Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
01461535300132021-04-1664.32.8.68Android
tierdomaincountregistrarname_serversorg
0tier_1emhdf.com1EastEndDomains, LLCNS1.DNSNUTS.COMNone
1tier_1brasilonline.tv1Sterling Domains LLCNS1.DNSNUTS.COMNone
2tier_1constitutionalsummitusa.com1Domainsofvalue.com LLCNS1.DNSNUTS.COMNone
3tier_1fnanon.com1SNAPNAMES 76, LLCNS1.DNSNUTS.COMNone
4tier_1gamespottingnetworks.com1SNAPNAMES 50, LLCNS1.DNSNUTS.COMNone
5tier_1deresute-japan.com1SNAPNAMES 47, LLCNS1.DNSNUTS.COMNone
6tier_1colrut.com1SNAPNAMES 65, LLCNS1.DNSNUTS.COMNone
7tier_1dl4warez.com1NamePal.com #8013, LLCNS1.DNSNUTS.COMNone
8tier_1123kingcash.com1YouDamain.com LLCNS1.DNSNUTS.COMNone
9tier_1flippaper.net1SNAPNAMES 22, LLCNS1.DNSNUTS.COMNone
10tier_2track.vcdc.com37Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
11tier_2api.apptap.com36Amazon Registrar, Inc.NS-1256.AWSDNS-29.ORGWhois Privacy Service
12tier_2aristo-hag.com35Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGWhois Privacy Service
13tier_2redirect.viglink.com29Amazon Registrar, Inc.NS1.VIGLINK.COMWhois Privacy Service
14tier_2link.sylikes.com28MarkMonitor, Inc.NS-1063.AWSDNS-04.ORGConnexity, Inc.
15tier_2api.mplayit.com23Amazon Registrar, Inc.NS-1236.AWSDNS-26.ORGWhois Privacy Service
16tier_2rd.bizrate.com21NoneNoneNone
17tier_2rd.connexity.net21NoneNoneNone
18tier_2click.expmediadirect.com17NAMECHEAP INCNS1.LINODE.COMPrivacy service provided by Withheld for Privacy ehf
19tier_2clk.rtpdn12.com10NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
20tier_2btpnative.com101API GmbHNS1.DNSIMPLE.COMRegistrant of btpnative.com
21tier_2infopicked.com10NAMECHEAP INCNS0.DNSMADEEASY.COMPrivacy service provided by Withheld for Privacy ehf
22tier_2btpnav.com101API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
23tier_2click.junmediadirect.com9NAMECHEAP INCNS1.LINODE.COMPrivacy service provided by Withheld for Privacy ehf
24tier_2nizephoros-pom.com7Amazon Registrar, Inc.NS-1192.AWSDNS-21.ORGNone
25tier_2get.popplunder.com7NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
26tier_2trustedpush.com7NAMECHEAP INCNS-1142.AWSDNS-14.ORGPrivacy service provided by Withheld for Privacy ehf
27tier_2win1.trustedpush.com7NAMECHEAP INCNS-1142.AWSDNS-14.ORGPrivacy service provided by Withheld for Privacy ehf
28tier_2win2.trustedpush.com5NAMECHEAP INCNS-1142.AWSDNS-14.ORGPrivacy service provided by Withheld for Privacy ehf
29tier_2lg.provenpixel.com41&1 IONOS SENS01.PROVENPIXEL.NET1&1 Internet Inc
30tier_3irl.com17GoDaddy.com, LLCNS-106.AWSDNS-13.COMDomains By Proxy, LLC
31tier_3storystudio.sfgate.com14CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
32tier_3frontgate.com9Network Solutions, LLCNS1.HSN.NETNone
33tier_3rd.bizrate.com8MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
34tier_3michaelkors.com7NOM-IQ Ltd dba Com LaudeA1-111.AKAM.NETMichael Kors, L.L.C.
35tier_3win3.trustedpush.com4NAMECHEAP INCNS-1142.AWSDNS-14.ORGPrivacy service provided by Withheld for Privacy ehf
36tier_3sandcloud.com21&1 IONOS SENS1051.UI-DNS.ORGSand Cloud Holdings LLC
37tier_3fanatics.com2MarkMonitor, Inc.A1-147.AKAM.NETFanatics Inc.
38tier_3win2.trustedpush.com2NameCheap, Inc.NS-1142.AWSDNS-14.ORGNone
39tier_3ads.midwayusa.com1GoDaddy.com, LLCNS-1486.AWSDNS-57.ORGMidwayUSA
40tier_3ram21.proasdf.com1GoDaddy.com, LLCNS61.DOMAINCONTROL.COMDomains By Proxy, LLC
41tier_3shopnsave.world_LOOP_11NoneNoneNone
42tier_362887.click.validclick.net1Safenames LtdNS1.FULLMAILBOX.COMNone
43tier_3m.fastmapc.xyz1Sav.comLLCHUGH.NS.CLOUDFLARE.COMPrivacy Protection
44tier_3win5.trustedpush.com1NAMECHEAP INCNS-1142.AWSDNS-14.ORGPrivacy service provided by Withheld for Privacy ehf
45tier_3fanatics.com_LOOP_11NoneNoneNone
46tier_3famous-smoke.com1GoDaddy.com, LLCIGOR.NS.CLOUDFLARE.COMFamous Smoke Shop-PA Inc
47tier_3catherines.com1CSC CORPORATE DOMAINS, INC.PDNS1.ULTRADNS.NETFullBeauty Brands Operations, LLC
48tier_3harryanddavid.com_LOOP_11NoneNoneNone
49tier_3chewy.com1Moniker Online Services LLCNS1.P02.DYNECT.NETChewy, Inc.
50tier_3google.com_LOOP_11NoneNoneNone
51tier_3venacbd.com_LOOP_11NoneNoneNone
52tier_3m.gladplacespin.xyz1Epik LLCMARJORY.NS.CLOUDFLARE.COMAnonymize, Inc.
53tier_3uniqlo.com11API GmbHNS-1415.AWSDNS-48.ORGNone
iphostnamecityregionorgpostalcountry_nametiercountanycast
064.32.8.70customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_115nan
164.32.8.67customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_113nan
264.32.8.68customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_113nan
3185.107.56.58nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_113nan
4185.107.56.60nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_18nan
5185.107.56.59nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_16nan
6185.107.56.57nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_16nan
764.32.8.69customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_16nan
8192.138.218.207rd.bizrate.comSeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_38nan
9167.233.8.197static.197.8.233.167.clients.your-server.deNürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_237nan
1054.84.4.127ec2-54-84-4-127.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_229nan
11192.138.218.139rd.connexity.netSeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_221nan
12209.15.13.136nanTorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_221nan
13198.134.116.30nanNew York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_217nan
143.222.66.193ec2-3-222-66-193.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_216nan
153.224.109.140ec2-3-224-109-140.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_216nan
16204.44.79.214204.44.79.214.static.quadranet.comLos AngelesCaliforniaAS8100 QuadraNet Enterprises LLC90014United Statestier_214nan
1754.197.172.17ec2-54-197-172-17.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_214nan
1854.208.107.202ec2-54-208-107-202.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_213nan
1934.197.176.2ec2-34-197-176-2.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_213nan
2052.21.176.105ec2-52-21-176-105.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_213nan
2199.84.114.98server-99-84-114-98.ewr52.r.cloudfront.netNewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_32nan
22173.239.53.32nanNew York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_211nan
23173.192.101.2418.65.c0ad.ip4.static.sl-reverse.comDallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_210nan
2452.72.29.7ec2-52-72-29-7.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_210nan
25198.134.116.18nanNew York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_29nan
2618.235.67.128ec2-18-235-67-128.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_29nan
2734.199.180.187ec2-34-199-180-187.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_27nan
28151.101.0.200nanSan FranciscoCaliforniaAS54113 Fastly94107United Statestier_314True
29100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_310nan
30192.138.218.207rd.bizrate.comSeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_38nan
3123.73.245.89a23-73-245-89.deploy.static.akamaitechnologies.comEdisonNew JerseyAS16625 Akamai Technologies, Inc.08817United Statestier_37nan
3267.207.80.24nanNorth BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_35nan
3323.51.164.169a23-51-164-169.deploy.static.akamaitechnologies.comPhiladelphiaPennsylvaniaAS16625 Akamai Technologies, Inc.19099United Statestier_35nan
34100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_34nan
3552.73.153.209ec2-52-73-153-209.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_34nan
3667.207.81.229nanNorth BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_33nan
3799.84.114.98server-99-84-114-98.ewr52.r.cloudfront.netNewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_32nan
3823.51.191.213a23-51-191-213.deploy.static.akamaitechnologies.comPhiladelphiaPennsylvaniaAS16625 Akamai Technologies, Inc.19099United Statestier_31nan
3954.166.113.21ec2-54-166-113-21.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31nan
4023.51.160.222a23-51-160-222.deploy.static.akamaitechnologies.comPhiladelphiaPennsylvaniaAS16625 Akamai Technologies, Inc.19099United Statestier_31nan
41162.243.10.151nanNew York CityNew YorkAS14061 DigitalOcean, LLC10011United Statestier_31nan
42104.18.79.149nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31True
4352.203.36.44ec2-52-203-36-44.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31nan
44104.18.64.79nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31True
45167.172.136.193nanNorth BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_31nan
46204.2.133.113nanSan JoseCaliforniaAS393259 Yottaa, Inc95103United Statestier_31nan
47184.87.65.240a184-87-65-240.deploy.static.akamaitechnologies.comNewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31nan
4899.84.114.35server-99-84-114-35.ewr52.r.cloudfront.netNewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31nan
4954.205.240.192ec2-54-205-240-192.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31nan
5023.51.170.9a23-51-170-9.deploy.static.akamaitechnologies.comPhiladelphiaPennsylvaniaAS16625 Akamai Technologies, Inc.19099United Statestier_31nan
51104.18.80.149nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31True
5223.201.25.61a23-201-25-61.deploy.static.akamaitechnologies.comNewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31nan
5364.227.12.111nanNorth BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_31nan
5452.73.87.228ec2-52-73-87-228.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31nan
5534.74.48.250250.48.74.34.bc.googleusercontent.comNorth CharlestonSouth CarolinaAS15169 Google LLC29415United Statestier_31nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website