Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
0176178535102020-12-11207.244.67.215Iphone
tierdomaincountregistrarname_serversorg
0tier_1arizona-sexcams.com1Top Pick Names LLCNS1.DNSNUTS.COMNone
1tier_1bestmothertube.com1NamePal.com #8008 Inc.NS1.DNSNUTS.COMThe Management Group II
2tier_1banmorktawan.com1DropWalk.com, Inc.NS1.DNSNUTS.COMNone
3tier_1biznes-world.com1EunamesOregon.com LLCNS1.DNSNUTS.COMNone
4tier_1bdlive71.com1NamePal.com #8023 Inc.NS1.DNSNUTS.COMNone
5tier_15uxiaoshuo.com1NamePal.com #8018 Inc.NS1.DNSNUTS.COMThe Management Group II
6tier_135ink.com1CloudBreakDomains, LLCNS1.DNSNUTS.COMNone
7tier_1caljepcosta.com1Beartrapdomains.com LLCNS1.DNSNUTS.COMNone
8tier_1arizonanationalbank.com1Sea Wasp, LLCNS1.DNSNUTS.COMSavvy Investments, LLC Privacy ID# 750202
9tier_1captitolone.com1Media Elite Holdings LimitedNS1.DNSNUTS.COMFundacion Privacy Services LTD
10tier_2euphe-gun.com40Amazon Registrar, Inc.NS-1325.AWSDNS-37.ORGWhois Privacy Service
11tier_2track.vcdc.com37Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
12tier_2ad.doubleclick.net31MarkMonitor, Inc.NS1.GOOGLE.COMGoogle Inc.
13tier_2api.quotes.com29Internet Domain Service BS Corp.NS-CANADA.TOPDNS.COMWhois Privacy Corp.
14tier_2changeslots.com29Instra Corporation Pty Ltd.CLEO.NS.CLOUDFLARE.COMREDACTED FOR PRIVACY
15tier_2atnpx.com28GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMDomains By Proxy, LLC
16tier_2r.ealeo.com16DYNADOT LLCNS-1186.AWSDNS-20.ORGNone
17tier_2rd.bizrate.com16MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
18tier_2rd.connexity.net15NoneNoneNone
19tier_2btpnative.com71API GmbHNS1.DNSIMPLE.COMRegistrant of btpnative.com
20tier_3theconnectvpn.com29DonDominio (SCIP)ARNOLD.NS.CLOUDFLARE.COMSoluciones Corporativas IP, c/o Whois Proxy
21tier_3kbb.com28CSC CORPORATE DOMAINS, INC.PDNS164.ULTRADNS.BIZAutotrader.com
22tier_3track.vcdc.com11Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
23tier_3blog.sfgate.com9CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
24tier_3happierplacez.com7NAMECHEAP INCNS-1336.AWSDNS-39.ORGWhoisGuard, Inc.
25tier_3r.ealeo.com3DYNADOT LLCNS-1186.AWSDNS-20.ORGNone
26tier_3m.kohls.com2Network Solutions, LLCA1-236.AKAM.NETKohl's Illinois, Inc.
27tier_3brownells.com2Network Solutions, LLCNS1.YOTTAA.NETNone
28tier_3blog.chron.com2CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Newspapers, LLC
29tier_3m.costway.com_LOOP_11NoneNoneNone
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0207.244.67.214ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_127nannan
1207.244.67.216ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_126nannan
2207.244.67.218ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_125nannan
3207.244.67.215ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_118nannan
437.48.65.151AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_13nannan
537.48.65.148AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_12nannan
6185.107.56.59RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_12nannan
7185.107.56.58RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_12nannan
837.48.65.150AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_12nannan
964.32.8.67Los AngelesCaliforniaAS46844 Sharktech90009United Statestier_11customer.sharktech.netnan
105.79.68.236AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_229nannan
1134.207.32.33Virginia BeachVirginiaAS14618 Amazon.com, Inc.23464United Statestier_229ec2-34-207-32-33.compute-1.amazonaws.comnan
12192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_222rd.bizrate.comnan
13172.217.10.38Mountain ViewCaliforniaAS15169 Google LLC94043United Statestier_217lga34s13-in-f6.1e100.netnan
1466.165.243.151Los AngelesCaliforniaAS29802 HIVELOCITY, Inc.90009United Statestier_3366-165-243-151.static.hvvc.usnan
15104.26.10.53San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_216nanTrue
16192.138.218.139SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_215rd.connexity.netnan
173.221.180.161Virginia BeachVirginiaAS14618 Amazon.com, Inc.23464United Statestier_215ec2-3-221-180-161.compute-1.amazonaws.comnan
18173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_21418.65.c0ad.ip4.static.sl-reverse.comnan
19144.76.0.242NürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_212static.242.0.76.144.clients.your-server.denan
2023.44.217.143NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_328a23-44-217-143.deploy.static.akamaitechnologies.comnan
21172.67.181.234San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_311nanTrue
22151.101.0.200San FranciscoCaliforniaAS54113 Fastly94107United Statestier_311nanTrue
23195.201.92.254NürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_311static.254.92.201.195.clients.your-server.denan
24104.27.186.165San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_39nanTrue
25104.27.187.165San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_39nanTrue
26178.128.78.12Santa ClaraCaliforniaAS14061 DigitalOcean, LLC95051United Statestier_37nannan
2766.165.243.151Los AngelesCaliforniaAS29802 HIVELOCITY, Inc.90009United Statestier_3366-165-243-151.static.hvvc.usnan
2823.38.172.138NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_32a23-38-172-138.deploy.static.akamaitechnologies.comnan
29100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_31pool-100-37-135-2.nycmny.fios.verizon.netnan

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website