Tracker
Ransomware Tracker to distinguishes between the following threats:
- Ransomware botnet Command & Control servers (C&Cs)
- Ransomware Payment Sites
- Ransomware Distribution Sites
Each entry in Ransomware Tracker is tagged to a threat and a malware. Currently, the following Ransomware families are tracked:
- TeslaCrypt
- CryptoWall (if you do want to know more about CryptoWall, check out CryptoWall Tracker)
- TorrentLocker
- PadCrypt
- Locky
- CTB-Locker
- FAKBEN
- PayCrypt
New submissions for Ransomware Tracker are warmly welcome. You can send new additions to rt-RintANel@abuse.ch (remove all letters in uppercase). Malware binaries that you suspect to be associated with a certain Ransomware family can be send to rt-malwSOareM@abuse.ch (remove all letters in uppercase) for analysis.
Search
You can search for a host or URL using the following search form:
Set a filter for the list below
Below is a list of Ransomware botnet C&C servers tracked by Ransomware Tracker. You have the possibility to filter the list below using certain pre-defined filters shown below.
General filters: Remove filter (Show all) | Online hosts
Filter by threat: | |
Filter by malware: | | | | | | | | | | |
| Dateadded (UTC) | Threat | Malware | Host (?Domain name or IP address used by the Ransomware. The leading dots (Red, Green, Grey) indicate whether the Host is active or not. Red = Online Green = Offline Grey = Unknown) | Domain Registrar (?In some cases Ransomware Tracker is not able to determine the sponsoring Registrar of a domain name. Thats either because the Registry does not reveal this information in the whois or because the Registry doesn't offer a whois service.) | IP address (ASN, Country) |
|---|---|---|---|---|---|
| 2016-03-09 17:40 | marciogerhardtsouza.com.br | 186.202.153.14 ( Brazil) | |||
| 2016-03-09 16:23 | cam-itour.info | GoDaddy.com, LLC | (n/a) | ||
| 2016-03-09 16:23 | ahlanmedicalcentre.com | GODADDY.COM, LLC | (n/a) | ||
| 2016-03-09 15:02 | 91.195.12.131 | 91.195.12.131 ( Ukraine) | |||
| 2016-03-09 12:49 | www.ekowen.sk | 147.213.4.6 ( Slovakia) | |||
| 2016-03-09 12:48 | shofukai.web.fc2.com | INSTRA CORPORATION PTY, LTD. | 104.244.99.16 ( United States) | ||
| 2016-03-09 12:48 | saachi.co | GODADDY.COM, INC. | 184.168.221.47 ( United States) | ||
| 2016-03-09 12:48 | planetarchery.com.au | TPP Wholesale Pty Ltd | 103.240.88.2 ( Australia) | ||
| 2016-03-09 12:47 | myonlinedeals.pk | (n/a) | |||
| 2016-03-09 12:47 | hipnotixx.com | 123-REG LIMITED | 178.254.0.77 ( Germany) | ||
| 2016-03-09 12:47 | ari-ev.com | TUCOWS DOMAINS INC. | (n/a) | ||
| 2016-03-09 12:47 | nguoitieudungthongthai.com | ONLINENIC, INC. | (n/a) | ||
| 2016-03-09 12:46 | ihsanind.com | PDR LTD. D/B/A PUBLICDOMAINREGIS[...] | 209.99.40.222 ( United States) | ||
| 2016-03-09 12:06 | sfasdik.com | REGISTRAR OF DOMAIN NAMES REG.RU[...] | (n/a) | ||
| 2016-03-09 11:56 | 37.235.53.18 | 37.235.53.18 ( Spain) | |||
| 2016-03-09 10:01 | vizkore.biz | PDR LTD. D/B/A PUBLICDOMAINREGIS[...] | (n/a) | ||
| 2016-03-09 10:01 | cerbyk.org | Registrar of Domain Names REG.RU[...] | (n/a) | ||
| 2016-03-09 10:00 | hgdre.org | Registrar of Domain Names REG.RU[...] | (n/a) | ||
| 2016-03-09 07:51 | www.informaticauno.net | NETEARTH ONE INC. D/B/A NETEARTH | (n/a) | ||
| 2016-03-08 15:38 | 89.108.85.163 | 89.108.85.163 ( Russian Federation) | |||
| 2016-03-08 15:34 | 149.154.157.14 | 149.154.157.14 ( Italy) | |||
| 2016-03-08 13:55 | 51457642.de.strato-hosting.eu | STRATO AG | 81.169.145.153 ( Germany) | ||
| 2016-03-08 13:55 | het-havenhuis.nl | Hosting2GO B.V. | (n/a) | ||
| 2016-03-08 13:55 | kokoko.himegimi.jp | 112.140.42.29 ( Japan) | |||
| 2016-03-08 13:55 | lahmar.choukri.perso.neuf.fr | Société Française du Radioté[...] | 86.65.123.70 ( France) | ||
| 2016-03-08 13:55 | ministerepuissancejesus.com | DYNADOT, LLC | (n/a) | ||
| 2016-03-08 13:55 | ozono.org.es | 212.227.247.216 ( Germany) | |||
| 2016-03-08 13:55 | www.vtipnetriko.cz | REG-MEDIA4WEB | (n/a) | ||
| 2016-03-08 11:58 | rzss2zfue73dfvmj.onlinerpgame.ch | (n/a) | |||
| 2016-03-08 08:05 | greetingsjamajcaff.com | WEB COMMERCE COMMUNICATIONS LIMI[...] | (n/a) | ||
| 2016-03-08 08:04 | greetingsjamajcaff.com | WEB COMMERCE COMMUNICATIONS LIMI[...] | (n/a) | ||
| 2016-03-08 08:04 | t54ndnku456ngkwsudqer.wallymac.com | KEY-SYSTEMS GMBH | 216.218.135.114 ( United States) | ||
| 2016-03-08 08:03 | hrfgd74nfksjdcnnklnwefvdsf.materdunst.com | KEY-SYSTEMS GMBH | 216.218.135.114 ( United States) | ||
| 2016-03-08 08:02 | greetingsjamajcaff.com | WEB COMMERCE COMMUNICATIONS LIMI[...] | (n/a) | ||
| 2016-03-08 08:01 | hellomisterbiznesqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-08 07:52 | ghdeg.com | REGISTRAR OF DOMAIN NAMES REG.RU[...] | (n/a) | ||
| 2016-03-08 07:39 | gfjhfg.com | REGISTRAR OF DOMAIN NAMES REG.RU[...] | (n/a) | ||
| 2016-03-08 07:37 | geriky.org | Registrar of Domain Names REG.RU[...] | (n/a) | ||
| 2016-03-08 07:23 | drcordoba.com | GODADDY.COM, LLC | 50.62.125.1 ( United States) | ||
| 2016-03-08 07:19 | 192.121.16.196 | 192.121.16.196 ( Netherlands) | |||
| 2016-03-08 06:58 | iheartshop.net | CV. RUMAHWEB INDONESIA | 128.199.187.47 ( Singapore) | ||
| 2016-03-08 02:39 | glhxgchhfemcjgr.pw | 101Domain, Inc. | 195.22.28.197 ( Portugal) | ||
| 2016-03-07 21:15 | csucanuevo.csuca.org | Gandi SAS | 186.151.199.5 ( Guatemala) | ||
| 2016-03-07 15:38 | 185.92.220.35 | 185.92.220.35 ( Netherlands) | |||
| 2016-03-07 15:24 | vrvis6ndra5jeggj.livewargaming.ch | 1API GmbH | (n/a) | ||
| 2016-03-07 15:14 | vrvis6ndra5jeggj.livegaming.ch | 1API GmbH | (n/a) | ||
| 2016-03-07 14:47 | fhgetyh.com | REGISTRAR OF DOMAIN NAMES REG.RU[...] | (n/a) | ||
| 2016-03-07 14:47 | newculturemediablog.com | GODADDY.COM, LLC | 50.63.50.75 ( United States) | ||
| 2016-03-07 13:56 | www.souqaqonline.com | FASTDOMAIN, INC. | (n/a) | ||
| 2016-03-07 13:56 | www.promumedical.com | DREAMHOST, LLC | 5.153.23.28 ( Netherlands) | ||
| 2016-03-07 13:56 | texfibre.eu | OnlineNIC Inc | 50.87.33.215 ( United States) | ||
| 2016-03-07 13:56 | surprise.co.in | GoDaddy.com, LLC (R101-AFIN) | 103.118.159.89 ( India) | ||
| 2016-03-07 13:56 | sub4.gustoitalia.ru | RU-CENTER-RU | (n/a) | ||
| 2016-03-07 13:56 | shapes.com.pk | 50.87.248.127 ( United States) | |||
| 2016-03-07 13:56 | scs-smesi.ru | REGRU-RU | (n/a) | ||
| 2016-03-07 13:56 | ptunited.net | GODADDY.COM, LLC | 203.124.116.1 ( Singapore) | ||
| 2016-03-07 13:56 | lightsroom.ru | REGRU-RU | (n/a) | ||
| 2016-03-07 13:56 | kievelectric.kiev.ua | ua.gransy | 89.184.78.9 ( Ukraine) | ||
| 2016-03-07 13:56 | kiddyshop.kiev.ua | ua.gransy | (n/a) | ||
| 2016-03-07 13:55 | jldoptics.com | GUANGDONG JINWANBANG TECHNOLOGY [...] | 45.203.101.4 ( South Africa) | ||
| 2016-03-07 13:55 | fibrefamily.ru | REGRU-RU | 87.236.16.175 ( Russian Federation) | ||
| 2016-03-07 13:55 | dsignshop.com.au | GoDaddy.com, LLC | (n/a) | ||
| 2016-03-07 13:55 | azshop24.com.vn | 103.42.56.170 ( Vietnam) | |||
| 2016-03-07 13:55 | alexkote.ru | REGRU-RU | 77.222.55.90 ( Russian Federation) | ||
| 2016-03-07 13:55 | aqarhits.com | WILD WEST DOMAINS, LLC | (n/a) | ||
| 2016-03-07 13:39 | saludaonline.com | GODADDY.COM, LLC | (n/a) | ||
| 2016-03-07 12:45 | w6bfg4hahn5bfnlsafgchkvg5fwsfvrt.hareuna.at | (n/a) | |||
| 2016-03-07 12:45 | po4dbsjbneljhrlbvaueqrgveatv.bonmawp.at | (n/a) | |||
| 2016-03-07 12:28 | u54bbnhf354fbkh254tbkhjbgy8258gnkwerg.tahaplap.com | BIZCN.COM, INC. | 184.105.192.2 ( United States) | ||
| 2016-03-07 12:27 | howareyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 12:27 | howareyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 12:26 | hellomisterbiznesqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 12:26 | hellomisterbiznesqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 11:38 | 46.108.39.18 | 46.108.39.18 ( Romania) | |||
| 2016-03-07 11:38 | 109.237.111.168 | 109.237.111.168 ( Russian Federation) | |||
| 2016-03-07 09:27 | 212.47.223.19 | 212.47.223.19 ( Estonia) | |||
| 2016-03-07 09:22 | hellomydearqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 09:22 | hellomydearqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 09:22 | blablaworldqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:34 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:33 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:33 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:33 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:33 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:33 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) | ||
| 2016-03-07 06:33 | mafianeedsyouqq.com | KEY-SYSTEMS GMBH | (n/a) |
# of rows displayed: 100
# of entries in database: 13'865