Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
02792818220152021-04-13207.244.67.215Chrome
tierdomaincountregistrarname_serversorg
0tier_1helloboss.in1Dynadot LLCns1.commonmx.comNone
1tier_1crj.us1Communigal Communication Ltdns2.commonmx.comNone
2tier_1fibroidclear.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
3tier_1einarpetterson.us1Dynadot LLCns2.commonmx.comNone
4tier_1checkvin.us1Communigal Communication Ltdns1.commonmx.comNone
5tier_1cerberus.us1Communigal Communication Ltdns2.commonmx.comNone
6tier_1funnyphotoframes.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
7tier_1atifaslam.us1Communigal Communication Ltdns2.commonmx.comNone
8tier_1hireachbb.com1TUCOWS, INC.NS1.COMMONMX.COMContact Privacy Inc. Customer 0159507725
9tier_1dresslikejess.us1Dynadot LLCns2.commonmx.comNone
10tier_21496.rawlexi.com178GoDaddy Online Services Cayman Islands LTDNS-128.AWSDNS-16.COMNone
11tier_2btpnav.com441API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
12tier_2americanlisted.com43ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
13tier_29nl.es17NoneNoneNone
14tier_2newre-conversions.clickmeter.com17REGISTER S.P.A.NS-1498.AWSDNS-59.ORGREDACTED FOR PRIVACY
15tier_2click.appcast.io11101Domain GRS LtdNS-85.AWSDNS-10.COMNone
16tier_2api.l5srv.net8GoDaddy.com, LLCNS53.DOMAINCONTROL.COMDomains By Proxy, LLC
17tier_2ring.joveo.com7Go Canada Domains, LLCNS-1256.AWSDNS-29.ORGDomains By Proxy, LLC
18tier_2trk.jometer.com7Amazon Registrar, Inc.NS-129.AWSDNS-16.COMWhois Privacy Service
19tier_2click.joveo.com5Go Canada Domains, LLCNS-1256.AWSDNS-29.ORGDomains By Proxy, LLC
20tier_2jobdiagnosis.com5GoDaddy.com, LLC10.SUCURIDNS.COMVHMnetwork LLC
21tier_2click.expmediadirect.com5NAMECHEAP INCNS1.LINODE.COMPrivacy service provided by Withheld for Privacy ehf
22tier_2api.apptap.com5Amazon Registrar, Inc.NS-1256.AWSDNS-29.ORGWhois Privacy Service
23tier_2api.mplayit.com5Amazon Registrar, Inc.NS-1236.AWSDNS-26.ORGWhois Privacy Service
24tier_2redirect.viglink.com5Amazon Registrar, Inc.NS1.VIGLINK.COMWhois Privacy Service
25tier_2link.sylikes.com5MarkMonitor, Inc.NS-1063.AWSDNS-04.ORGConnexity, Inc.
26tier_2us.expand-backend.mindmatch.ai4NoneNoneNone
27tier_2btpnative.com41API GmbHNS1.DNSIMPLE.COMRegistrant of btpnative.com
28tier_2infopicked.com4NAMECHEAP INCNS0.DNSMADEEASY.COMPrivacy service provided by Withheld for Privacy ehf
29tier_2rd.bizrate.com4MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
30tier_3americanlisted.com136ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
31tier_3us.tideri.com12united domains AGNS.UDAG.DENone
32tier_3upward.careers8GoDaddy.com, LLCns21.domaincontrol.comDomains By Proxy, LLC
33tier_3homeadvisorpros.com5GoDaddy.com, LLCARYA.NS.CLOUDFLARE.COMService Magic Inc
34tier_3careerbuilder.com4CSC CORPORATE DOMAINS, INC.BROCK.CBJOBS.NETCareerBuilder, LLC
35tier_3us.allthetopbananas.com3ENOM, INC.DANE.NS.CLOUDFLARE.COMREDACTED FOR PRIVACY
36tier_3click.joveo.com3Go Canada Domains, LLCNS-1256.AWSDNS-29.ORGDomains By Proxy, LLC
37tier_3signup.finddreamjobs.com2GoDaddy.com, LLCALEXIS.NS.CLOUDFLARE.COMFind Dream Jobs
38tier_3godaddy.com2GoDaddy.com, LLCA1-245.AKAM.NETGo Daddy Operating Company, LLC
39tier_3colorwowhair.com1GoDaddy.com, LLCCHRIS.NS.CLOUDFLARE.COMDomains By Proxy, LLC
40tier_3jobs.massageenvy.com1Network Solutions, LLCNS1.WORLDNIC.COMNone
41tier_3irl.com1GoDaddy.com, LLCNS-106.AWSDNS-13.COMDomains By Proxy, LLC
42tier_31496.rawlexi.com1GoDaddy Online Services Cayman Islands LTDNS-128.AWSDNS-16.COMNone
43tier_3google.com_LOOP_11NoneNoneNone
44tier_3rd.bizrate.com1MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
45tier_3orthofeet.com1Network Solutions, LLCNS27.WORLDNIC.COMORTHOFEET INC.
46tier_3cbp.gov1NoneNoneNone
47tier_3harryanddavid.com_LOOP_11NoneNoneNone
48tier_3ram21.proasdf.com1GoDaddy.com, LLCNS61.DOMAINCONTROL.COMDomains By Proxy, LLC
49tier_3click.appcast.io_LOOP_11NoneNoneNone
50tier_3bing.com1MarkMonitor, Inc.DNS1.P09.NSONE.NETMicrosoft Corporation
51tier_3uber.com1NoneNoneNone
52tier_3thredup.com1GoDaddy.com, LLCMATT.NS.CLOUDFLARE.COMNone
53tier_3maurices.com_LOOP_11NoneNoneNone
54tier_3juju.com1Network Solutions, LLCNS-1111.AWSDNS-10.ORGJuju Inc.
55tier_3adidas.com1RegistryGate GmbHSEC1.RCODE0.NETREDACTED FOR PRIVACY
56tier_3click.appcast.io1101Domain GRS LtdNS-85.AWSDNS-10.COMNone
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0207.244.67.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_127nannan
1207.244.67.215WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_125nannan
2207.244.67.214WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_119nannan
3206.221.176.184New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_119nannan
4104.243.45.179New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_117nannan
5207.244.67.218WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_116nannan
6104.243.45.190New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_113nannan
7104.243.45.178New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_112nannan
882.192.82.228AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_16nannan
9185.107.56.197RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_14nannan
10198.54.112.216San JoseCaliforniaAS22612 Namecheap, Inc.95103United Statestier_31nannan
11209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_250nannan
1235.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_3136240.61.209.35.bc.googleusercontent.comnan
1323.21.53.13AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_214ec2-23-21-53-13.compute-1.amazonaws.comnan
1423.21.166.230AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_211ec2-23-21-166-230.compute-1.amazonaws.comnan
15192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_31nannan
1667.227.173.37LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_28nannan
1754.197.247.190AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_26ec2-54-197-247-190.compute-1.amazonaws.comnan
1852.206.141.190AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_26ec2-52-206-141-190.compute-1.amazonaws.comnan
19192.124.249.12MenifeeCaliforniaAS30148 Sucuri92584United Statestier_25cloudproxy10012.sucuri.netTrue
2052.3.4.129AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_25ec2-52-3-4-129.compute-1.amazonaws.comnan
213.234.0.165AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_25ec2-3-234-0-165.compute-1.amazonaws.comnan
22198.134.116.30New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_25nannan
2399.84.114.53NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_24server-99-84-114-53.ewr52.r.cloudfront.netnan
2434.120.235.106Kansas CityMissouriAS15169 Google LLC64121United Statestier_24106.235.120.34.bc.googleusercontent.comTrue
25173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_2418.65.c0ad.ip4.static.sl-reverse.comnan
2652.205.177.114AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_24ec2-52-205-177-114.compute-1.amazonaws.comnan
273.226.37.31AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_24ec2-3-226-37-31.compute-1.amazonaws.comnan
28192.138.218.139SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_24rd.connexity.netnan
29100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_34pool-100-37-135-2.nycmny.fios.verizon.netnan
3035.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_3136240.61.209.35.bc.googleusercontent.comnan
3135.246.171.123Frankfurt am MainHesseAS15169 Google LLC60311Germanytier_312123.171.246.35.bc.googleusercontent.comnan
3267.227.172.40LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_38nannan
33100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_34pool-100-37-135-2.nycmny.fios.verizon.netnan
34104.16.11.24San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_34nanTrue
35104.17.47.14San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
36104.26.13.236San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
37184.87.68.204NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_32a184-87-68-204.deploy.static.akamaitechnologies.comnan
38104.16.10.24San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
39104.22.55.241San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
4023.38.170.185NewarkNew JerseyAS20940 Akamai International B.V.07175United Statestier_31a23-38-170-185.deploy.static.akamaitechnologies.comnan
4152.73.87.228AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-73-87-228.compute-1.amazonaws.comnan
4299.84.47.65NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31server-99-84-47-65.ewr52.r.cloudfront.netnan
43198.54.112.216San JoseCaliforniaAS22612 Namecheap, Inc.95103United Statestier_31nannan
4499.84.114.78NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31server-99-84-114-78.ewr52.r.cloudfront.netnan
45172.67.75.236San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
4699.84.114.81NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31server-99-84-114-81.ewr52.r.cloudfront.netnan
47192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_31nannan
4823.227.38.74OttawaOntarioAS13335 Cloudflare, Inc.K2PCanadatier_31nanTrue
49184.85.22.240NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31a184-85-22-240.deploy.static.akamaitechnologies.comnan
5099.84.47.36NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31server-99-84-47-36.ewr52.r.cloudfront.netnan
5199.84.114.107NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31server-99-84-114-107.ewr52.r.cloudfront.netnan
5299.84.114.91NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31server-99-84-114-91.ewr52.r.cloudfront.netnan
5399.84.114.67NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31server-99-84-114-67.ewr52.r.cloudfront.netnan
54162.243.10.151New York CityNew YorkAS14061 DigitalOcean, LLC10011United Statestier_31nannan
5513.107.21.200RedmondWashingtonAS8068 Microsoft Corporation98052United Statestier_31nanTrue
56104.36.195.150WashingtonWashington, D.C.AS63086 Uber Technologies, Inc20045United Statestier_31nannan
57104.18.22.236San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
5854.165.163.115AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-54-165-163-115.compute-1.amazonaws.comnan
5923.39.32.104NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31a23-39-32-104.deploy.static.akamaitechnologies.comnan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website