Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
01451494330132021-04-1564.32.8.68Safari
tierdomaincountregistrarname_serversorg
0tier_1forumbds.net1Namesource LLCNS1.DNSNUTS.COMNone
1tier_1brasilonline.tv1Sterling Domains LLCNS1.DNSNUTS.COMNone
2tier_1freeporntop.com1Bounce Pass Domains LLCNS1.DNSNUTS.COMNone
3tier_1brickerenterprise.com1NamePal.com #8011, LLCNS1.DNSNUTS.COMNone
4tier_1cuocsong365.net1Flancrestdomains.com LLCNS1.DNSNUTS.COMNone
5tier_1gamespottingnetworks.com1SNAPNAMES 50, LLCNS1.DNSNUTS.COMNone
6tier_1ausujet.com1Domain Name Root LLCNS1.DNSNUTS.COMNone
7tier_1colrut.com1SNAPNAMES 65, LLCNS1.DNSNUTS.COMNone
8tier_1dl4warez.com1NamePal.com #8013, LLCNS1.DNSNUTS.COMNone
9tier_1dragonflyscans.org1AtlanticFriendNames.com LLCNS1.DNSNUTS.COMThe Management Group II
10tier_2btpnav.com341API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
11tier_2click.expmediadirect.com29NAMECHEAP INCNS1.LINODE.COMPrivacy service provided by Withheld for Privacy ehf
12tier_2nizephoros-pom.com29Amazon Registrar, Inc.NS-1192.AWSDNS-21.ORGWhois Privacy Service
13tier_2aristo-hag.com21Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGWhois Privacy Service
14tier_2asufij.xyz17NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
15tier_2hureseyd.top13NameSilo, LLCns1.selectel.orgSee PrivacyGuardian.org
16tier_2clk.rtpdn12.com11NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
17tier_2blockchain-com.email9NameSilo, LLCns1.selectel.orgSee PrivacyGuardian.org
18tier_2managerformula.com9NoneNoneNone
19tier_2track.vcdc.com8Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
20tier_2api.apptap.com5Amazon Registrar, Inc.NS-1256.AWSDNS-29.ORGWhois Privacy Service
21tier_2api.mplayit.com5Amazon Registrar, Inc.NS-1236.AWSDNS-26.ORGWhois Privacy Service
22tier_2redirect.viglink.com5Amazon Registrar, Inc.NS1.VIGLINK.COMWhois Privacy Service
23tier_2link.sylikes.com5MarkMonitor, Inc.NS-1063.AWSDNS-04.ORGConnexity, Inc.
24tier_2trk.qads.io4NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMNone
25tier_2btpnative.com41API GmbHNS1.DNSIMPLE.COMRegistrant of btpnative.com
26tier_2infopicked.com4NAMECHEAP INCNS0.DNSMADEEASY.COMPrivacy service provided by Withheld for Privacy ehf
27tier_2rtbstream.com41API GmbHNS1.DNSIMPLE.COMRegistrant of rtbstream.com
28tier_2mega.affiliate-dash.com4NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
29tier_2storage-for-mobileapps.life3NoneNoneNone
30tier_3managerformula.com20NameCheap, Inc.DNS1.REGISTRAR-SERVERS.COMNone
31tier_3xzb.subeamy.pw17NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
32tier_3s3.amazonaws.com9MarkMonitor, Inc.R1.AMAZONAWS.COMAmazon.com, Inc.
33tier_3tripleprofit-zone.life5NoneNoneNone
34tier_3blockchain-com.email4NameSilo, LLCns1.selectel.orgSee PrivacyGuardian.org
35tier_3runnewest-bestextremelyfile.best4NoneNoneNone
36tier_3play.google.com3NoneNoneNone
37tier_3bing.com3NoneNoneNone
38tier_3rd.bizrate.com3NoneNoneNone
39tier_3app.tbbg.io2NoneNoneNone
40tier_3kbb.com2CSC CORPORATE DOMAINS, INC.PDNS164.ULTRADNS.BIZAutotrader.com
41tier_3music.apple.com1CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
42tier_3bestsecretflirt.com1GoDaddy.com, LLCNS0.DNSMADEEASY.COMNone
43tier_3flyfreecostas.live1NoneNoneNone
44tier_3gamebassadorslink.com1Google LLCNS-CLOUD-D1.GOOGLEDOMAINS.COMContact Privacy Inc. Customer 1244656034
45tier_3fanatics.com1MarkMonitor, Inc.A1-147.AKAM.NETFanatics Inc.
46tier_3volume.com1DYNADOT LLCA.NS.VOLUME.COMNone
47tier_3om.forgeofempires.com1INWX GmbH & Co. KGNS.INWX.DEREDACTED FOR PRIVACY
48tier_3nizephoros-pom.com1Amazon Registrar, Inc.NS-1192.AWSDNS-21.ORGNone
49tier_3thredup.com1GoDaddy.com, LLCMATT.NS.CLOUDFLARE.COMThredUp Inc.
50tier_3mergerinvesting.com1NoneNoneNone
iphostnamecityregionorgpostalcountry_nametiercountanycast
064.32.8.70customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_118nan
164.32.8.69customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_112nan
2185.107.56.57nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_111nan
364.32.8.67customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_111nan
4185.107.56.60nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_19nan
5185.107.56.59nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_19nan
664.32.8.68customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_18nan
7185.107.56.58nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_14nan
8209.15.13.136nanTorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_242nan
9198.134.116.30nanNew York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_229nan
1034.197.176.2ec2-34-197-176-2.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_214nan
1154.208.107.202ec2-54-208-107-202.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_213nan
12185.233.2.13nanSaint PetersburgSt.-PetersburgAS48096 Enterprise Cloud Ltd.190000Russiatier_213nan
1318.235.67.128ec2-18-235-67-128.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_212nan
14173.239.53.32nanNew York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_212nan
1552.72.29.7ec2-52-72-29-7.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31nan
165.8.47.52nanHaarlemNorth HollandAS209813 Fast Content Delivery LTD2031Netherlandstier_34True
17167.233.8.197static.197.8.233.167.clients.your-server.deNürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_28nan
1852.33.20.119ec2-52-33-20-119.us-west-2.compute.amazonaws.comBoardmanOregonAS16509 Amazon.com, Inc.97818United Statestier_27nan
19192.138.218.207rd.bizrate.comSeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_33nan
2044.241.50.49ec2-44-241-50-49.us-west-2.compute.amazonaws.comBoardmanOregonAS16509 Amazon.com, Inc.97818United Statestier_26nan
2134.234.217.229ec2-34-234-217-229.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_26nan
22212.32.250.2nanAmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_24nan
23173.192.101.2418.65.c0ad.ip4.static.sl-reverse.comDallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_24nan
2444.239.66.208ec2-44-239-66-208.us-west-2.compute.amazonaws.comBoardmanOregonAS16509 Amazon.com, Inc.97818United Statestier_24nan
2552.207.48.224ec2-52-207-48-224.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_24nan
263.222.66.193ec2-3-222-66-193.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_24nan
2745.77.159.20245.77.159.202.vultr.comNew York CityNew YorkAS20473 The Constant Company, LLC10004United Statestier_23nan
2835.165.21.241ec2-35-165-21-241.us-west-2.compute.amazonaws.comBoardmanOregonAS16509 Amazon.com, Inc.97818United Statestier_310nan
2952.88.215.122ec2-52-88-215-122.us-west-2.compute.amazonaws.comBoardmanOregonAS16509 Amazon.com, Inc.97818United Statestier_37nan
3023.200.0.5a23-200-0-5.deploy.static.akamaitechnologies.comEdisonNew JerseyAS20940 Akamai International B.V.08817United Statestier_37nan
3123.200.0.41a23-200-0-41.deploy.static.akamaitechnologies.comEdisonNew JerseyAS20940 Akamai International B.V.08817United Statestier_35nan
3231.184.202.185nanHaarlemNorth HollandAS209813 Fast Content Delivery LTD2031Netherlandstier_35True
335.8.47.52nanHaarlemNorth HollandAS209813 Fast Content Delivery LTD2031Netherlandstier_34True
3452.20.53.118ec2-52-20-53-118.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_34nan
3523.200.0.39a23-200-0-39.deploy.static.akamaitechnologies.comEdisonNew JerseyAS20940 Akamai International B.V.08817United Statestier_33nan
36172.217.10.14lga34s12-in-f14.1e100.netWestburyNew YorkAS15169 Google LLC11590United Statestier_33nan
37204.79.197.200a-0001.a-msedge.netRedmondWashingtonAS8068 Microsoft Corporation98052United Statestier_33True
38192.138.218.207rd.bizrate.comSeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_33nan
39172.232.19.200a172-232-19-200.deploy.static.akamaitechnologies.comNewarkNew JerseyAS20940 Akamai International B.V.07175United Statestier_33nan
4023.44.217.143a23-44-217-143.deploy.static.akamaitechnologies.comNewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_32nan
4123.200.0.13a23-200-0-13.deploy.static.akamaitechnologies.comEdisonNew JerseyAS20940 Akamai International B.V.08817United Statestier_32nan
4252.216.184.221s3-1.amazonaws.comAshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_32nan
4352.217.16.222s3-1.amazonaws.comAshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_32nan
44172.217.10.243lga25s59-in-f19.1e100.netCliftonNew JerseyAS15169 Google LLC07015United Statestier_31nan
45172.217.165.147lga25s70-in-f19.1e100.netNew York CityNew YorkAS15169 Google LLC10004United Statestier_31nan
46100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_31nan
4752.217.48.238s3-1.amazonaws.comAshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31nan
4852.216.92.133s3-1.amazonaws.comAshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31nan
4952.217.14.134s3-1.amazonaws.comAshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31nan
5088.80.185.92li678-92.members.linode.comLondonEnglandAS63949 Linode, LLCEC1AUnited Kingdomtier_31nan
515.189.217.135nanHaarlemNorth HollandAS209813 Fast Content Delivery LTD2031Netherlandstier_31nan
5252.217.197.40s3-1.amazonaws.comAshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31nan
5335.227.255.150150.255.227.35.bc.googleusercontent.comKansas CityMissouriAS15169 Google LLC64121United Statestier_31True
54184.87.65.240a184-87-65-240.deploy.static.akamaitechnologies.comNewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31nan
55104.22.70.250nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31True
56212.48.98.37nanHamburgHamburgAS8893 Artfiles New Media GmbH20038Germanytier_31nan
5752.72.29.7ec2-52-72-29-7.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website