Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
03633811553102020-11-01103.224.182.207Android
tierdomaincountregistrarname_serversorg
0tier_1puracandelatv.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
1tier_1secondnaturecd.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
2tier_1vvvgrace.net1GoDaddy.com, LLCNS1.ABOVE.COMNone
3tier_103calls.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
4tier_1soal-psikotest.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
5tier_1benstreaming.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
6tier_1a-doctor-in-the-house.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
7tier_1ptidico.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
8tier_1azmovielist.net1GoDaddy.com, LLCNS1.ABOVE.COMNone
9tier_1posteos.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
10tier_2bidr.trellian.com183ABOVE.COM PTY LTD.NS1.TRELLIAN.COMREDACTED FOR PRIVACY
11tier_2us.redirectbuzz.club110Gandi SASns-2.awsdns-00.comPPCBUZZ
12tier_2trkads.info70DANESCO TRADING LTDNS1.DIGITALOCEAN.COMDANESCO TRADING LTD.
13tier_2google.com70MarkMonitor, Inc.NS1.GOOGLE.COMGoogle LLC
14tier_2recode.pw61Gandi SASNS-1611.AWSDNS-09.CO.UKNone
15tier_2portablemusic.mobi61GoDaddy.com, LLCNoneNone
16tier_2trk57.onnur.xyz53NameSilo, LLCPAITYN.NS.CLOUDFLARE.COMSee PrivacyGuardian.org
17tier_2arloreed.com49Name.com, Inc.MARK.NS.CLOUDFLARE.COMDomain Protection Services, Inc.
18tier_2cmon.ueive.com40NAMECHEAP INCCOBY.NS.CLOUDFLARE.COMWhoisGuard, Inc.
19tier_2go.doblevialatam.com33GoDaddy.com, LLCNS.RACKSPACE.COMDomains By Proxy, LLC
20tier_3google.com_LOOP_170NoneNoneNone
21tier_3clk.news-headlines.co31NAMECHEAP INCns-1428.awsdns-50.orgWhoisGuard, Inc.
22tier_3gladmpath.xyz11Epik LLCMARJORY.NS.CLOUDFLARE.COMAnonymize, Inc.
23tier_3financial-savers.com10NoneNoneNone
24tier_3for-ap.com9PDR Ltd. d/b/a PublicDomainRegistry.comALEX.NS.CLOUDFLARE.COMPrivacy Protect, LLC (PrivacyProtect.org)
25tier_3blog.sfgate.com8CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
26tier_3delightcmain.xyz8Epik LLCMARJORY.NS.CLOUDFLARE.COMAnonymize, Inc.
27tier_3enrollnotice.com5NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMWhoisGuard, Inc.
28tier_3null4NoneNoneNone
29tier_3trk31.multitax.xyz4Name.com, Inc.MACIEJ.NS.CLOUDFLARE.COMDomain Protection Services, Inc.
iphostnamecityregionorgpostalcountry_nametiercount
0103.224.182.207lb-182-207.above.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_1213
1103.224.182.206bidr.trellian.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_2183
2165.22.162.145nanSanta ClaraCaliforniaAS14061 DigitalOcean, LLC95051United Statestier_270
3162.242.198.222nanWashingtonWashington, D.C.AS27357 Rackspace Hosting20045United Statestier_233
4184.154.10.251server04.com-2.mobiChicagoIllinoisAS32475 SingleHop LLC60666United Statestier_230
5172.64.196.11nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_229
6172.64.142.19nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_226
7172.64.197.11nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_224
8103.224.212.241lb-212-241.above.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_222
9142.250.64.68lga34s30-in-f4.1e100.netWestburyNew YorkAS15169 Google LLC11590United Statestier_222
10104.31.74.120nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_217
11100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_376
1252.45.50.0ec2-52-45-50-0.compute-1.amazonaws.comVirginia BeachVirginiaAS14618 Amazon.com, Inc.23471United Statestier_310
13161.35.225.100financial-savers.comSanta ClaraCaliforniaAS14061 DigitalOcean, LLC95054United Statestier_310
1452.203.50.59ec2-52-203-50-59.compute-1.amazonaws.comVirginia BeachVirginiaAS14618 Amazon.com, Inc.23471United Statestier_39
15151.101.0.200nanSan FranciscoCaliforniaAS54113 Fastly94107United Statestier_38
16104.18.45.36nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_37
1735.174.102.54ec2-35-174-102-54.compute-1.amazonaws.comVirginia BeachVirginiaAS14618 Amazon.com, Inc.23471United Statestier_37
18104.18.81.149nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_35
19104.18.79.149nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_35
2054.172.16.98ec2-54-172-16-98.compute-1.amazonaws.comVirginia BeachVirginiaAS14618 Amazon.com, Inc.23471United Statestier_35

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website