Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

1. Overall statistics
   1. Number of domains detected
   2. Number of domains detected by Google Safe Browsing
   3. IP address behind entry-level domains
   4. date of collection
2. Top 10 domain statistics
   1. count (number of redirection paths that contain this domain)
   2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
   3. registar
   4. organization
3. Top 10 IP statistics
   1. count
   2. location (city, country, region)
   3. hostname
   4. organization
4. Consolidated redirection path
   1. green: tier one domain
   2. yellow: tier two domain
   3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	243	243	769	0	16	2021-04-13	37.48.65.149	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	acnedoctor.us	1	Communigal Communication Ltd	ns2.commonmx.com	None
1	tier_1	daily-news.us	1	Dynadot LLC	ns2.commonmx.com	None
2	tier_1	goresults.net	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
3	tier_1	cotact.us	1	Communigal Communication Ltd	ns2.commonmx.com	None
4	tier_1	comefly.us	1	Communigal Communication Ltd	ns2.commonmx.com	None
5	tier_1	coinhackgame.us	1	GoDaddy.com, LLC	ns2.commonmx.com	None
6	tier_1	asio.pro	1	DYNADOT LLC	NS1.COMMONMX.COM	None
7	tier_1	alriyadh.us	1	Communigal Communication Ltd	ns2.commonmx.com	None
8	tier_1	consecratiomundi.us	1	Communigal Communication Ltd	ns2.commonmx.com	None
9	tier_1	azulholisticspa.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	Domains By Proxy, LLC
10	tier_2	1496.rawlexi.com	176	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
11	tier_2	btpnav.com	42	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
12	tier_2	americanlisted.com	40	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
13	tier_2	9nl.es	14	None	None	None
14	tier_2	newre-conversions.clickmeter.com	14	REGISTER S.P.A.	NS-1498.AWSDNS-59.ORG	REDACTED FOR PRIVACY
15	tier_2	trk.jometer.com	13	Amazon Registrar, Inc.	NS-129.AWSDNS-16.COM	Whois Privacy Service
16	tier_2	api.l5srv.net	13	GoDaddy.com, LLC	NS53.DOMAINCONTROL.COM	Domains By Proxy, LLC
17	tier_2	nizephoros-pom.com	9	Amazon Registrar, Inc.	NS-1192.AWSDNS-21.ORG	Whois Privacy Service
18	tier_2	us.expand-backend.mindmatch.ai	8	None	None	None
19	tier_2	managerformula.com	8	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
20	tier_2	click.appcast.io	6	101Domain GRS Ltd	NS-85.AWSDNS-10.COM	None
21	tier_2	click.expmediadirect.com	3	NAMECHEAP INC	NS1.LINODE.COM	Privacy service provided by Withheld for Privacy ehf
22	tier_2	api.apptap.com	3	Amazon Registrar, Inc.	NS-1256.AWSDNS-29.ORG	Whois Privacy Service
23	tier_2	redirect.viglink.com	3	Amazon Registrar, Inc.	NS1.VIGLINK.COM	Whois Privacy Service
24	tier_2	link.sylikes.com	3	MarkMonitor, Inc.	NS-1063.AWSDNS-04.ORG	Connexity, Inc.
25	tier_2	api.mplayit.com	2	Amazon Registrar, Inc.	NS-1236.AWSDNS-26.ORG	Whois Privacy Service
26	tier_2	folcher-cri.com	2	Amazon Registrar, Inc.	NS-1201.AWSDNS-22.ORG	Whois Privacy Service
27	tier_2	productiq.net	2	GoDaddy.com, LLC	DOUG.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
28	tier_2	rd.bizrate.com	2	None	None	None
29	tier_2	rd.connexity.net	2	None	None	None
30	tier_3	americanlisted.com	135	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
31	tier_3	upward.careers	13	GoDaddy.com, LLC	ns21.domaincontrol.com	Domains By Proxy, LLC
32	tier_3	us.tideri.com	12	united domains AG	NS.UDAG.DE	None
33	tier_3	s3.amazonaws.com	9	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
34	tier_3	us.allthetopbananas.com	8	ENOM, INC.	DANE.NS.CLOUDFLARE.COM	REDACTED FOR PRIVACY
35	tier_3	careerbuilder.com	3	CSC CORPORATE DOMAINS, INC.	BROCK.CBJOBS.NET	CareerBuilder, LLC
36	tier_3	linkedin.com	1	MarkMonitor, Inc.	DNS1.P09.NSONE.NET	LinkedIn Corporation
37	tier_3	google.com_LOOP_1	1	None	None	None
38	tier_3	reebok.com	1	CSC CORPORATE DOMAINS, INC.	NS1.NETNAMES.NET	Reebok International, Ltd.
39	tier_3	ram21.proasdf.com	1	GoDaddy.com, LLC	NS61.DOMAINCONTROL.COM	Domains By Proxy, LLC
40	tier_3	dell.com	1	Safenames Ltd	NS1.US.DELL.COM	None
41	tier_3	eharmony.com	1	None	None	None
42	tier_3	signup.careersandjobs.co	1	GoDaddy.com, LLC	alexis.ns.cloudflare.com	Domains By Proxy, LLC
43	tier_3	jobleads.com	1	united domains AG	CRUZ.NS.CLOUDFLARE.COM	None
44	tier_3	click.appcast.io	1	101Domain GRS Ltd	NS-85.AWSDNS-10.COM	None
45	tier_3	rd.bizrate.com	1	MarkMonitor, Inc.	NS-1189.AWSDNS-20.ORG	Meredith Corporation
46	tier_3	macys.com	1	Network Solutions, LLC	A1-135.AKAM.NET	Macy's Systems and Technology, Inc.

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	28	nan	nan
1	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	27	nan	nan
2	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	27	nan	nan
3	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	20	nan	nan
4	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	18	nan	nan
5	206.221.176.184	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	17	nan	nan
6	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	13	nan	nan
7	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	7	nan	nan
8	82.192.82.226	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	4	nan	nan
9	74.63.241.20	Dallas	Texas	AS46475 Limestone Networks, Inc.	75270	United States	tier_1	3	20-241-63-74.static.reverse.lstn.net	nan
10	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	176	nan	nan
11	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	43	nan	nan
12	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	135	240.61.209.35.bc.googleusercontent.com	nan
13	67.227.173.37	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_2	13	nan	nan
14	23.21.53.13	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	10	ec2-23-21-53-13.compute-1.amazonaws.com	nan
15	23.21.166.230	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	8	ec2-23-21-166-230.compute-1.amazonaws.com	nan
16	34.120.235.106	Kansas City	Missouri	AS15169 Google LLC	64121	United States	tier_2	8	106.235.120.34.bc.googleusercontent.com	True
17	99.84.114.25	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	6	server-99-84-114-25.ewr52.r.cloudfront.net	nan
18	54.197.247.190	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	6	ec2-54-197-247-190.compute-1.amazonaws.com	nan
19	159.127.43.26	Washington	Washington, D.C.	AS25751 Conversant, Inc.	20045	United States	tier_2	6	nan	nan
20	52.72.29.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	5	ec2-52-72-29-7.compute-1.amazonaws.com	nan
21	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	1	nan	nan
22	54.208.107.202	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	4	ec2-54-208-107-202.compute-1.amazonaws.com	nan
23	54.235.205.204	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	4	ec2-54-235-205-204.compute-1.amazonaws.com	nan
24	100.25.52.1	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	3	ec2-100-25-52-1.compute-1.amazonaws.com	nan
25	99.84.114.65	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	3	server-99-84-114-65.ewr52.r.cloudfront.net	nan
26	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	3	nan	nan
27	52.206.141.190	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	3	ec2-52-206-141-190.compute-1.amazonaws.com	nan
28	99.84.114.17	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	3	server-99-84-114-17.ewr52.r.cloudfront.net	nan
29	34.225.128.119	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	2	ec2-34-225-128-119.compute-1.amazonaws.com	nan
30	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	135	240.61.209.35.bc.googleusercontent.com	nan
31	67.227.172.40	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_3	13	nan	nan
32	35.246.171.123	Frankfurt am Main	Hesse	AS15169 Google LLC	60311	Germany	tier_3	12	123.171.246.35.bc.googleusercontent.com	nan
33	104.26.12.236	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	7	nan	True
34	52.216.83.91	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
35	52.216.135.13	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
36	52.216.249.182	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
37	13.107.42.14	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	1	nan	True
38	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	1	pool-100-37-135-2.nycmny.fios.verizon.net	nan
39	52.217.200.240	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
40	23.201.27.178	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a23-201-27-178.deploy.static.akamaitechnologies.com	nan
41	99.84.114.78	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-114-78.ewr52.r.cloudfront.net	nan
42	162.243.10.151	New York City	New York	AS14061 DigitalOcean, LLC	10011	United States	tier_3	1	nan	nan
43	99.84.114.91	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-114-91.ewr52.r.cloudfront.net	nan
44	184.87.86.140	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a184-87-86-140.deploy.static.akamaitechnologies.com	nan
45	52.216.18.59	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
46	52.216.78.86	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
47	104.16.8.138	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
48	104.21.10.65	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
49	194.6.195.224	Hamburg	Hamburg	AS39227 Corpex Internet GmbH	20038	Germany	tier_3	1	www.jobleads.de	nan
50	3.234.0.165	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-3-234-0-165.compute-1.amazonaws.com	nan
51	104.26.13.236	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
52	99.84.114.84	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-114-84.ewr52.r.cloudfront.net	nan
53	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	1	nan	nan
54	23.41.189.63	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a23-41-189-63.deploy.static.akamaitechnologies.com	nan

Aggregated redirection graph of domains located on current IP address.

• The redirection flows from left to right
• Leftmost domains are initial domains hosted on current IP
• Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website