Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

1. Overall statistics
   1. Number of domains detected
   2. Number of domains detected by Google Safe Browsing
   3. IP address behind entry-level domains
   4. date of collection
2. Top 10 domain statistics
   1. count (number of redirection paths that contain this domain)
   2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
   3. registar
   4. organization
3. Top 10 IP statistics
   1. count
   2. location (city, country, region)
   3. hostname
   4. organization
4. Consolidated redirection path
   1. green: tier one domain
   2. yellow: tier two domain
   3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	247	261	1290	0	20	2021-04-10	37.48.65.149	Iphone

	tier	domain	count	registrar	name_servers	org
0	tier_1	elternportal.org	1	ABOVE.COM PTY LTD.	NS1.COMMONMX.COM	\n
1	tier_1	bunkerkilts.com	1	Communigal Communication Ltd	NS1.COMMONMX.COM	None
2	tier_1	chimichurri.co	1	GoDaddy.com, LLC	ns2.commonmx.com	None
3	tier_1	allbank.co.in	1	Dynadot LLC	ns1.commonmx.com	None
4	tier_1	dakikpanel.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
5	tier_1	campusesolution.com	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0159843300
6	tier_1	bicoholics.com	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0158852663
7	tier_1	aktivwatch.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
8	tier_1	aweldaw.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
9	tier_1	dd-routers.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
10	tier_2	aristo-hag.com	76	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
11	tier_2	btpnav.com	75	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
12	tier_2	ads35.adtelligent.com	58	DANESCO TRADING LTD	NS.ANYCASTNS1.ORG	Vertamedia,LLC
13	tier_2	dsp35.adtelligent.com	58	DANESCO TRADING LTD	NS.ANYCASTNS1.ORG	Vertamedia,LLC
14	tier_2	aibm1.mysearch.space	58	None	None	None
15	tier_2	externals-1953518744.us-east-1.elb.amazonaws.com	58	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
16	tier_2	search.snjsearch.com	58	GoDaddy.com, LLC	NS73.DOMAINCONTROL.COM	Domains By Proxy, LLC
17	tier_2	search-checker.com	56	Name.com, Inc.	BETH.NS.CLOUDFLARE.COM	Domain Protection Services, Inc.
18	tier_2	m.onlineweb.mobi	56	GoDaddy.com, LLC	None	None
19	tier_2	click.expmediadirect.com	46	None	None	None
20	tier_2	changeslots.com	36	Instra Corporation Pty Ltd.	CLEO.NS.CLOUDFLARE.COM	REDACTED FOR PRIVACY
21	tier_2	infopicked.com	34	None	None	None
22	tier_2	btpnative.com	29	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnative.com
23	tier_2	p274639.infopicked.com	24	None	None	None
24	tier_2	api.quotes.com	21	Internet Domain Service BS Corp.	NS-CANADA.TOPDNS.COM	Whois Privacy Corp.
25	tier_2	trfransit.com	16	None	None	None
26	tier_2	activtraffic.com	16	None	None	None
27	tier_2	trfransit.com_LOOP_1	16	None	None	None
28	tier_2	api.apptap.com	15	Amazon Registrar, Inc.	NS-1256.AWSDNS-29.ORG	Whois Privacy Service
29	tier_2	api.mplayit.com	14	Amazon Registrar, Inc.	NS-1236.AWSDNS-26.ORG	Whois Privacy Service
30	tier_3	bing.com	58	MarkMonitor, Inc.	DNS1.P09.NSONE.NET	Microsoft Corporation
31	tier_3	theconnectvpn.com	36	DonDominio (SCIP)	ARNOLD.NS.CLOUDFLARE.COM	Soluciones Corporativas IP, c/o Whois Proxy
32	tier_3	bestappland.me	31	None	None	None
33	tier_3	bestbody.s3.amazonaws.com	16	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
34	tier_3	storystudio.sfgate.com	12	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.
35	tier_3	frontgate.com	5	Network Solutions, LLC	NS1.HSN.NET	Cornerstone Brands, Inc.
36	tier_3	ram21.proasdf.com	4	GoDaddy.com, LLC	NS61.DOMAINCONTROL.COM	Domains By Proxy, LLC
37	tier_3	reebok.com	4	CSC CORPORATE DOMAINS, INC.	NS1.NETNAMES.NET	Reebok International, Ltd.
38	tier_3	chrismoneymaker.com	4	GoDaddy.com, LLC	NS65.DOMAINCONTROL.COM	Amaya Services Limited
39	tier_3	rd.bizrate.com	2	MarkMonitor, Inc.	NS-1189.AWSDNS-20.ORG	Meredith Corporation
40	tier_3	dollarshaveclub.com	2	GoDaddy.com, LLC	NS-1465.AWSDNS-55.ORG	Domains By Proxy, LLC
41	tier_3	toryburch.com	2	CSC CORPORATE DOMAINS, INC.	DNS1.CSCDNS.NET	River Light V, L.P.
42	tier_3	apple.com	1	CSC CORPORATE DOMAINS, INC.	A.NS.APPLE.COM	Apple Inc.
43	tier_3	aristo-hag.com	1	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
44	tier_3	us.norton.com	1	MarkMonitor Inc.	PDNS1.ULTRADNS.NET	None

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	28	nan	nan
1	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	25	nan	nan
2	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	25	nan	nan
3	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	16	nan	nan
4	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	15	nan	nan
5	206.221.176.184	Newark	New Jersey	AS23470 ReliableSite.Net LLC	07175	United States	tier_1	15	nan	nan
6	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	12	nan	nan
7	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	11	nan	nan
8	185.107.56.198	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	4	nan	nan
9	74.63.241.21	Dallas	Texas	AS46475 Limestone Networks, Inc.	75270	United States	tier_1	3	21-241-63-74.static.reverse.lstn.net	nan
10	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	106	nan	nan
11	173.192.101.24	Dallas	Texas	AS36351 SoftLayer Technologies Inc.	75270	United States	tier_2	66	18.65.c0ad.ip4.static.sl-reverse.com	nan
12	209.205.202.42	New York City	New York	AS55081 24 SHELLS	10004	United States	tier_2	58	static-42-202-205-209.24shells.net	nan
13	209.205.202.43	New York City	New York	AS55081 24 SHELLS	10004	United States	tier_2	58	static-43-202-205-209.24shells.net	nan
14	35.162.164.74	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_2	58	ec2-35-162-164-74.us-west-2.compute.amazonaws.com	nan
15	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	46	nan	nan
16	34.207.32.33	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	36	ec2-34-207-32-33.compute-1.amazonaws.com	nan
17	192.241.228.85	San Francisco	California	AS14061 DigitalOcean, LLC	94124	United States	tier_2	33	nan	nan
18	104.21.41.235	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_2	32	nan	True
19	52.29.135.45	Frankfurt am Main	Hesse	AS16509 Amazon.com, Inc.	60311	Germany	tier_2	31	ec2-52-29-135-45.eu-central-1.compute.amazonaws.com	nan
20	54.210.170.165	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	30	ec2-54-210-170-165.compute-1.amazonaws.com	nan
21	50.16.173.246	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	28	ec2-50-16-173-246.compute-1.amazonaws.com	nan
22	3.125.109.211	Frankfurt am Main	Hesse	AS16509 Amazon.com, Inc.	60311	Germany	tier_2	27	ec2-3-125-109-211.eu-central-1.compute.amazonaws.com	nan
23	192.241.229.243	San Francisco	California	AS14061 DigitalOcean, LLC	94124	United States	tier_2	25	nan	nan
24	172.67.196.184	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_2	24	nan	True
25	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	2	nan	nan
26	5.79.68.236	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_2	21	nan	nan
27	18.235.67.128	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-18-235-67-128.compute-1.amazonaws.com	nan
28	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_2	18	pool-100-37-135-2.nycmny.fios.verizon.net	nan
29	52.205.177.114	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	17	ec2-52-205-177-114.compute-1.amazonaws.com	nan
30	204.79.197.200	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	48	a-0001.a-msedge.net	True
31	142.93.4.215	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	31	nan	nan
32	172.67.181.234	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	21	nan	True
33	104.21.91.236	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	15	nan	True
34	98.129.228.57	Dallas	Texas	AS33070 Rackspace Hosting	75270	United States	tier_3	12	nan	nan
35	13.107.21.200	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	10	nan	True
36	184.87.71.113	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	5	a184-87-71-113.deploy.static.akamaitechnologies.com	nan
37	162.243.10.151	New York City	New York	AS14061 DigitalOcean, LLC	10011	United States	tier_3	4	nan	nan
38	92.205.4.117	Strasbourg	Grand Est	AS21499 Host Europe GmbH	67000	France	tier_3	4	ip-92-205-4-117.ip.secureserver.net	nan
39	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	2	nan	nan
40	151.101.1.9	San Francisco	California	AS54113 Fastly	94107	United States	tier_3	2	nan	True
41	23.201.27.178	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	2	a23-201-27-178.deploy.static.akamaitechnologies.com	nan
42	23.44.210.223	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_3	1	a23-44-210-223.deploy.static.akamaitechnologies.com	nan
43	52.216.89.108	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1-w.amazonaws.com	nan
44	52.216.24.228	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1-w.amazonaws.com	nan
45	23.43.253.169	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a23-43-253-169.deploy.static.akamaitechnologies.com	nan
46	52.216.153.148	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1-w.amazonaws.com	nan
47	52.216.82.136	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1-w.amazonaws.com	nan
48	52.216.132.171	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1-w.amazonaws.com	nan
49	52.217.193.113	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1-w.amazonaws.com	nan
50	52.216.84.187	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1-w.amazonaws.com	nan
51	23.38.170.41	Newark	New Jersey	AS20940 Akamai International B.V.	07175	United States	tier_3	1	a23-38-170-41.deploy.static.akamaitechnologies.com	nan
52	52.216.89.164	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1-w.amazonaws.com	nan
53	18.235.67.128	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-18-235-67-128.compute-1.amazonaws.com	nan
54	52.216.129.187	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1-w.amazonaws.com	nan
55	52.216.133.139	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1-w.amazonaws.com	nan
56	52.217.13.124	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1-w.amazonaws.com	nan
57	23.40.23.148	Philadelphia	Pennsylvania	AS16625 Akamai Technologies, Inc.	19099	United States	tier_3	1	a23-40-23-148.deploy.static.akamaitechnologies.com	nan
58	23.41.188.165	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a23-41-188-165.deploy.static.akamaitechnologies.com	nan
59	52.217.128.217	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1-w.amazonaws.com	nan

Aggregated redirection graph of domains located on current IP address.

• The redirection flows from left to right
• Leftmost domains are initial domains hosted on current IP
• Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website