Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
03553631224102020-11-11103.224.182.207Iphone
tierdomaincountregistrarname_serversorg
0tier_1puracandelatv.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
1tier_1codanova.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
2tier_1dudroid.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
3tier_1secondnaturecd.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
4tier_1vvvgrace.net1GoDaddy.com, LLCNS1.ABOVE.COMNone
5tier_1soal-psikotest.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
6tier_1ddiziizle.net1GoDaddy.com, LLCNS1.ABOVE.COMNone
7tier_1benstreaming.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
8tier_1a-doctor-in-the-house.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
9tier_1ptidico.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
10tier_2bidr.trellian.com205ABOVE.COM PTY LTD.NS1.TRELLIAN.COMREDACTED FOR PRIVACY
11tier_2changeslots.com197Instra Corporation Pty Ltd.CLEO.NS.CLOUDFLARE.COMREDACTED FOR PRIVACY
12tier_20redira.com56ABOVE.COM PTY LTD.NS1.ABOVE.COMREDACTED FOR PRIVACY
13tier_2rd.bizrate.com22MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
14tier_2clk.rtpdn11.com19NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMWhoisGuard, Inc.
15tier_2noclick.connexity.com17MarkMonitor, Inc.NS-1235.AWSDNS-26.ORGConnexity, Inc.
16tier_2rd.connexity.net16NoneNoneNone
17tier_2go.trackinz.com12NAMECHEAP INCNS-1139.AWSDNS-14.ORGWhoisGuard, Inc.
18tier_2r.ealeo.com11DYNADOT LLCNS-1186.AWSDNS-20.ORGNone
19tier_2link.sylikes.com11MarkMonitor, Inc.NS-1063.AWSDNS-04.ORGConnexity, Inc.
20tier_3theconnectvpn.com197DonDominio (SCIP)ARNOLD.NS.CLOUDFLARE.COMSoluciones Corporativas IP, c/o Whois Proxy
21tier_3checkthistime.com12NAMECHEAP INCNS-1262.AWSDNS-29.ORGWhoisGuard, Inc.
22tier_3wayfair.com6MarkMonitor, Inc.A1-100.AKAM.NETWayfair, LLC
23tier_3bizrate.com6NoneNoneNone
24tier_3allbestsecureus.com4NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMWhoisGuard, Inc.
25tier_3amazon.com4NoneNoneNone
26tier_3fourtrk.com3NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMWhoisGuard, Inc.
27tier_3mbest.aliexpress.com3Alibaba Cloud Computing (Beijing) Co., Ltd.NS1.ALIBABADNS.COMNone
28tier_3mytears.restasis.com3MarkMonitor, Inc.HA1.MARKMONITOR.ZONEAllergan, Inc.
29tier_3hollywoodunlocked.com2GoDaddy.com, LLCNS61.DOMAINCONTROL.COMNone
iphostnamecityregionorgpostalcountry_nametiercount
0103.224.182.207lb-182-207.above.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_1269
1103.224.182.206bidr.trellian.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_2205
234.207.32.33ec2-34-207-32-33.compute-1.amazonaws.comVirginia BeachVirginiaAS14618 Amazon.com, Inc.23450United Statestier_2197
3103.224.212.241lb-212-241.above.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_256
4192.138.218.207rd.bizrate.comSeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_233
5173.239.53.32nanNew York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_223
6192.138.218.215noclick.connexity.comSeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_217
7209.132.243.15nanWyomingMichiganAS7296 Alchemy Communications, Inc.49509United Statestier_217
8192.138.218.139rd.connexity.netSeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_216
934.226.252.28ec2-34-226-252-28.compute-1.amazonaws.comVirginia BeachVirginiaAS14618 Amazon.com, Inc.23450United Statestier_212
1066.165.243.15166-165-243-151.static.hvvc.usTampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_211
11104.27.186.165nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_3118
12104.27.187.165nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_347
13172.67.181.234nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_332
14138.68.8.221nanSanta ClaraCaliforniaAS14061 DigitalOcean, LLC95051United Statestier_312
15192.138.218.95bizrate.comSeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_36
16100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_35
1754.39.130.163ns568503.ip-54-39-130.netLangfordBritish ColumbiaAS16276 OVH SASV9BCanadatier_34
1813.225.224.25server-13-225-224-25.jfk51.r.cloudfront.netAtlantic CityNew JerseyAS16509 Amazon.com, Inc.08404United Statestier_34
1923.200.168.204a23-200-168-204.deploy.static.akamaitechnologies.comEdisonNew JerseyAS16625 Akamai Technologies, Inc.08817United Statestier_34
2045.33.26.84li980-84.members.linode.comRichardsonTexasAS63949 Linode, LLC75080United Statestier_33

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website