Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
026326411240252021-04-2137.48.65.149Iphone
tierdomaincountregistrarname_serversorg
0tier_1jntukresultsdb.com1Domainsofcourse.com LLCNS1.COMMONMX.COMNone
1tier_1fibroidclear.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
2tier_1arconaitv.co1Communigal Communication Ltdns2.commonmx.comNone
3tier_1airtemail.in1Dynadot LLCns1.commonmx.comNone
4tier_1filmapik.tv1Domain Landing Zone LLCNS1.COMMONMX.COMNone
5tier_1alriyadh.us1Communigal Communication Ltdns2.commonmx.comNone
6tier_1impotencemeds.info1DYNADOT LLCNS1.COMMONMX.COMNone
7tier_1bezlohotrona.info1DYNADOT LLCNS1.COMMONMX.COMNone
8tier_1haimatsu.info1DYNADOT LLCNS1.COMMONMX.COMNone
9tier_1buysellads.ph1NoneNoneNone
10tier_21496.rawlexi.com167GoDaddy Online Services Cayman Islands LTDNS-128.AWSDNS-16.COMNone
11tier_2americanlisted.com163ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
12tier_29nl.es48NoneNoneNone
13tier_2newre-conversions.clickmeter.com48REGISTER S.P.A.NS-1498.AWSDNS-59.ORGREDACTED FOR PRIVACY
14tier_2click.appcast.io44101Domain GRS LtdNS-85.AWSDNS-10.COMNone
15tier_2trk.jometer.com40Amazon Registrar, Inc.NS-129.AWSDNS-16.COMWhois Privacy Service
16tier_2api.l5srv.net40GoDaddy.com, LLCNS53.DOMAINCONTROL.COMDomains By Proxy, LLC
17tier_2api.quotes.com27Internet Domain Service BS Corp.NS-CANADA.TOPDNS.COMWhois Privacy Corp.
18tier_2changeslots.com27Instra Corporation Pty Ltd.CLEO.NS.CLOUDFLARE.COMREDACTED FOR PRIVACY
19tier_2careerbliss.com22GoDaddy.com, LLCNS10.DNSMADEEASY.COMDomains By Proxy, LLC
20tier_2trk.careerbliss.com21GoDaddy.com, LLCNS10.DNSMADEEASY.COMDomains By Proxy, LLC
21tier_2click.appcast.io_LOOP_110NoneNoneNone
22tier_2click.joveo.com6Go Canada Domains, LLCNS-1256.AWSDNS-29.ORGDomains By Proxy, LLC
23tier_2click.appcast.io_LOOP_26NoneNoneNone
24tier_2ring.joveo.com5Go Canada Domains, LLCNS-1256.AWSDNS-29.ORGDomains By Proxy, LLC
25tier_2systems.job.com4GoDaddy Online Services Cayman Islands LTDCASS.NS.CLOUDFLARE.COMNone
26tier_2aristo-hag.com4Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGWhois Privacy Service
27tier_2ziprecruiter.com3Safenames LtdCAROL.NS.CLOUDFLARE.COMNone
28tier_2rd.bizrate.com3MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
29tier_2rd.connexity.net3NoneNoneNone
30tier_3google.com79MarkMonitor, Inc.NS1.GOOGLE.COMGoogle LLC
31tier_3upward.careers40GoDaddy.com, LLCns21.domaincontrol.comDomains By Proxy, LLC
32tier_3theconnectvpn.com27DonDominio (SCIP)ARNOLD.NS.CLOUDFLARE.COMSoluciones Corporativas IP, c/o Whois Proxy
33tier_3careerbliss.com22GoDaddy.com, LLCNS10.DNSMADEEASY.COMDomains By Proxy, LLC
34tier_3jobleads.com5united domains AGCRUZ.NS.CLOUDFLARE.COMNone
35tier_3americanlisted.com4ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
36tier_3benevis.com_LOOP_12NoneNoneNone
37tier_3neuvoo.com2MarkMonitor, Inc.NS-1302.AWSDNS-34.ORGTalent.com
38tier_3click.appcast.io_LOOP_12NoneNoneNone
39tier_3caregivers.careinhomes.com2NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMRedacted for Privacy Purposes
40tier_3click.joveo.com2Go Canada Domains, LLCNS-1256.AWSDNS-29.ORGDomains By Proxy, LLC
41tier_3jobs.myjobhelper.com1NoneNoneNone
42tier_3btpnav.com11API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
43tier_3ring.joveo.com1Go Canada Domains, LLCNS-1256.AWSDNS-29.ORGDomains By Proxy, LLC
44tier_3storystudio.sfgate.com1CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
45tier_3trk.careerbliss.com1GoDaddy.com, LLCNS10.DNSMADEEASY.COMDomains By Proxy, LLC
46tier_3wayfair.com1MarkMonitor, Inc.A1-100.AKAM.NETWayfair, LLC
47tier_3irl.com1GoDaddy.com, LLCNS-106.AWSDNS-13.COMDomains By Proxy, LLC
48tier_3systems.job.com1GoDaddy Online Services Cayman Islands Ltd.CASS.NS.CLOUDFLARE.COMNone
49tier_3fanatics.com1NoneNoneNone
50tier_3flex.amazon.com1NoneNoneNone
51tier_3jobs.bswhealth.com1Network Solutions, LLCNS03.BAYLORHEALTHCARE.COMBaylor Health Care System
52tier_3belk.com1CSC CORPORATE DOMAINS, INC.DNS1.P08.NSONE.NETBelk Stores Services, Inc
53tier_3godaddy.com1GoDaddy.com, LLCA1-245.AKAM.NETGo Daddy Operating Company, LLC
54tier_3linkedin.com1NoneNoneNone
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0207.244.67.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_138nannan
1207.244.67.218WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_125nannan
2207.244.67.214WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_124nannan
3207.244.67.215WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_116nannan
4104.243.45.190New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_115nannan
5104.243.45.179New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_113nannan
6104.243.45.178New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_113nannan
7206.221.176.184New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_110nannan
837.48.65.149AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_15nannan
9185.107.56.200RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_13nannan
10198.54.112.216San JoseCaliforniaAS22612 Namecheap, Inc.95103United Statestier_2167nannan
1135.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_34240.61.209.35.bc.googleusercontent.comnan
12207.38.44.116Los AngelesCaliforniaAS5693 Latisys-Irvine, LLC90009United Statestier_323cbsmtp1.careerbliss.comnan
1367.227.173.37LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_240nannan
1423.21.166.45AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_230ec2-23-21-166-45.compute-1.amazonaws.comnan
155.79.68.236AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_227nannan
1634.207.32.33AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_227ec2-34-207-32-33.compute-1.amazonaws.comnan
1723.21.53.13AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_227ec2-23-21-53-13.compute-1.amazonaws.comnan
1854.235.205.204AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_221ec2-54-235-205-204.compute-1.amazonaws.comnan
19100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_36pool-100-37-135-2.nycmny.fios.verizon.netnan
2054.197.247.190AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_218ec2-54-197-247-190.compute-1.amazonaws.comnan
213.234.0.165AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_217ec2-3-234-0-165.compute-1.amazonaws.comnan
22100.25.52.1AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_216ec2-100-25-52-1.compute-1.amazonaws.comnan
2399.84.114.25NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_212server-99-84-114-25.ewr52.r.cloudfront.netnan
2452.3.4.129AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_211ec2-52-3-4-129.compute-1.amazonaws.comnan
2599.84.114.65NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_211server-99-84-114-65.ewr52.r.cloudfront.netnan
2699.84.114.17NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_210server-99-84-114-17.ewr52.r.cloudfront.netnan
2799.84.114.53NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_27server-99-84-114-53.ewr52.r.cloudfront.netnan
28192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_24rd.bizrate.comnan
2999.84.114.67NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_32server-99-84-114-67.ewr52.r.cloudfront.netnan
3067.227.172.40LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_340nannan
31207.38.44.116Los AngelesCaliforniaAS5693 Latisys-Irvine, LLC90009United Statestier_323cbsmtp1.careerbliss.comnan
32104.21.91.236San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_319nanTrue
33172.217.10.228CliftonNew JerseyAS15169 Google LLC07015United Statestier_312lga25s59-in-f4.1e100.netnan
34172.217.3.100WestburyNew YorkAS15169 Google LLC11590United Statestier_311lga34s18-in-f4.1e100.netnan
35172.217.9.228CliftonNew JerseyAS15169 Google LLC07015United Statestier_311lga34s11-in-f4.1e100.netnan
36142.250.80.4New York CityNew YorkAS15169 Google LLC10004United Statestier_39lga34s33-in-f4.1e100.netnan
37172.217.10.132CliftonNew JerseyAS15169 Google LLC07015United Statestier_39lga34s16-in-f4.1e100.netnan
38172.67.181.234San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_38nanTrue
39172.217.10.36Clinton CornersNew YorkAS15169 Google LLC12514United Statestier_38lga34s13-in-f4.1e100.netnan
40172.217.7.4Clinton CornersNew YorkAS15169 Google LLC12514United Statestier_37lga25s56-in-f4.1e100.netnan
41172.217.12.132CliftonNew JerseyAS15169 Google LLC07015United Statestier_36lga34s19-in-f4.1e100.netnan
42100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_36pool-100-37-135-2.nycmny.fios.verizon.netnan
43194.6.195.224HamburgHamburgAS39227 Corpex Internet GmbH20038Germanytier_35www.jobleads.denan
4435.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_34240.61.209.35.bc.googleusercontent.comnan
45172.217.6.196WestburyNew YorkAS15169 Google LLC11590United Statestier_33lga25s54-in-f196.1e100.netnan
46172.217.12.196CliftonNew JerseyAS15169 Google LLC07015United Statestier_33lga25s63-in-f4.1e100.netnan
4752.22.228.123AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_32ec2-52-22-228-123.compute-1.amazonaws.comnan
4899.84.114.67NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_32server-99-84-114-67.ewr52.r.cloudfront.netnan
49216.150.143.166HawthorneNew YorkAS11383 Xand Corporation10532United Statestier_31nannan
5054.211.44.127AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-54-211-44-127.compute-1.amazonaws.comnan
51209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_31nannan
52151.101.0.200San FranciscoCaliforniaAS54113 Fastly94107United Statestier_31nanTrue
5323.41.189.99NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31a23-41-189-99.deploy.static.akamaitechnologies.comnan
5454.205.240.192AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-54-205-240-192.compute-1.amazonaws.comnan
55184.87.65.240NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31a184-87-65-240.deploy.static.akamaitechnologies.comnan
5652.22.57.118AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-22-57-118.compute-1.amazonaws.comnan
57176.32.101.109AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31nannan
5852.70.5.225AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-70-5-225.compute-1.amazonaws.comnan
59151.101.1.131San FranciscoCaliforniaAS54113 Fastly94107United Statestier_31nanTrue

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website