Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
04464622160202020-11-02103.224.182.207Android
tierdomaincountregistrarname_serversorg
0tier_1secondnaturecd.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
1tier_103calls.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
2tier_1ohne-kohlenhydrate.net1GoDaddy.com, LLCNS1.ABOVE.COMNone
3tier_1benstreaming.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
4tier_1ecatomb.net1GoDaddy.com, LLCNS1.ABOVE.COMNone
5tier_1ptidico.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
6tier_1azmovielist.net1GoDaddy.com, LLCNS1.ABOVE.COMNone
7tier_1okuloncesiegitimi.net1GoDaddy.com, LLCNS1.ABOVE.COMNone
8tier_1123gmail.com1TLD Registrar Solutions Ltd.NS1.ABOVE.COMWhois Privacy Corp.
9tier_1naruto-mx.net1GoDaddy.com, LLCNS1.ABOVE.COMNone
10tier_2bidr.trellian.com217ABOVE.COM PTY LTD.NS1.TRELLIAN.COMREDACTED FOR PRIVACY
11tier_2us.redirectbuzz.club141Gandi SASns-2.awsdns-00.comPPCBUZZ
12tier_2recode.pw131Gandi SASNS-1611.AWSDNS-09.CO.UKNone
13tier_2portablemusic.mobi129GoDaddy.com, LLCNoneNone
14tier_2arloreed.com97Name.com, Inc.MARK.NS.CLOUDFLARE.COMDomain Protection Services, Inc.
15tier_2trk61.onnur.xyz88NameSilo, LLCPAITYN.NS.CLOUDFLARE.COMSee PrivacyGuardian.org
16tier_2cmon.ueive.com88NoneNoneNone
17tier_2go.doblevialatam.com77GoDaddy.com, LLCNS.RACKSPACE.COMDomains By Proxy, LLC
18tier_2sales.dvlatam.xyz73NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMWhoisGuard, Inc.
19tier_2google.com72MarkMonitor, Inc.NS1.GOOGLE.COMGoogle LLC
20tier_3google.com_LOOP_172NoneNoneNone
21tier_3admoustache.go2affise.com29GoDaddy.com, LLCNS-1529.AWSDNS-63.ORGDomains By Proxy, LLC
22tier_3for-ap.com27PDR Ltd. d/b/a PublicDomainRegistry.comALEX.NS.CLOUDFLARE.COMPrivacy Protect, LLC (PrivacyProtect.org)
23tier_3delightcmain.xyz24Epik LLCMARJORY.NS.CLOUDFLARE.COMAnonymize, Inc.
24tier_3gladmpath.xyz13Epik LLCMARJORY.NS.CLOUDFLARE.COMAnonymize, Inc.
25tier_3blog.sfgate.com11CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
26tier_3samsung.com10NoneNoneNone
27tier_3amazon.com5MarkMonitor, Inc.NS1.P31.DYNECT.NETAmazon Technologies, Inc.
28tier_3trk2.multitax.xyz4Name.com, Inc.MACIEJ.NS.CLOUDFLARE.COMDomain Protection Services, Inc.
29tier_3clk.news-headlines.co4NAMECHEAP INCns-1428.awsdns-50.orgWhoisGuard, Inc.
iphostnamecityregionorgpostalcountry_nametiercount
0103.224.182.207lb-182-207.above.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_1262
1100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_386
2103.224.182.206bidr.trellian.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_2217
3162.242.198.222nanWashingtonWashington, D.C.AS27357 Rackspace Hosting20045United Statestier_277
4184.154.10.251server04.com-2.mobiChicagoIllinoisAS32475 SingleHop LLC60666United Statestier_273
5165.22.162.145nanSanta ClaraCaliforniaAS14061 DigitalOcean, LLC95051United Statestier_271
6100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_386
7172.64.197.11nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_255
8172.67.196.134nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_252
9172.64.196.11nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_241
10209.132.243.15nanWyomingMichiganAS7296 Alchemy Communications, Inc.49509United Statestier_237
11213.32.106.139ip139.ip-213-32-106.euAmsterdamNorth HollandAS16276 OVH SAS1012Netherlandstier_236
12100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_386
13104.18.79.149nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_318
14213.227.134.196nanThe HagueSouth HollandAS60781 LeaseWeb Netherlands B.V.2513Netherlandstier_315
15213.227.156.19nanAmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_314
16151.101.0.200nanSan FranciscoCaliforniaAS54113 Fastly94107United Statestier_311
17104.18.45.36nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_311
18104.18.44.36nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_39
1923.38.172.65a23-38-172-65.deploy.static.akamaitechnologies.comNewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_39
20104.18.82.149nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_38
21104.18.81.149nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_37

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website