Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information. All tables and graphs are auto-generated.

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain

Content Warning: The following domain names and screenshots contain material that may be harmful or traumatizing to some audiences.

num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
01811799670192021-09-1037.48.65.149Iphone
tierdomaincountregistrarname_serversorg
0tier_1freeielts.net1GoDaddy.com, LLCNS1.COMMONMX.COMNone
1tier_1kptu.org1UDomainName.com LLCNS1.COMMONMX.COMStatutory Masking Enabled
2tier_1ekovehicle.com1SNAPNAMES 91, LLCNS1.COMMONMX.COMStatutory Masking Enabled
3tier_1oilhp.com1Domainsoftheworld.net LLCNS1.COMMONMX.COMNone
4tier_1editimage.org1NoneNoneNone
5tier_1alibaba-clone.com1TUCOWS, INC.NS1.COMMONMX.COMContact Privacy Inc. Customer 0160715831
6tier_1bitlockerutility.net1Ripcord Domains, LLCNS1.COMMONMX.COMNone
7tier_1hepl.me1GoDaddy.com, LLCNoneNone
8tier_1dialadriver.ph1NoneNoneNone
9tier_1follio.me1Communigal Communications Ltd.NoneNone
10tier_2btpnative.com591API GmbHNS1.DNSIMPLE.COMRegistrant of btpnative.com
11tier_2mybetterdl.com59NAMECHEAP INCNS0.DNSMADEEASY.COMRedacted for Privacy Purposes
12tier_2p274639.mybetterdl.com59NAMECHEAP INCNS0.DNSMADEEASY.COMRedacted for Privacy Purposes
13tier_2changeslots.com58Instra Corporation Pty Ltd.CLEO.NS.CLOUDFLARE.COMREDACTED FOR PRIVACY
14tier_2api.apptap.com57Amazon Registrar, Inc.NS-1256.AWSDNS-29.ORGWhois Privacy Service
15tier_2api.mplayit.com57Amazon Registrar, Inc.NS-1236.AWSDNS-26.ORGWhois Privacy Service
16tier_2redirect.viglink.com57Amazon Registrar, Inc.NS1.VIGLINK.COMWhois Privacy Service
17tier_2link.sylikes.com57MarkMonitor, Inc.NS-1063.AWSDNS-04.ORGConnexity, Inc.
18tier_2api.quotes.com56Internet Domain Service BS Corp.NS-CANADA.TOPDNS.COMWhois Privacy Corp.
19tier_2rd.bizrate.com43NoneNoneNone
20tier_2rd.connexity.net39NoneNoneNone
21tier_2rd.connexity.net_LOOP_130NoneNoneNone
22tier_2petcareclub.com29Rebel.comPDNS11.DOMAINCONTROL.COMPrivacy Hero Inc.
23tier_2bostonproper.com7Amazon Registrar, Inc.NS-117.AWSDNS-14.COMWhois Privacy Service
24tier_2c.clickprotects.com4GoDaddy.com, LLCNS63.DOMAINCONTROL.COMDomains By Proxy, LLC
25tier_211165151.addotnet.com4GoDaddy.com, LLCNS75.DOMAINCONTROL.COMDomains By Proxy, LLC
26tier_2geo.itunes.apple.com4CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
27tier_2itunes.apple.com4CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
28tier_2ww2.affinity.net3DOMAINPEOPLE, INC.NS-1183.AWSDNS-19.ORGWhoisProtector Inc.
29tier_2cj.dotomi.com3GoDaddy.com, LLCASIA9.AKAM.NETConversant LLC
30tier_3theconnectvpn.com58DonDominio (SCIP)ARNOLD.NS.CLOUDFLARE.COMSoluciones Corporativas IP, c/o Whois Proxy
31tier_3petcareclub.com_LOOP_129NoneNoneNone
32tier_3rd.bizrate.com14MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
33tier_3bostonproper.com_LOOP_17NoneNoneNone
34tier_3petcareclub.com4Rebel.comPDNS11.DOMAINCONTROL.COMPrivacy Hero Inc.
35tier_3music.apple.com4CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
36tier_3godaddy.com2GoDaddy.com, LLCA1-245.AKAM.NETGo Daddy Operating Company, LLC
37tier_3captcha-app.com2DANESCO TRADING LTDAIDEN.NS.CLOUDFLARE.COMDANESCO TRADING LTD.
38tier_3ww1.netfiex.com1Media Elite Holdings LimitedNS1.DNSNUTS.COMFundacion Privacy Services LTD
39tier_3replacements.com1Network Solutions, LLCJEREMY.NS.CLOUDFLARE.COMREPLACEMENTS, LTD
40tier_3brownells.com_LOOP_21NoneNoneNone
41tier_3theory.com1CSC CORPORATE DOMAINS, INC.NS0.DNSMADEEASY.COMTheory LLC
42tier_3myfood.ltd1NoneNoneNone
43tier_3citypass.com_LOOP_11NoneNoneNone
44tier_3booking.com1MarkMonitor, Inc.NS0.BKNGS.COMBooking.com B.V.
45tier_3avenue.com1CSC CORPORATE DOMAINS, INC.PDNS81.ULTRADNS.BIZAvenue Online LLC
46tier_3shopnsave.world1NoneNoneNone
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0162.210.196.166WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_114nannan
1199.115.115.119WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_113nannan
2207.244.67.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_112nannan
3162.210.196.168WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_111nannan
4162.210.196.167WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_111nannan
5207.244.67.218WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_110nannan
6199.115.116.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_110nannan
7199.115.115.102WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_18nannan
8199.115.115.118WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_16nannan
9207.244.67.214WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_16nannan
10173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_211818.65.c0ad.ip4.static.sl-reverse.comnan
11192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_314rd.bizrate.comnan
12209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_260nannan
1318.204.186.203AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_258ec2-18-204-186-203.compute-1.amazonaws.comnan
145.79.68.236AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_256nannan
153.94.243.95AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_247ec2-3-94-243-95.compute-1.amazonaws.comnan
16192.138.218.139SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_239rd.connexity.netnan
173.227.76.128AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_238ec2-3-227-76-128.compute-1.amazonaws.comnan
183.223.13.191AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_233ec2-3-223-13-191.compute-1.amazonaws.comnan
19100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_342pool-100-37-135-2.nycmny.fios.verizon.netnan
2044.196.82.117AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_229ec2-44-196-82-117.compute-1.amazonaws.comnan
21192.124.249.108MenifeeCaliforniaAS30148 Sucuri92584United Statestier_34cloudproxy10108.sucuri.netTrue
2234.195.100.186AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_224ec2-34-195-100-186.compute-1.amazonaws.comnan
23159.127.43.26WashingtonWashington, D.C.AS25751 Conversant, Inc.20045United Statestier_29nannan
24209.132.243.15Los AngelesCaliforniaAS7296 Alchemy Communications, Inc.90009United Statestier_28nannan
2523.14.153.3New York CityNew YorkAS16625 Akamai Technologies, Inc.10004United Statestier_24a23-14-153-3.deploy.static.akamaitechnologies.comnan
2623.60.0.23PiscatawayNew JerseyAS16625 Akamai Technologies, Inc.08854United Statestier_24a23-60-0-23.deploy.static.akamaitechnologies.comnan
2752.85.61.71NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_23server-52-85-61-71.ewr53.r.cloudfront.netnan
2852.85.61.40NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_23server-52-85-61-40.ewr53.r.cloudfront.netnan
29216.139.248.127AustinTexasAS32400 Hostway Services, Inc.78701United Statestier_23216-139-248-127.aus.us.siteprotect.comnan
30100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_342pool-100-37-135-2.nycmny.fios.verizon.netnan
31172.67.181.234San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_335nanTrue
32104.21.91.236San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_323nanTrue
33192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_314rd.bizrate.comnan
34192.124.249.108MenifeeCaliforniaAS30148 Sucuri92584United Statestier_34cloudproxy10108.sucuri.netTrue
35104.67.4.19New York CityNew YorkAS16625 Akamai Technologies, Inc.10004United Statestier_32a104-67-4-19.deploy.static.akamaitechnologies.comnan
36172.67.193.170San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
37199.59.242.153New York CityNew YorkAS395082 Bodis, LLC10004United Statestier_31nannan
38104.18.116.150San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
3923.73.244.103EdisonNew JerseyAS16625 Akamai Technologies, Inc.08817United Statestier_31a23-73-244-103.deploy.static.akamaitechnologies.comnan
4094.31.29.128LondonEnglandAS12989 StackPath LLCEC1AUnited Kingdomtier_3194.31.29.128.ipyx-077437-zyo.above.netTrue
41185.28.222.11WashingtonWashington, D.C.AS43996 Booking.com BV20045United Statestier_31nannan
42104.22.18.169San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
4367.227.241.125LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_31host.encontext.comnan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website