Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

1. Overall statistics
   1. Number of domains detected
   2. Number of domains detected by Google Safe Browsing
   3. IP address behind entry-level domains
   4. date of collection
2. Top 10 domain statistics
   1. count (number of redirection paths that contain this domain)
   2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
   3. registar
   4. organization
3. Top 10 IP statistics
   1. count
   2. location (city, country, region)
   3. hostname
   4. organization
4. Consolidated redirection path
   1. green: tier one domain
   2. yellow: tier two domain
   3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	178	177	534	0	131	2021-02-20	207.244.67.215	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	ecomatt.co	1	GoDaddy.com, LLC	ns2.commonmx.com	None
1	tier_1	720pizle.co	1	GoDaddy.com, LLC	ns2.commonmx.com	None
2	tier_1	dudedigitalcodes.com	1	Chipshot Domains LLC	NS1.COMMONMX.COM	None
3	tier_1	desigay.org	1	Beartrapdomains.com LLC	NS1.COMMONMX.COM	None
4	tier_1	gamefirst.me	1	Dynadot, LLC	None	None
5	tier_1	davmodeldgp.org	1	Domainamania.com LLC	NS1.COMMONMX.COM	None
6	tier_1	fueledup.co	1	Communigal Communication Ltd	ns2.commonmx.com	None
7	tier_1	borno.co	1	Communigal Communication Ltd	ns1.commonmx.com	None
8	tier_1	firmfile.us	1	Communigal Communication Ltd	ns2.commonmx.com	None
9	tier_1	busyghana.com	1	Hawthornedomains.com LLC	NS1.COMMONMX.COM	None
10	tier_3	dprtb.com	52	1API GmbH	NS1.DNSIMPLE.COM	REDACTED FOR PRIVACY
11	tier_3	careerbuilder.com	30	CSC CORPORATE DOMAINS, INC.	BROCK.CBJOBS.NET	CareerBuilder, LLC
12	tier_3	btpnative.com	16	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnative.com
13	tier_3	managerformula.com	13	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
14	tier_3	s3.amazonaws.com	11	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
15	tier_3	americanlisted.com	2	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
16	tier_3	squirt.org	2	NAMECHEAP INC	NS5.DNSMADEEASY.COM	WhoisGuard, Inc.
17	tier_3	joblift.com	2	INWX GmbH & Co. KG	NS-CLOUD-E1.GOOGLEDOMAINS.COM	REDACTED FOR PRIVACY
18	tier_3	signup.myjobscorner.com	1	GoDaddy.com, LLC	ALDO.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
19	tier_3	jobleads.com	1	united domains AG	CRUZ.NS.CLOUDFLARE.COM	None
20	tier_2	dprtb.com	52	1API GmbH	NS1.DNSIMPLE.COM	REDACTED FOR PRIVACY
21	tier_2	1496.wcitianka.com	38	GoDaddy Online Services Cayman Islands LTD	NS-1096.AWSDNS-09.ORG	None
22	tier_2	americanlisted.com	36	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
23	tier_2	click.appcast.io	36	101Domain GRS Ltd	NS-85.AWSDNS-10.COM	None
24	tier_2	bradamante-per.com	24	Amazon Registrar, Inc.	NS-1026.AWSDNS-00.ORG	Whois Privacy Service
25	tier_2	btpnative.com	14	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnative.com
26	tier_2	infopicked.com	13	NAMECHEAP INC	NS0.DNSMADEEASY.COM	WhoisGuard, Inc.
27	tier_2	managerformula.com	11	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
28	tier_2	joblift.com	4	INWX GmbH & Co. KG	NS-CLOUD-E1.GOOGLEDOMAINS.COM	REDACTED FOR PRIVACY
29	tier_2	click.appcast.io_LOOP_1	3	None	None	None

	ip	city	region	org	postal	country_name	tier	count	hostname
0	207.244.67.215	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	22	nan
1	207.244.67.216	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	22	nan
2	207.244.67.218	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	17	nan
3	207.244.67.214	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	17	nan
4	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	10	nan
5	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	8	nan
6	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	7	nan
7	206.221.176.184	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	6	nan
8	82.192.82.226	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	5	nan
9	37.48.65.150	Soest	Utrecht	AS60781 LeaseWeb Netherlands B.V.	3765	Netherlands	tier_1	3	nan
10	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	66	nan
11	13.225.218.48	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_3	9	server-13-225-218-48.jfk51.r.cloudfront.net
12	13.225.218.90	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_3	9	server-13-225-218-90.jfk51.r.cloudfront.net
13	23.200.0.41	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_2	5	a23-200-0-41.deploy.static.akamaitechnologies.com
14	13.225.218.50	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_3	7	server-13-225-218-50.jfk51.r.cloudfront.net
15	13.225.218.25	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_3	5	server-13-225-218-25.jfk51.r.cloudfront.net
16	23.200.0.5	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_2	6	a23-200-0-5.deploy.static.akamaitechnologies.com
17	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	4	pool-100-37-135-2.nycmny.fios.verizon.net
18	52.217.74.182	Virginia Beach	Virginia	AS16509 Amazon.com, Inc.	23452	United States	tier_3	2	s3-1.amazonaws.com
19	52.216.24.110	Virginia Beach	Virginia	AS16509 Amazon.com, Inc.	23452	United States	tier_3	2	s3-1.amazonaws.com
20	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	66	nan
21	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	38	nan
22	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_2	36	240.61.209.35.bc.googleusercontent.com
23	52.0.220.89	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23452	United States	tier_2	21	ec2-52-0-220-89.compute-1.amazonaws.com
24	54.84.27.165	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23452	United States	tier_2	15	ec2-54-84-27-165.compute-1.amazonaws.com
25	3.234.136.137	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23452	United States	tier_2	15	ec2-3-234-136-137.compute-1.amazonaws.com
26	173.192.101.24	Dallas	Texas	AS36351 SoftLayer Technologies Inc.	75270	United States	tier_2	14	18.65.c0ad.ip4.static.sl-reverse.com
27	34.200.146.95	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23452	United States	tier_2	11	ec2-34-200-146-95.compute-1.amazonaws.com
28	23.200.0.5	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_2	6	a23-200-0-5.deploy.static.akamaitechnologies.com
29	23.200.0.41	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_2	5	a23-200-0-41.deploy.static.akamaitechnologies.com

Aggregated redirection graph of domains located on current IP address.

• The redirection flows from left to right
• Leftmost domains are initial domains hosted on current IP
• Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website