Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
01321374580142021-04-1964.32.8.68Android
tierdomaincountregistrarname_serversorg
0tier_1bugpoint.net1eNom413, IncorporatedNS1.DNSNUTS.COMNone
1tier_1garden-variety.net1EUNameFlood.com LLCNS1.DNSNUTS.COMNone
2tier_1ciliguai.com1eNom437, IncorporatedNS1.DNSNUTS.COMThe Management Group II
3tier_1aharonic.net1Gradeadomainnames.com LLCNS1.DNSNUTS.COMNone
4tier_1albumkings.net1Snoqulamiedomains.com LLCNS1.DNSNUTS.COMThe Management Group II
5tier_1fudgebananaswirl.com1Name Connection Spot LLCNS1.DNSNUTS.COMThe Management Group II
6tier_1bagustekno.net1Zone of Domains LLCNS1.DNSNUTS.COMNone
7tier_1aiss.cc1Top Shelf Domains LLCNS1.DNSNUTS.COMNone
8tier_1dashitz.com1Name Nelly, LLCNS1.DNSNUTS.COMNone
9tier_1guias-trucos-juegos.com1SNAPNAMES 24, LLCNS1.DNSNUTS.COMNone
10tier_2aristo-hag.com58Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGWhois Privacy Service
11tier_2track.vcdc.com56Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
12tier_2atnpx.com47GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMDomains By Proxy, LLC
13tier_2api.apptap.com15Amazon Registrar, Inc.NS-1256.AWSDNS-29.ORGWhois Privacy Service
14tier_2redirect.viglink.com15Amazon Registrar, Inc.NS1.VIGLINK.COMWhois Privacy Service
15tier_2link.sylikes.com15MarkMonitor, Inc.NS-1063.AWSDNS-04.ORGConnexity, Inc.
16tier_2btpnav.com131API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
17tier_2clk.rtpdn12.com11NoneNoneNone
18tier_2rd.bizrate.com10MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
19tier_2rd.connexity.net9NoneNoneNone
20tier_2api.mplayit.com6Amazon Registrar, Inc.NS-1236.AWSDNS-26.ORGWhois Privacy Service
21tier_2rd.connexity.net_LOOP_14NoneNoneNone
22tier_2overstock.com3NoneNoneNone
23tier_263084.click.validclick.net3Safenames LtdNS1.FULLMAILBOX.COMNone
24tier_2click.junmediadirect.com3NoneNoneNone
25tier_2click.expmediadirect.com2NAMECHEAP INCNS1.LINODE.COMPrivacy service provided by Withheld for Privacy ehf
26tier_2tq.adventurefeeds.com2GoDaddy.com, LLCNS75.DOMAINCONTROL.COMDomains By Proxy, LLC
27tier_2clk.rtpdn12.com_LOOP_12NoneNoneNone
28tier_262887.click.validclick.net2Safenames LtdNS1.FULLMAILBOX.COMNone
29tier_262992.click.validclick.net2Safenames LtdNS1.FULLMAILBOX.COMNone
30tier_3kbb.com30CSC CORPORATE DOMAINS, INC.PDNS164.ULTRADNS.BIZAutotrader.com
31tier_3robogarden.io17GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMNone
32tier_3storystudio.sfgate.com10CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
33tier_3rd.bizrate.com5MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
34tier_3overstock.com4NoneNoneNone
35tier_3overstock.com_LOOP_13NoneNoneNone
36tier_3fanatics.com2NoneNoneNone
37tier_3a.dollarsurvey365.online1URL Solutions Inc.CRYSTAL.NS.CLOUDFLARE.COMNone
38tier_3amazon.com1NoneNoneNone
39tier_3filter.onwardclick.com1NAMECHEAP INCNS1.ENCONTEXT.COMPrivacy service provided by Withheld for Privacy ehf
40tier_3win3.trustedpush.com1NAMECHEAP INCNS-1142.AWSDNS-14.ORGPrivacy service provided by Withheld for Privacy ehf
41tier_3ram21.proasdf.com1GoDaddy.com, LLCNS61.DOMAINCONTROL.COMDomains By Proxy, LLC
42tier_3beyourxfriend.com1GoDaddy.com, LLCNS0.DNSMADEEASY.COMNone
43tier_3track.vcdc.com1Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
44tier_3fanatics.com_LOOP_11NoneNoneNone
iphostnamecityregionorgpostalcountry_nametiercountanycast
064.32.8.68customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_119nan
164.32.8.70customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_118nan
2185.107.56.60nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_110nan
3185.107.56.57nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_19nan
464.32.8.67customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_17nan
564.32.8.69customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_17nan
6185.107.56.58nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_16nan
7185.107.56.59nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_13nan
8167.233.8.197static.197.8.233.167.clients.your-server.deNürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_31nan
9192.138.218.207rd.bizrate.comSeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_35nan
10172.67.74.77nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_218True
1154.208.107.202ec2-54-208-107-202.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_217nan
1218.235.67.128ec2-18-235-67-128.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_216nan
13209.15.13.136nanTorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_215nan
1452.72.29.7ec2-52-72-29-7.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_215nan
15104.26.10.53nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_215True
16104.26.11.53nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_214True
17173.239.53.32nanNew York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_31nan
183.224.109.140ec2-3-224-109-140.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_212nan
1934.197.176.2ec2-34-197-176-2.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_211nan
20204.44.79.214204.44.79.214.static.quadranet.comLos AngelesCaliforniaAS8100 QuadraNet Enterprises LLC90014United Statestier_210nan
2134.195.100.186ec2-34-195-100-186.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_29nan
22192.138.218.139rd.connexity.netSeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_29nan
23100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_35nan
243.223.13.191ec2-3-223-13-191.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_26nan
2554.84.4.127ec2-54-84-4-127.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_25nan
2654.197.172.17ec2-54-197-172-17.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_24nan
2723.195.109.38a23-195-109-38.deploy.static.akamaitechnologies.comEdisonNew JerseyAS16625 Akamai Technologies, Inc.08817United Statestier_32nan
2823.36.197.209a23-36-197-209.deploy.static.akamaitechnologies.comPhiladelphiaPennsylvaniaAS16625 Akamai Technologies, Inc.19099United Statestier_326nan
29104.21.80.8nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_311True
30151.101.0.200nanSan FranciscoCaliforniaAS54113 Fastly94107United Statestier_310True
31172.67.172.143nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_36True
32100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_35nan
33192.138.218.207rd.bizrate.comSeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_35nan
3423.1.205.179a23-1-205-179.deploy.static.akamaitechnologies.comEdisonNew JerseyAS16625 Akamai Technologies, Inc.08817United Statestier_34nan
3523.208.217.38a23-208-217-38.deploy.static.akamaitechnologies.comEdisonNew JerseyAS16625 Akamai Technologies, Inc.08817United Statestier_32nan
3623.195.109.38a23-195-109-38.deploy.static.akamaitechnologies.comEdisonNew JerseyAS16625 Akamai Technologies, Inc.08817United Statestier_32nan
3723.51.160.222a23-51-160-222.deploy.static.akamaitechnologies.comPhiladelphiaPennsylvaniaAS16625 Akamai Technologies, Inc.19099United Statestier_32nan
38104.26.15.226nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31True
3999.84.37.174server-99-84-37-174.ewr52.r.cloudfront.netNewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31nan
40173.239.53.32nanNew York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_31nan
41162.243.10.151nanNew York CityNew YorkAS14061 DigitalOcean, LLC10011United Statestier_31nan
4245.33.8.244li962-244.members.linode.comRichardsonTexasAS63949 Linode, LLC75080United Statestier_31nan
43167.233.8.197static.197.8.233.167.clients.your-server.deNürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_31nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website