Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 162 171 414 0 0 2020-12-20 64.32.8.68 Safari
tier domain count registrar name_servers org
0 tier_1 magnetkitty.com 1 Domainshop LLC NS1.DNSNUTS.COM None
1 tier_1 2dads.tv 1 Deep Sea Domains LLC NS1.DNSNUTS.COM None
2 tier_1 torrentbuzz.net 1 Hang Ten Domains, LLC NS1.DNSNUTS.COM None
3 tier_1 subfeed.net 1 Magnolia Domains, LLC NS1.DNSNUTS.COM None
4 tier_1 makeupforlady.com 1 SNAPNAMES 28, LLC NS1.DNSNUTS.COM None
5 tier_1 badmuckingfastard.com 1 Domain Bazaar LLC NS1.DNSNUTS.COM None
6 tier_1 chepicks.com 1 Gold Domain Names LLC NS1.DNSNUTS.COM None
7 tier_1 honyolar.com 1 NamePal.com #8024, LLC NS1.DNSNUTS.COM None
8 tier_1 skookumgames.com 1 Flancrestdomains.com LLC NS1.DNSNUTS.COM None
9 tier_1 pornrelax.net 1 Coral Reef Domains LLC NS1.DNSNUTS.COM None
10 tier_2 dprtb.com 35 GoDaddy.com, LLC NS1.DNSIMPLE.COM Domains By Proxy, LLC
11 tier_2 1496.wcitianka.com 33 GoDaddy Online Services Cayman Islands LTD NS-1096.AWSDNS-09.ORG None
12 tier_2 americanlisted.com 31 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
13 tier_2 build.mediapicker.com 23 GoDaddy.com, LLC RAQUEL.NS.CLOUDFLARE.COM Domains By Proxy, LLC
14 tier_2 click.appcast.io 19 101Domain GRS Ltd NS-85.AWSDNS-10.COM None
15 tier_2 click.expmediadirect.com 18 None None None
16 tier_2 click.junmediadirect.com 10 NAMECHEAP INC NS1.LINODE.COM WhoisGuard, Inc.
17 tier_2 rd.windwardjobs.com 8 GoDaddy.com, LLC NS1045.UI-DNS.BIZ Domains By Proxy, LLC
18 tier_2 feed.int.jobble.com 5 GoDaddy.com, LLC NS-1238.AWSDNS-26.ORG Domains By Proxy, LLC
19 tier_2 track.vcdc.com 5 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
20 tier_3 boot-upprecise-theintenselyfile.best 4 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
21 tier_3 click.appcast.io 3 101Domain GRS Ltd NS-85.AWSDNS-10.COM None
22 tier_3 amazon.force.com 3 MarkMonitor, Inc. PCH1.SALESFORCE-DNS.COM Salesforce.com, Inc.
23 tier_3 streamswiftcompletelypro.best 3 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
24 tier_3 feed.int.jobble.com 3 GoDaddy.com, LLC NS-1238.AWSDNS-26.ORG Domains By Proxy, LLC
25 tier_3 streamspeedycompletelypro.best 3 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
26 tier_3 cmp.jobs 3 None NS1.LINODE.COM None
27 tier_3 storestrongheavilyapplication.icu 3 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
28 tier_3 boot-upintensely-thefreefile.best 3 None None None
29 tier_3 streamcompletelyswiftpro.best 3 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
ip city region org postal country_name tier count hostname anycast
0 207.244.67.215 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 17 nan nan
1 207.244.67.218 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 17 nan nan
2 207.244.67.216 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 11 nan nan
3 207.244.67.214 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 11 nan nan
4 185.107.56.60 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 3 nan nan
5 185.107.56.58 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 2 nan nan
6 37.48.65.150 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 2 nan nan
7 64.32.8.69 Los Angeles California AS46844 Sharktech 90009 United States tier_1 2 customer.sharktech.net nan
8 185.107.56.57 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 1 nan nan
9 37.48.65.148 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 1 nan nan
10 209.15.13.136 Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 39 nan nan
11 198.54.112.216 San Jose California AS22612 Namecheap, Inc. 95103 United States tier_2 34 nan nan
12 35.209.61.240 Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_3 2 240.61.209.35.bc.googleusercontent.com nan
13 18.210.49.168 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 23 ec2-18-210-49-168.compute-1.amazonaws.com nan
14 198.134.116.30 New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 18 nan nan
15 198.134.116.18 New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 10 nan nan
16 3.211.178.164 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_3 2 ec2-3-211-178-164.compute-1.amazonaws.com nan
17 34.194.75.233 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 9 ec2-34-194-75-233.compute-1.amazonaws.com nan
18 52.54.3.79 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 7 ec2-52-54-3-79.compute-1.amazonaws.com nan
19 52.86.208.245 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 7 ec2-52-86-208-245.compute-1.amazonaws.com nan
20 75.101.207.6 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_3 23 ec2-75-101-207-6.compute-1.amazonaws.com nan
21 100.37.135.2 New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 6 pool-100-37-135-2.nycmny.fios.verizon.net nan
22 45.33.72.236 Morris Plains New Jersey AS63949 Linode, LLC 07927 United States tier_3 3 li1018-236.members.linode.com nan
23 34.214.35.2 Portland Oregon AS16509 Amazon.com, Inc. 97293 United States tier_3 2 ec2-34-214-35-2.us-west-2.compute.amazonaws.com nan
24 3.211.178.164 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_3 2 ec2-3-211-178-164.compute-1.amazonaws.com nan
25 92.223.21.73 Luxembourg Luxembourg AS199524 G-Core Labs S.A. L-1882 Luxembourg tier_3 2 ed-sl-b73.fe.core.pw nan
26 35.209.61.240 Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_3 2 240.61.209.35.bc.googleusercontent.com nan
27 158.69.76.164 Montréal Quebec AS16276 OVH SAS H3A Canada tier_3 1 nan nan
28 35.246.171.123 Frankfurt am Main Hesse AS15169 Google LLC 60311 Germany tier_3 1 123.171.246.35.bc.googleusercontent.com nan
29 104.27.178.5 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 nan True

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website