Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
03944131927102020-11-07103.224.182.207Android
tierdomaincountregistrarname_serversorg
0tier_1puracandelatv.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
1tier_1codanova.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
2tier_1secondnaturecd.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
3tier_1vvvgrace.net1GoDaddy.com, LLCNS1.ABOVE.COMNone
4tier_103calls.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
5tier_1soal-psikotest.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
6tier_1benstreaming.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
7tier_1googledocs.co.uk1Internet Domain Services BS Corp t/a Internet.bs [Tag = IDS-BS]nNone
8tier_1a-doctor-in-the-house.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
9tier_1ptidico.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
10tier_2bidr.trellian.com196ABOVE.COM PTY LTD.NS1.TRELLIAN.COMREDACTED FOR PRIVACY
11tier_2us.redirectbuzz.club129Gandi SASns-2.awsdns-00.comPPCBUZZ
12tier_2recode.pw129Gandi SASNS-1611.AWSDNS-09.CO.UKNone
13tier_2portablemusic.mobi127GoDaddy.com, LLCNoneNone
14tier_2trk74.onnur.xyz75NameSilo, LLCPAITYN.NS.CLOUDFLARE.COMSee PrivacyGuardian.org
15tier_2thespook.xyz71Name.com, Inc.MARK.NS.CLOUDFLARE.COMDomain Protection Services, Inc.
16tier_2google.com62MarkMonitor, Inc.NS1.GOOGLE.COMGoogle LLC
17tier_2trkads.info60DANESCO TRADING LTDNS1.DIGITALOCEAN.COMDANESCO TRADING LTD.
18tier_2tsyndicate.com47Name.com, Inc.NS-1004.AWSDNS-61.NETDomain Protection Services, Inc.
19tier_2arloreed.com35Name.com, Inc.MARK.NS.CLOUDFLARE.COMDomain Protection Services, Inc.
20tier_3google.com_LOOP_162NoneNoneNone
21tier_3rvklk.loveiswaiting.net27Amazon Registrar, Inc.NS-1252.AWSDNS-28.ORGWhois Privacy Service
22tier_3winningpokernetwork.com14Safenames LtdNASH.NS.CLOUDFLARE.COMNone
23tier_3for-ap.com6PDR Ltd. d/b/a PublicDomainRegistry.comALEX.NS.CLOUDFLARE.COMPrivacy Protect, LLC (PrivacyProtect.org)
24tier_3encryptalert.com6NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMWhoisGuard, Inc.
25tier_3track-app.club5NAMECHEAP INCsri.ns.cloudflare.comWhoisGuard, Inc.
26tier_3nextdoor.localsnapsext.com5GoDaddy.com, LLCNS-1174.AWSDNS-18.ORGDomains By Proxy, LLC
27tier_3getrussiangirl.com5Regional Network Information Center, JSC dba RU-CENTERNS1.DATINGNS.COMSOL Networks Ltd
28tier_3watchmygirlfriend.tv5NoneNoneNone
29tier_3lander.xxxfucktor.com4INWX GmbH & Co. KGDNS1.TEKKADNS.COMNone
iphostnamecityregionorgpostalcountry_nametiercount
0103.224.182.207lb-182-207.above.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_1221
1103.224.182.206bidr.trellian.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_2196
2165.22.162.145nanSanta ClaraCaliforniaAS14061 DigitalOcean, LLC95051United Statestier_260
3172.64.196.11nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_259
4172.64.197.11nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_245
5100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_380
637.187.75.92ns3365200.ip-37-187-75.euSaumontNouvelle-AquitaineAS16276 OVH SAS47600Francetier_234
7198.134.116.30nanNew York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_234
8172.67.222.37nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_233
9213.32.106.160ip160.ip-213-32-106.euAmsterdamNorth HollandAS16276 OVH SAS1012Netherlandstier_230
10104.27.133.11nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_230
11100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_380
1254.205.191.137ec2-54-205-191-137.compute-1.amazonaws.comVirginia BeachVirginiaAS14618 Amazon.com, Inc.23450United Statestier_327
13104.16.246.78nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_37
14104.16.245.78nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_37
15144.202.107.3144.202.107.3.vultr.comLive OakCaliforniaAS20473 Choopa, LLC95953United Statestier_36
1634.194.77.101ec2-34-194-77-101.compute-1.amazonaws.comVirginia BeachVirginiaAS14618 Amazon.com, Inc.23450United Statestier_35
17173.214.240.15173.214.240.15.serverel.netSan JoseCaliforniaAS15317 Serverel Inc.95103United Statestier_35
1823.201.26.137a23-201-26-137.deploy.static.akamaitechnologies.comNewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_35
1966.254.103.140nanChicagoIllinoisAS29789 Reflected Networks, Inc.60666United Statestier_35
2046.21.30.90nanMassagnoTicinoAS203639 Tekka Digital SA6932Switzerlandtier_34

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website