Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information. All tables and graphs are auto-generated.

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain

Content Warning: The following domain names and screenshots contain material that may be harmful or traumatizing to some audiences.

num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
01731695070322021-09-16185.107.56.59Android
tierdomaincountregistrarname_serversorg
0tier_1arcomall.com1SNAPNAMES 25, LLCNS1.DNSNUTS.COMNone
1tier_1brasilonline.tv1Sterling Domains LLCNS1.DNSNUTS.COMNone
2tier_1crafthd.net1SNAPNAMES 42, LLCNS1.DNSNUTS.COMNone
3tier_1coin-inflate.com1Domainhawks.net LLCNS1.DNSNUTS.COMNone
4tier_1bttorrents.net1Fine Grain Domains, LLCNS1.DNSNUTS.COMThe Management Group II
5tier_1dashitz.com1Name Nelly CorporationNS1.DNSNUTS.COMNone
6tier_1easybed.nl1EuroDNS S.A.ns1.dnsnuts.comNone
7tier_1dconvert.net1SNAPNAMES 91, LLCNS1.DNSNUTS.COMNone
8tier_1dentalmedya.com1EndeavourDomains, LLCNS1.DNSNUTS.COMNone
9tier_1depladoc.net1SNAPNAMES 3, LLCNS1.DNSNUTS.COMNone
10tier_21496.rebiraert.com70GoDaddy Online Services Cayman Islands Ltd.NS11.CONSTELLIX.COMNone
11tier_2americanlisted.com51ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
12tier_2clk.rtpdn14.com17NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
13tier_2track.vcdc.com16Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
14tier_2us.redirectbuzz.club9Gandi SASns-1650.awsdns-14.co.ukPPCBUZZ
15tier_2us.sercanto.com9OVH, SASNS11.CONSTELLIX.COMWickedin s.r.l.
16tier_2click.junmediadirect.com8NAMECHEAP INCNS1.LINODE.COMPrivacy service provided by Withheld for Privacy ehf
17tier_2recode.pw8GANDI SASNS-1611.AWSDNS-09.CO.UKPPCBUZZ
18tier_2btpnative.com71API GmbHNS1.DNSIMPLE.COMRegistrant of btpnative.com
19tier_2mybetterdl.com7NAMECHEAP INCNS0.DNSMADEEASY.COMRedacted for Privacy Purposes
20tier_2p274639.mybetterdl.com7NAMECHEAP INCNS0.DNSMADEEASY.COMRedacted for Privacy Purposes
21tier_2blueclick.cloud7Sav.comLLCplato.ns.cloudflare.comPrivacy Protection
22tier_2click.expmediadirect1.com5NAMECHEAP INCNS1.LINODE.COMPrivacy service provided by Withheld for Privacy ehf
23tier_2shiplive.online5GoDaddy.com, LLCNS43.DOMAINCONTROL.COMNone
24tier_2offers.flogboat.com5GoDaddy.com, LLCNS53.DOMAINCONTROL.COMDomains By Proxy, LLC
25tier_21261b879b2d0.trafficmpy.com5DYNADOT LLCNS-1243.AWSDNS-27.ORGNone
26tier_2pieceredirect.com5NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
27tier_2barah-flo.com5Amazon Registrar, Inc.NS-1435.AWSDNS-51.ORGWhois Privacy Service
28tier_2trackyourmpg.com4GoDaddy Online Services Cayman Islands Ltd.HUGH.NS.CLOUDFLARE.COMNone
29tier_2rtbstream.com31API GmbHNS1.DNSIMPLE.COMRegistrant of rtbstream.com
30tier_3us.sercanto.com42OVH, SASNS11.CONSTELLIX.COMWickedin s.r.l.
31tier_3americanlisted.com19ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
32tier_3us.redirectbuzz.club10Gandi SASns-1650.awsdns-14.co.ukPPCBUZZ
33tier_3open.app.jobrapido.com9Marcaria.com International, Inc.NS-CLOUD-D1.GOOGLEDOMAINS.COMGDPR Masked
34tier_3newsinformer.net8GANDI SASNS-1092.AWSDNS-08.ORGPPCBUZZ
35tier_3interesticle.com7GoDaddy.com, LLCNS-118.AWSDNS-14.COMDomains By Proxy, LLC
36tier_3app-track.club5NAMECHEAP INCcloe.ns.cloudflare.comPrivacy service provided by Withheld for Privacy ehf
37tier_3f.koalaspringc.xyz2Sav.comLLCHUGH.NS.CLOUDFLARE.COMPrivacy Protection
38tier_3m.pandaspringe.xyz1Sav.comLLCHUGH.NS.CLOUDFLARE.COMPrivacy Protection
39tier_3f.koalaspringd.xyz1Sav.comLLCHUGH.NS.CLOUDFLARE.COMPrivacy Protection
40tier_3filter.sedodna.com1PSI-USA, Inc. dba Domain RobotNS-1222.AWSDNS-24.ORGNone
41tier_3dylanscandybar.com1MarkMonitor, Inc.NS1.MARKMONITOR.COMDylan's Candybar, LLC
42tier_3frktrk.com1NAMECHEAP INCNS1.FRKTRK.COMPrivacy service provided by Withheld for Privacy ehf
43tier_3m.chaturbate.com1Cloudflare, Inc.NSA.CHATURBATE.COMDATA REDACTED
44tier_3coversandall.com1GoDaddy.com, LLCMUSTAFA.NS.CLOUDFLARE.COMDesign Print Banner, LLC
45tier_3g-sponsored-results.com1GoDaddy.com, LLCNS-1531.AWSDNS-63.ORGDomains By Proxy, LLC
46tier_3recode.pw1GANDI SASNS-1611.AWSDNS-09.CO.UKPPCBUZZ
47tier_3b.fastspinf.xyz1Sav.comLLCHUGH.NS.CLOUDFLARE.COMPrivacy Protection
48tier_3rd.bizrate.com1MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
49tier_3w.myflashr.com1Eurodns S.A.NS1.DNSINFOS.COMWhois Privacy (enumDNS dba)
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0185.107.56.58RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_118nannan
164.32.8.70Los AngelesCaliforniaAS46844 Sharktech90009United Statestier_118customer.sharktech.netnan
264.32.8.68Los AngelesCaliforniaAS46844 Sharktech90009United Statestier_116customer.sharktech.netnan
364.32.8.69Los AngelesCaliforniaAS46844 Sharktech90009United Statestier_115customer.sharktech.netnan
464.32.8.67Los AngelesCaliforniaAS46844 Sharktech90009United Statestier_113customer.sharktech.netnan
5185.107.56.57RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_113nannan
6185.107.56.60RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_111nannan
7185.107.56.59RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_110nannan
8198.54.112.216Los AngelesCaliforniaAS22612 Namecheap, Inc.90009United Statestier_270nannan
935.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_319240.61.209.35.bc.googleusercontent.comnan
10173.239.53.32New York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_31nannan
11167.233.8.197GunzenhausenBavariaAS24940 Hetzner Online GmbH91710Germanytier_216static.197.8.233.167.clients.your-server.denan
12173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_21418.65.c0ad.ip4.static.sl-reverse.comnan
13209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_211nannan
1435.201.115.142Kansas CityMissouriAS15169 Google LLC64121United Statestier_342142.115.201.35.bc.googleusercontent.comTrue
15198.134.116.18New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_28nannan
16198.134.116.30New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_26nannan
17135.181.219.19TuusulaUusimaaAS24940 Hetzner Online GmbH04360Finlandtier_25static.19.219.181.135.clients.your-server.denan
1867.212.184.146ChicagoIllinoisAS32475 SingleHop LLC60604United Statestier_25server04.com-2.mobinan
1994.237.103.119Frankfurt am MainHesseAS202053 UpCloud Ltd60311Germanytier_2594-237-103-119.de-fra1.upcloud.hostnan
20172.67.145.221San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_24nanTrue
2152.73.147.241AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_24ec2-52-73-147-241.compute-1.amazonaws.comnan
22104.18.25.3San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_24nanTrue
2366.232.112.74TampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_3266-232-112-74.static.hvvc.usnan
24104.21.87.199San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_23nanTrue
2552.86.239.246AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_22ec2-52-86-239-246.compute-1.amazonaws.comnan
2666.232.112.73TampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_3166-232-112-73.static.hvvc.usnan
27116.202.48.54NürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_22static.54.48.202.116.clients.your-server.denan
2835.201.115.142Kansas CityMissouriAS15169 Google LLC64121United Statestier_342142.115.201.35.bc.googleusercontent.comTrue
2935.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_319240.61.209.35.bc.googleusercontent.comnan
3049.12.98.92PaderbornNorth Rhine-WestphaliaAS24940 Hetzner Online GmbH33098Germanytier_35static.92.98.12.49.clients.your-server.denan
3166.232.112.68TampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_3366-232-112-68.static.hvvc.usnan
3213.225.61.15NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_33server-13-225-61-15.ewr53.r.cloudfront.netnan
3366.232.112.71TampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_3366-232-112-71.static.hvvc.usnan
3466.232.112.74TampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_3266-232-112-74.static.hvvc.usnan
3566.232.112.89TampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_3266-232-112-89.static.hvvc.usnan
3613.225.61.61NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_32server-13-225-61-61.ewr53.r.cloudfront.netnan
37104.18.70.149San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
3866.232.112.69TampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_3266-232-112-69.static.hvvc.usnan
39176.31.228.17ParisÎle-de-FranceAS16276 OVH SAS75000Francetier_32ns3042239.ip-176-31-228.eunan
4066.232.112.76TampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_3266-232-112-76.static.hvvc.usnan
4166.232.112.79TampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_3266-232-112-79.static.hvvc.usnan
42104.18.72.149San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
43104.18.69.149San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
44173.239.53.32New York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_31nannan
45176.31.228.38ParisÎle-de-FranceAS16276 OVH SAS75000Francetier_31ns3042244.ip-176-31-228.eunan
4623.227.38.74OttawaOntarioAS13335 Cloudflare, Inc.K2PCanadatier_31nanTrue
4766.232.112.73TampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_3166-232-112-73.static.hvvc.usnan
4851.75.255.131LavalPays de la LoireAS16276 OVH SAS53000Francetier_31131.ip-51-75-255.eunan
49176.31.228.56ParisÎle-de-FranceAS16276 OVH SAS75000Francetier_31ns3042236.ip-176-31-228.eunan
5051.91.83.174RoubaixHauts-de-FranceAS16276 OVH SAS59051 CEDEX 1Francetier_31ns3164816.ip-51-91-83.eunan
5146.105.105.97ParisÎle-de-FranceAS16276 OVH SAS75000Francetier_31ns3436170.ip-46-105-105.eunan
52178.33.224.90ParisÎle-de-FranceAS16276 OVH SAS75000Francetier_31ns370973.ip-178-33-224.eunan
53104.18.100.40San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
5466.232.112.80TampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_3166-232-112-80.static.hvvc.usnan
55104.22.33.162San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
5613.225.61.42NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31server-13-225-61-42.ewr53.r.cloudfront.netnan
5713.225.61.17NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31server-13-225-61-17.ewr53.r.cloudfront.netnan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website