Tracker

Ransomware Tracker to distinguishes between the following threats:

Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:

New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.

Search

You can search for a host or URL using the following search form:

Set a filter for the list below

Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.

General filters: Remove filter (Show all) | Online hosts
Filter by threat: Botnet C&Cs | Payment Sites | Distribution Sites
Filter by malware: TeslaCrypt | CryptoWall | TorrentLocker | PadCrypt | Locky | CTB-Locker | FAKBEN | PayCrypt | DMALocker | Cerber | Sage | GlobeImposter

Dateadded (UTC)ThreatMalwareHost (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not.

Red = Online
Green = Offline
Grey = Unknown
)
Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.)IP address (ASN, Country)
2016-04-17 15:06Botnet C&CLocky
185.14.28.30
185.14.28.30 (- Netherlands)
2016-04-17 06:49Botnet C&CLocky
91.230.211.103
91.230.211.103 (- Russian Federation)
2016-04-17 06:49Botnet C&CLocky
31.184.196.74
31.184.196.74 (- Russian Federation)
2016-04-17 05:07Botnet C&CLocky
91.219.29.81
91.219.29.81 (- Ukraine)
2016-04-16 16:42Botnet C&CLocky
jghbktqepe.pw
101Domain, Inc.195.22.28.198 (- Portugal)
2016-04-16 14:31Botnet C&CPayCrypt
jfheubdh.cc
KEY-SYSTEMS GMBH85.25.194.97 (- Germany)
2016-04-16 14:31Botnet C&CPayCrypt
jfheubdh.cc
KEY-SYSTEMS GMBH85.25.194.97 (- Germany)
2016-04-15 18:53Botnet C&CTeslaCrypt
lorangeriedelareine.fr
ONLINE SAS62.210.116.247 (- France)
2016-04-15 10:39Botnet C&CLocky
uhhvhjqowpgopq.xyz
Namecheap208.100.26.234 (- United States)
2016-04-15 10:39Botnet C&CLocky
gfcuxnaek.ru
101DOMAIN-RU195.22.28.199 (- Portugal)
2016-04-14 13:19Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.tordonator.li
(n/a)
2016-04-14 10:56Botnet C&CLocky
ampjsppmftmfdblpt.info
101domain, Inc195.22.28.199 (- Portugal)
2016-04-14 10:21Payment SiteTorrentLocker
stgg5jv6mqiibmax.torcreator.li
(n/a)
2016-04-14 02:22Botnet C&CLocky
207.244.97.230
207.244.97.230 (- United States)
2016-04-13 19:46Botnet C&CLocky
46.165.253.93
46.165.253.93 (- Germany)
2016-04-13 17:05Botnet C&CTeslaCrypt
thinktrimbebeautiful.com.au
Web Address Registration182.50.149.1 (- Singapore)
2016-04-13 16:05Botnet C&CTeslaCrypt
baby.teasso.com
LIQUIDNET LTD.162.210.102.32 (- United States)
2016-04-13 12:44Botnet C&CTorrentLocker
dirtyslim.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-04-13 07:52Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.torreactor.li
(n/a)
2016-04-13 06:02Botnet C&CTorrentLocker
bigdoggi.biz
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-04-12 16:17Botnet C&CTeslaCrypt
helcel.com
TUCOWS DOMAINS INC.72.41.18.2 (- United States)
2016-04-12 11:48Distribution SiteTeslaCrypt
greetingsyoungqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-12 11:48Distribution SiteTeslaCrypt
greetingsyoungqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-12 11:48Distribution SiteTeslaCrypt
greetingsyoungqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-12 11:48Distribution SiteTeslaCrypt
greetingsyoungqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-12 05:24Botnet C&CTeslaCrypt
loseweightwithmysite.com
FASTDOMAIN, INC. (n/a)
2016-04-12 05:17Botnet C&CLocky
nhhyxorxbxarxe.org
101domain, Inc.195.22.28.196 (- Portugal)
2016-04-11 21:08Botnet C&CLocky
gsebqsi.ru
101DOMAIN-RU195.22.28.198 (- Portugal)
2016-04-11 16:33Botnet C&CTeslaCrypt
onguso.com
ENOM, INC. (n/a)
2016-04-11 12:39Botnet C&CPayCrypt
www.hiverhoney.com
GODADDY.COM, LLC162.253.144.139 (- United States)
2016-04-11 12:36Botnet C&CLocky
ywjgjvpuyitnbiw.info
101domain, Inc195.22.28.198 (- Portugal)
2016-04-11 10:47Botnet C&CLocky
omeaswslhgdw.xyz
Namecheap208.100.26.234 (- United States)
2016-04-11 10:47Botnet C&CLocky
kcdfajaxngiff.info
101domain, Inc195.22.28.199 (- Portugal)
2016-04-11 06:34Botnet C&CLocky
91.219.31.15
91.219.31.15 (- Russian Federation)
2016-04-11 05:21Botnet C&CTeslaCrypt
silocot.com
NAMESILO, LLC (n/a)
2016-04-10 06:28Botnet C&CTeslaCrypt
gooseart.com
CSL COMPUTER SERVICE LANGENBACH [...] (n/a)
2016-04-09 17:36Botnet C&CLocky
88.214.237.57
88.214.237.57 (- Russian Federation)
2016-04-09 15:26Botnet C&CLocky
91.219.28.44
91.219.28.44 (- Netherlands)
2016-04-09 11:22Payment SiteTeslaCrypt
k3cxd.pileanoted.com
KEY-SYSTEMS GMBH184.105.192.2 (- United States)
2016-04-09 08:40Botnet C&CTorrentLocker
kinomix.org
Registrar of Domain Names REG.RU[...]n/a
2016-04-09 08:19Botnet C&CTorrentLocker
verekt.biz
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-04-09 08:11Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.tormain.li
(n/a)
2016-04-08 17:14Botnet C&CTeslaCrypt
bluedreambd.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...] (n/a)
2016-04-08 13:31Botnet C&CTeslaCrypt
colinmccarthynfl.com
GODADDY.COM, LLC50.62.250.1 (- United States)
2016-04-08 13:27Botnet C&CLocky
193.9.28.49
193.9.28.49 (- United States)
2016-04-07 20:42Botnet C&CLocky
37.139.2.214
37.139.2.214 (- Netherlands)
2016-04-07 13:49Botnet C&CTorrentLocker
feellgood.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-04-07 13:20Payment SiteTeslaCrypt
o4dm3.leaama.at
(n/a)
2016-04-07 10:29Payment SiteTeslaCrypt
as3ws.fopyirr.com
KEY-SYSTEMS GMBH184.105.192.2 (- United States)
2016-04-07 06:49Botnet C&CTeslaCrypt
naomihawkins.com
GODADDY.COM, LLC (n/a)
2016-04-07 06:49Botnet C&CTeslaCrypt
getdiscounts.org
GoDaddy.com, LLC205.144.171.76 (- United States)
2016-04-07 06:49Botnet C&CTeslaCrypt
43nutrientes.com
GODADDY.COM, LLC50.87.149.41 (- United States)
2016-04-06 16:54Botnet C&CTeslaCrypt
traditions-and-custom.com
GODADDY.COM, LLC72.41.18.212 (- United States)
2016-04-06 10:01Botnet C&CTeslaCrypt
closerdaybyday.info
eNom, Inc.192.185.151.39 (- United States)
2016-04-06 06:44Distribution SiteTeslaCrypt
marvellrulesqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-06 06:39Distribution SiteTeslaCrypt
marvellrulescc.asia
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-04-06 06:38Distribution SiteTeslaCrypt
marvellrulesqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-05 16:00Botnet C&CTeslaCrypt
coldheartedny.com
GODADDY.COM, LLC107.180.26.75 (- United States)
2016-04-05 14:02Botnet C&CLocky
31.148.99.241
31.148.99.241 (- Russian Federation)
2016-04-05 13:42Botnet C&CTeslaCrypt
helpdesk.keldon.info
Ascio Technologies, Inc. Danmark[...]194.228.3.204 (- Czech Republic)
2016-04-05 11:07Botnet C&CTorrentLocker
baggir.org
Registrar of Domain Names REG.RU[...]194.58.56.103 (- Russian Federation)
2016-04-05 09:31Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.tormaster.ch
(n/a)
2016-04-05 09:29Botnet C&CTeslaCrypt
addagapublicschool.com
GODADDY.COM, LLC23.229.239.227 (- United States)
2016-04-04 14:24Distribution SiteTeslaCrypt
greetingseuropasqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-04 14:24Distribution SiteTeslaCrypt
greetingseuropasqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-04 14:23Distribution SiteTeslaCrypt
greetingseuropasqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-04 14:22Botnet C&CTeslaCrypt
thejonesact.com
GODADDY.COM, LLC192.186.220.8 (- United States)
2016-04-04 13:49Distribution SiteTeslaCrypt
greetingseuropasqq.com
KEY-SYSTEMS GMBH (n/a)
2016-04-04 10:20Botnet C&CTeslaCrypt
theoneflooring.com
GODADDY.COM, LLC107.180.4.122 (- United States)
2016-04-04 10:20Botnet C&CTeslaCrypt
studiosundaytv.com
GODADDY.COM, LLC (n/a)
2016-04-04 06:51Payment SiteTeslaCrypt
h3ds4.maconslab.com
BIZCN.COM, INC.184.105.192.2 (- United States)
2016-04-03 13:26Distribution SiteLocky
mossafes.ru
NAUNET-RU (n/a)
2016-04-03 10:06Botnet C&CTorrentLocker
olimpian.org
Registrar of Domain Names REG.RU[...] (n/a)
2016-04-03 08:42Distribution SiteLocky
www.harmonyhealthandbeautyclinic.com
TUCOWS DOMAINS INC.79.170.44.80 (- United Kingdom)
2016-04-03 08:42Distribution SiteLocky
toysnet.nl
Registrar.eu (n/a)
2016-04-03 08:42Distribution SiteLocky
ledivinecomedie.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]209.99.40.222 (- United States)
2016-04-03 08:42Distribution SiteLocky
garmulewicz.pl
Consulting Service Sp. z o.o.127.0.0.1 (n/a)
2016-04-03 08:42Distribution SiteLocky
teamlight-pro.ru
REGRU-RU (n/a)
2016-04-03 08:41Distribution SiteLocky
grafikeria.pl
Consulting Service Sp. z o.o.193.106.238.29 (- Poland)
2016-04-03 08:41Distribution SiteLocky
xn--80ailp.com
INTERNET INVEST, LTD. DBA IMENA.[...] (n/a)
2016-04-03 08:41Distribution SiteLocky
ekotrade.linuxpl.info
GoDaddy.com, LLC95.211.176.130 (- Netherlands)
2016-04-03 08:41Distribution SiteLocky
prawoiznaki.pl
home.pl S.A. (n/a)
2016-04-03 08:41Distribution SiteLocky
xn--as-wqa.org.pl
Consulting Service Sp. z o.o.193.106.238.29 (- Poland)
2016-04-03 08:41Distribution SiteLocky
saltoelite.com
GODADDY.COM, LLC (n/a)
2016-04-03 08:41Distribution SiteLocky
www.realistikkampanya.info
PDR Ltd. d/b/a PublicDomainRegis[...] (n/a)
2016-04-03 08:40Distribution SiteLocky
atlantisjuwelier.nl
AXC185.182.56.95 (- Netherlands)
2016-04-03 08:40Distribution SiteLocky
promologicllc.com
GODADDY.COM, LLC192.211.124.147 (- Canada) +1 A record(s) 198.41.28.35 (AS54412, - Canada)
2016-04-03 08:40Distribution SiteLocky
thediscipleshipplace.org
eNom, Inc.52.144.59.34 (- United States)
2016-04-03 08:40Distribution SiteLocky
slacwpa.org
Network Solutions, LLC67.205.163.17 (- United States)
2016-04-03 08:40Distribution SiteLocky
canceralia.eu
Schlund+Partner AG (n/a)
2016-04-03 08:40Distribution SiteLocky
bqsc.pt
(n/a)
2016-04-03 08:40Distribution SiteLocky
rocketsrange.com
ENOM, INC.41.185.8.177 (- South Africa)
2016-04-03 08:40Distribution SiteLocky
buygrocery.nz
(n/a)
2016-04-03 08:40Distribution SiteLocky
spicythaicafe.com
VODIEN INTERNET SOLUTIONS PTE LT[...]204.11.56.48 (- Virgin Islands)
2016-04-03 08:40Distribution SiteLocky
iwonderlifestyle.com
PDR LTD. D/B/A PUBLICDOMAINREGIS[...]202.0.103.191 (- India)
2016-04-03 08:39Distribution SiteLocky
hdtech-pro.com
P.A. VIET NAM COMPANY LIMITED199.191.50.140 (- Virgin Islands)
2016-04-02 11:26Payment SiteTeslaCrypt
k34ew.keyedgell.com
KEY-SYSTEMS GMBH216.218.135.114 (- United States)
2016-04-02 11:22Botnet C&CTeslaCrypt
goldberg-share.com
GODADDY.COM, LLC107.180.43.132 (- United States)
2016-04-02 07:51Payment SiteTorrentLocker
3qbyaoohkcqkzrz6.torprovider.li
(n/a)
2016-04-02 06:10Botnet C&CLocky
91.223.180.240
91.223.180.240 (- Ukraine)

# of rows displayed: 100
# of entries in database: 13'867

Page 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 >