Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

1. Overall statistics
   1. Number of domains detected
   2. Number of domains detected by Google Safe Browsing
   3. IP address behind entry-level domains
   4. date of collection
2. Top 10 domain statistics
   1. count (number of redirection paths that contain this domain)
   2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
   3. registar
   4. organization
3. Top 10 IP statistics
   1. count
   2. location (city, country, region)
   3. hostname
   4. organization
4. Consolidated redirection path
   1. green: tier one domain
   2. yellow: tier two domain
   3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	126	123	424	0	45	2021-01-17	37.48.65.149	Android

	tier	domain	count	registrar	name_servers	org
0	tier_1	alriyadh.us	1	Communigal Communication Ltd	ns2.commonmx.com	None
1	tier_1	cdhatver.com	1	NamePal.com #8010, LLC	NS1.COMMONMX.COM	None
2	tier_1	2homeremedies.com	1	None	None	None
3	tier_1	4779.info	1	DYNADOT LLC	NS1.COMMONMX.COM	None
4	tier_1	bigcleandetailing.com	1	None	None	None
5	tier_1	333tk.net	1	Annapurna Domains LLC	NS1.COMMONMX.COM	None
6	tier_1	123kingcash.com	1	YouDamain.com LLC	NS1.DNSNUTS.COM	None
7	tier_1	bookglobal.net	1	SNAPNAMES 9, LLC	NS1.COMMONMX.COM	None
8	tier_1	beastfriend.in	1	Dynadot LLC	ns1.commonmx.com	None
9	tier_1	casl.info	1	DYNADOT LLC	NS1.COMMONMX.COM	None
10	tier_2	bradamante-per.com	25	Amazon Registrar, Inc.	NS-1026.AWSDNS-00.ORG	Whois Privacy Service
11	tier_2	get.popplunder.com	25	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
12	tier_2	trustedpush.com	24	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	WhoisGuard, Inc.
13	tier_2	win1.trustedpush.com	24	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	WhoisGuard, Inc.
14	tier_2	win2.trustedpush.com	23	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	WhoisGuard, Inc.
15	tier_2	dprtb.com	21	1API GmbH	NS1.DNSIMPLE.COM	REDACTED FOR PRIVACY
16	tier_2	1496.wcitianka.com	15	GoDaddy Online Services Cayman Islands LTD	NS-1096.AWSDNS-09.ORG	None
17	tier_2	americanlisted.com	14	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
18	tier_2	rd.nebulajobs.com	14	None	None	None
19	tier_2	win3.trustedpush.com	14	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	WhoisGuard, Inc.
20	tier_3	win3.trustedpush.com	9	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	WhoisGuard, Inc.
21	tier_3	win4.trustedpush.com	8	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	WhoisGuard, Inc.
22	tier_3	signup.finddreamjobs.com	5	GoDaddy.com, LLC	ALEXIS.NS.CLOUDFLARE.COM	Find Dream Jobs
23	tier_3	agatrck.com	5	Amazon Registrar, Inc.	NS-1518.AWSDNS-61.ORG	Whois Privacy Service
24	tier_3	win5.trustedpush.com	4	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	WhoisGuard, Inc.
25	tier_3	godaddy.com	3	GoDaddy.com, LLC	A1-245.AKAM.NET	Go Daddy Operating Company, LLC
26	tier_3	delightcmain.xyz	3	Epik LLC	MARJORY.NS.CLOUDFLARE.COM	Anonymize, Inc.
27	tier_3	click.appcast.io_LOOP_1	3	None	None	None
28	tier_3	toprevenuecpmnetwork.com	2	None	None	None
29	tier_3	b.jubilantdstreet.xyz	2	Epik LLC	MARJORY.NS.CLOUDFLARE.COM	Anonymize, Inc.

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.215	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	10	nan	nan
1	207.244.67.218	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	9	nan	nan
2	207.244.67.216	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	9	nan	nan
3	207.244.67.214	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	8	nan	nan
4	206.221.176.184	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	5	nan	nan
5	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	5	nan	nan
6	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	5	nan	nan
7	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	4	nan	nan
8	185.107.56.198	Amsterdam	North Holland	AS43350 NForce Entertainment B.V.	1012	Netherlands	tier_1	2	nan	nan
9	185.107.56.59	Amsterdam	North Holland	AS43350 NForce Entertainment B.V.	1012	Netherlands	tier_1	1	nan	nan
10	13.225.229.113	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_2	29	server-13-225-229-113.jfk51.r.cloudfront.net	nan
11	13.225.229.12	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_3	2	server-13-225-229-12.jfk51.r.cloudfront.net	nan
12	34.199.180.187	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23479	United States	tier_2	26	ec2-34-199-180-187.compute-1.amazonaws.com	nan
13	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	24	nan	nan
14	13.225.229.73	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_3	2	server-13-225-229-73.jfk51.r.cloudfront.net	nan
15	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	17	nan	nan
16	34.202.98.117	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23479	United States	tier_2	15	ec2-34-202-98-117.compute-1.amazonaws.com	nan
17	13.225.229.61	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_3	5	server-13-225-229-61.jfk51.r.cloudfront.net	nan
18	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_2	14	240.61.209.35.bc.googleusercontent.com	nan
19	34.226.113.11	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23479	United States	tier_2	12	ec2-34-226-113-11.compute-1.amazonaws.com	nan
20	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	19	pool-100-37-135-2.nycmny.fios.verizon.net	nan
21	13.225.229.61	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_3	5	server-13-225-229-61.jfk51.r.cloudfront.net	nan
22	104.17.47.14	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	5	nan	True
23	54.205.191.137	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23479	United States	tier_3	5	ec2-54-205-191-137.compute-1.amazonaws.com	nan
24	184.87.68.204	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	3	a184-87-68-204.deploy.static.akamaitechnologies.com	nan
25	104.18.82.149	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	3	nan	True
26	13.225.229.73	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_3	2	server-13-225-229-73.jfk51.r.cloudfront.net	nan
27	3.211.178.164	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23479	United States	tier_3	2	ec2-3-211-178-164.compute-1.amazonaws.com	nan
28	13.225.229.12	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_3	2	server-13-225-229-12.jfk51.r.cloudfront.net	nan
29	52.200.114.82	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23479	United States	tier_3	1	ec2-52-200-114-82.compute-1.amazonaws.com	nan

Aggregated redirection graph of domains located on current IP address.

• The redirection flows from left to right
• Leftmost domains are initial domains hosted on current IP
• Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website