Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 117 118 232 0 0 2020-12-21 64.32.8.70 Chrome
tier domain count registrar name_servers org
0 tier_1 javupto.net 1 ! #1 Host Canada, Inc. NS1.DNSNUTS.COM None
1 tier_1 ahirugama.net 1 eNom2, Inc. NS1.DNSNUTS.COM The Management Group II
2 tier_1 kamibbs.biz 1 UdomainName.com LLC ns2.dnsnuts.com None
3 tier_1 gorgeoustrends.net 1 Free Drop Zone LLC NS1.DNSNUTS.COM None
4 tier_1 hsplay.net 1 Bonam Fortunam Domains, LLC NS1.DNSNUTS.COM None
5 tier_1 digitaldartsco.com 1 eNomEU, Inc. NS1.DNSNUTS.COM None
6 tier_1 ilbaa.com 1 Domaining Oro, LLC NS1.DNSNUTS.COM The Management Group II
7 tier_1 digitalapeel.com 1 Namesource LLC NS1.DNSNUTS.COM None
8 tier_1 lostuyos.net 1 Domaining Oro, LLC NS1.DNSNUTS.COM The Management Group II
9 tier_1 makeaboard.net 1 TravelDomains, Incorporated NS1.DNSNUTS.COM None
10 tier_3 turbo-pdf.com 12 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
11 tier_3 system-alert-notification.com 5 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
12 tier_3 track.vcdc.com 4 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
13 tier_3 boot-upcompletely-theprogressivefile.best 3 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
14 tier_3 boot-upprecise-theintenselyfile.best 3 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
15 tier_3 vpnprime.net 2 NAMECHEAP INC NS-1167.AWSDNS-17.ORG WhoisGuard, Inc.
16 tier_3 google.com_LOOP_1 2 None None None
17 tier_3 maccleanbooster.com 2 NAMECHEAP INC NS-1293.AWSDNS-33.ORG WhoisGuard, Inc.
18 tier_3 kbb.com 2 CSC CORPORATE DOMAINS, INC. PDNS164.ULTRADNS.BIZ Autotrader.com
19 tier_3 macys.com 2 Network Solutions, LLC A1-135.AKAM.NET Macy's Systems and Technology, Inc.
20 tier_2 clk.rtpdn12.com 16 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
21 tier_2 click.junmediadirect.com 14 NAMECHEAP INC NS1.LINODE.COM WhoisGuard, Inc.
22 tier_2 click.expmediadirect.com 12 NameCheap, Inc. NS1.LINODE.COM None
23 tier_2 track.vcdc.com 11 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
24 tier_2 rqhere2.com 10 NAMECHEAP INC JEROME.NS.CLOUDFLARE.COM WhoisGuard, Inc.
25 tier_2 build.mediapicker.com 8 GoDaddy.com, LLC RAQUEL.NS.CLOUDFLARE.COM Domains By Proxy, LLC
26 tier_2 euphe-gun.com 6 Amazon Registrar, Inc. NS-1325.AWSDNS-37.ORG Whois Privacy Service
27 tier_2 infopicked.com 4 NAMECHEAP INC NS0.DNSMADEEASY.COM WhoisGuard, Inc.
28 tier_2 btpnative.com 4 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnative.com
29 tier_2 dprtb.com 3 GoDaddy.com, LLC NS1.DNSIMPLE.COM Domains By Proxy, LLC
ip city region org postal country_name tier count hostname
0 207.244.67.216 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 16 nan
1 207.244.67.215 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 10 nan
2 207.244.67.218 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 8 nan
3 207.244.67.214 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 4 nan
4 185.107.56.59 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 2 nan
5 185.107.56.57 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 2 nan
6 37.48.65.151 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 2 nan
7 37.48.65.150 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 1 nan
8 185.107.56.60 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 1 nan
9 37.48.65.148 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 1 nan
10 178.128.246.195 Amsterdam North Holland AS14061 DigitalOcean, LLC 1012 Netherlands tier_3 17 nan
11 75.101.207.6 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_3 8 ec2-75-101-207-6.compute-1.amazonaws.com
12 195.201.92.254 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_3 4 static.254.92.201.195.clients.your-server.de
13 13.225.222.26 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 2 server-13-225-222-26.jfk51.r.cloudfront.net
14 100.37.135.2 New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 2 pool-100-37-135-2.nycmny.fios.verizon.net
15 23.44.217.143 Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 2 a23-44-217-143.deploy.static.akamaitechnologies.com
16 23.41.189.63 Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 2 a23-41-189-63.deploy.static.akamaitechnologies.com
17 34.214.215.250 Portland Oregon AS16509 Amazon.com, Inc. 97293 United States tier_3 1 ec2-34-214-215-250.us-west-2.compute.amazonaws.com
18 3.15.168.232 Columbus Ohio AS16509 Amazon.com, Inc. 43221 United States tier_3 1 ec2-3-15-168-232.us-east-2.compute.amazonaws.com
19 13.225.222.16 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 1 server-13-225-222-16.jfk51.r.cloudfront.net
20 173.239.53.32 New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 18 nan
21 198.134.116.18 New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 14 nan
22 198.134.116.30 New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 12 nan
23 167.99.3.175 North Bergen New Jersey AS14061 DigitalOcean, LLC 07047 United States tier_2 10 nan
24 209.15.13.136 Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 9 nan
25 18.210.49.168 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 8 ec2-18-210-49-168.compute-1.amazonaws.com
26 173.192.101.24 Dallas Texas AS36351 SoftLayer Technologies Inc. 75270 United States tier_2 6 18.65.c0ad.ip4.static.sl-reverse.com
27 209.132.243.15 Los Angeles California AS7296 Alchemy Communications, Inc. 90009 United States tier_2 5 nan
28 144.76.0.242 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 4 static.242.0.76.144.clients.your-server.de
29 178.62.225.201 Amsterdam North Holland AS14061 DigitalOcean, LLC 1012 Netherlands tier_2 4 nan

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website