yzwebsite.com
GODADDY.COM, LLC (n/a)
2016-03-27 09:20Distribution SiteLocky
khacphucwifiyeu.com
ONLINENIC, INC. (n/a)
2016-03-27 09:20Distribution SiteLocky
kokalsportsco.com
ONLINENIC, INC. (n/a)
2016-03-27 09:19Distribution SiteLocky
barocchiautofficina.it
PLY-REG178.237.15.128 (- Italy)
2016-03-27 09:19Distribution SiteLocky
smenterprisesgroup.com
LAUNCHPAD.COM, INC.192.254.225.179 (- United States)
2016-03-27 09:19Distribution SiteLocky
miss-green.ru
NAUNET-RU146.185.243.134 (- Russian Federation)
2016-03-27 09:18Distribution SiteLocky
oktransport.eu
INTERNET CZ, a.s.81.2.195.73 (- Czech Republic)
2016-03-27 09:18Distribution SiteLocky
kutumobilya.com.tr
185.122.13.177 (- Turkey) +1 A record(s) 185.122.13.37 (AS42926, - Turkey)
2016-03-27 09:17Distribution SiteLocky
luroweb.sk
(n/a)
2016-03-27 09:17Distribution SiteLocky
golfenaccion.com
GODADDY.COM, LLC (n/a)
2016-03-26 11:16Botnet C&CLocky
89.108.84.132
89.108.84.132 (- Russian Federation)
2016-03-26 08:56Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.tordoor.li
(n/a)
2016-03-26 08:46Botnet C&CTorrentLocker
redtable.biz
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-03-25 19:02Botnet C&CTeslaCrypt
www.affiliateproductes.com
GODADDY.COM, LLC107.180.4.124 (- United States)
2016-03-25 19:02Botnet C&CTeslaCrypt
strategicdisaster.info
Crazy Domains FZ-LLC192.186.197.161 (- United States)
2016-03-25 16:29Botnet C&CTeslaCrypt
affiliateproductes.com
GODADDY.COM, LLC107.180.4.124 (- United States)
2016-03-25 16:11Botnet C&CLocky
bwpegsfa.info
GoDaddy.com, LLC45.56.77.175 (- United States)
2016-03-25 11:48Botnet C&CLocky
xyhhuxa.be
101Domain, Inc.195.22.28.196 (- Portugal)
2016-03-25 11:48Botnet C&CLocky
swfqg.in
Enom Inc. (R46-AFIN)208.100.26.234 (- United States)
2016-03-25 10:54Botnet C&CLocky
uhgmnigjpf.biz
REGTIME LTD.93.170.104.127 (- Netherlands)
2016-03-25 10:54Botnet C&CLocky
hmndhdbscgru.pw
Dynadot LLC69.195.129.70 (- United States)
2016-03-25 08:29Payment SiteTeslaCrypt
uj5nj.onanwhit.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-25 08:27Payment SiteTeslaCrypt
2gdb4.leoraorage.at
(n/a)
2016-03-24 21:04Botnet C&CTeslaCrypt
videoaminproduktion.de
87.238.192.67 (- Germany)
2016-03-24 14:32Botnet C&CTeslaCrypt
mcgroupuae.com
GODADDY.COM, LLC166.62.28.147 (- United States)
2016-03-24 14:08Botnet C&CLocky
46.8.44.39
46.8.44.39 (- Russian Federation)
2016-03-24 11:14Distribution SiteTeslaCrypt
jeansowghsqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-24 11:02Botnet C&CTeslaCrypt
pilfingr.com
GODADDY.COM, LLC192.186.208.225 (- United States)
2016-03-24 10:35Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.torgateway.li
(n/a)
2016-03-24 10:34Payment SiteTeslaCrypt
6g4ds.froekuge.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-24 10:21Payment SiteTeslaCrypt
9hrds.wolfcrap.at
(n/a)
2016-03-24 08:48Botnet C&CTeslaCrypt
setprosports.info
GoDaddy.com, LLC198.12.157.163 (- United States)
2016-03-24 08:45Botnet C&CTeslaCrypt
marvel-games.com
EVOPLUS LTD167.160.162.182 (- United States)
2016-03-24 08:20Distribution SiteLocky
missdionnemendez.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]209.99.40.222 (- United States)
2016-03-23 17:01Botnet C&CLocky
217.12.218.158
217.12.218.158 (- Ukraine)
2016-03-23 15:23Distribution SiteLocky
ipekmodakaftan.com
FBS INC. (n/a)
2016-03-23 13:42Distribution SiteLocky
mgm88tv.com
NAME.COM, INC. (n/a)
2016-03-23 12:20Botnet C&CLocky
84.19.170.244
84.19.170.244 (- Germany)
2016-03-23 12:00Botnet C&CTeslaCrypt
samuday.org
GoDaddy.com, LLC50.31.14.17 (- United States)
2016-03-23 12:00Botnet C&CTeslaCrypt
maxmpl.com
BIGROCK SOLUTIONS LIMITED103.27.87.88 (- India)
2016-03-23 10:38Distribution SiteLocky
phukienchat.com.vn
(n/a)
2016-03-23 08:02Payment SiteLocky
32kl2rwsjvqjeui7.tor2web.org
Tucows Inc.185.100.85.150 (- Romania) +1 A record(s) 192.36.27.5 (AS60729, - Sweden)
2016-03-23 08:02Payment SiteLocky
32kl2rwsjvqjeui7.onion.cab
InterNetworX Ltd. & Co. KG85.25.214.50 (- Germany)
2016-03-23 08:02Payment SiteLocky
32kl2rwsjvqjeui7.onion.to
185.100.85.150 (- Romania) +1 A record(s) 192.36.27.5 (AS60729, - Sweden)
2016-03-23 07:43Payment SiteTeslaCrypt
vewrb.italisumo.at
(n/a)
2016-03-23 07:43Payment SiteTeslaCrypt
gwbak.nickymaru.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-22 17:17Botnet C&CTeslaCrypt
diwali2k15.in
Webiq Domains Solutions Pvt. Ltd[...]64.20.35.186 (- United States)
2016-03-22 15:32Distribution SiteTeslaCrypt
grandaareyoucc.asia
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-03-22 15:32Distribution SiteTeslaCrypt
grandaareyoucc.asia
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-03-22 15:32Distribution SiteTeslaCrypt
grandaareyoucc.asia
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-03-22 15:32Distribution SiteTeslaCrypt
grandaareyoucc.asia
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-03-22 15:32Distribution SiteTeslaCrypt
isityouereqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-22 15:31Distribution SiteTeslaCrypt
isityouereqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-22 15:31Distribution SiteTeslaCrypt
isityouereqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-22 15:31Distribution SiteTeslaCrypt
isityouereqq.com
KEY-SYSTEMS GMBH (n/a)
2016-03-22 12:35Distribution SiteLocky
toys.inspirr.computerline.hk
Web Commerce Communications Limi[...]91.135.76.69 (- Hong Kong)
2016-03-22 12:32Botnet C&CLocky
195.64.154.126
195.64.154.126 (- Ukraine)
2016-03-22 12:21Botnet C&CTeslaCrypt
masterlegue.com
TUCOWS DOMAINS INC.62.210.83.56 (- France)
2016-03-22 11:11Botnet C&CTeslaCrypt
toolaria.com
GODADDY.COM, LLC160.153.49.102 (- United States)
2016-03-22 08:25Botnet C&CLocky
92.63.87.106
92.63.87.106 (- Latvia)
2016-03-22 07:24Payment SiteTeslaCrypt
8b4bb47tiaolhy4uhhlfaqerg.sofarany.at
(n/a)
2016-03-21 13:50Botnet C&CTeslaCrypt
tradinbow.com
OVH213.186.33.104 (- France)
2016-03-21 13:03Botnet C&CLocky
217.12.199.90
217.12.199.90 (- Ukraine)
2016-03-21 06:52Payment SiteTeslaCrypt
irudhkunrlfu25fhkaqw34blr5qlby4tgq43t.orrisbirth.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-21 06:51Payment SiteTeslaCrypt
g4dhhg53jsdjnnkjwjrfyiouh3o4u4th.vinerteen.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-21 06:48Payment SiteTeslaCrypt
74nfnjhlq45nkgws4hbdbk45wekfjhqw4talefgnv.curryfort.at
(n/a)
2016-03-21 03:08Botnet C&CLocky
nwcpgymgh.work
Regtime5.34.183.21 (- Ukraine)
2016-03-20 09:08Botnet C&CTeslaCrypt
mkis.org
Register.com, Inc.50.87.127.96 (- United States)
2016-03-19 23:39Botnet C&CPayCrypt
promedia.co.in
GoDaddy.com, LLC (R101-AFIN)192.185.21.126 (- United States)
2016-03-19 17:54Botnet C&CLocky
46.148.20.46
46.148.20.46 (- Ukraine)
2016-03-19 15:10Botnet C&CTeslaCrypt
commonsenseprotection.com
GODADDY.COM, LLC50.116.109.230 (- United States)
2016-03-19 08:09Payment SiteTeslaCrypt
94dbhbj3l4blaeyfgl7q45glbaer.giponfeste.at
(n/a)
2016-03-19 08:09Payment SiteTeslaCrypt
uhufnlsad7bhf4ykqfbevmxergwrth.himfinn.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-18 18:32Botnet C&CLocky
accemfsqovkd.pw
Namecheapn/a
2016-03-18 17:51Botnet C&CTeslaCrypt
classemgmt.testbada.com
MEGAZONE CORP. DBA HOSTING.KR115.94.157.252 (- Korea)
2016-03-18 14:59Botnet C&CTeslaCrypt
exaltation.info
Key-Systems GmbH46.235.47.104 (- Netherlands)
2016-03-18 14:10Payment SiteTeslaCrypt
h5nuwefkuh134ljngkasdbasfg.corolbugan.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-03-18 14:04Payment SiteTeslaCrypt
p54dhkus4tlkfashdb6vjetgsdfg.greetingshere.at
(n/a)
2016-03-18 13:56Payment SiteTeslaCrypt
f4dsbjhb45wfiuqeib4fkqeg.meccaledgy.at
(n/a)
2016-03-18 13:34Botnet C&CTeslaCrypt
resumosdenovela.net
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]108.167.185.237 (- United States)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GODADDY.COM, LLC (n/a)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GODADDY.COM, LLC (n/a)
2016-03-17 23:57Botnet C&CCryptoWall
bolizarsospos.com
GODADDY.COM, LLC (n/a)
2016-03-17 18:22Botnet C&CLocky
plfbvdrpvsm.pw
Namecheap208.100.26.234 (- United States)
2016-03-17 07:14Botnet C&CTeslaCrypt
shampooherbal.com
NAME.COM, INC.104.128.239.91 (- United States)
2016-03-16 23:48Botnet C&CTeslaCrypt
joshsawyerdesign.com
GODADDY.COM, LLC107.180.4.11 (- United States)
2016-03-16 16:31Botnet C&CLocky
51.254.181.122
51.254.181.122 (- France)
2016-03-16 14:19Botnet C&CTeslaCrypt
hmgame.net
WEB COMMERCE COMMUNICATIONS LIMI[...]66.147.244.86 (- United States)
2016-03-16 13:57Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.bestxprice.ch
(n/a)
2016-03-16 13:56Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.livecamshow.ch
(n/a)
2016-03-16 13:53Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.tormaster.fr
1API GmbH (n/a)
2016-03-16 13:43Botnet C&CLocky
51.255.107.8
51.255.107.8 (- France)
2016-03-16 13:28Botnet C&CTeslaCrypt
marketathart.com
CRAZY DOMAINS FZ-LLC192.185.35.88 (- United States)
2016-03-16 13:13Botnet C&CLocky
91.195.12.187
91.195.12.187 (- Ukraine)
2016-03-16 12:47Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.torstation.li
(n/a)
2016-03-16 12:38Botnet C&CTorrentLocker
dumberg.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-03-16 10:21Botnet C&CCTB-Locker
beedqybvjehzlud5.tor2web.org
Tucows Inc.194.150.168.70 (- Germany)

# of rows displayed: 100
# of entries in database: 12'829

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 >