Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
02122097528152021-04-1474.63.241.23Chrome
tierdomaincountregistrarname_serversorg
0tier_1asiancams365.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
1tier_1darksideofthetune.com1Domain Lifestyle, LLCNS1.COMMONMX.COMNone
2tier_1allmomboy.com1ABOVE.COM PTY LTD.NS1.COMMONMX.COMNone
3tier_1akktif.com1OldTownDomains.com LLCNS1.COMMONMX.COMNone
4tier_1abuadzhan.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
5tier_1brooklyning.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
6tier_1dggfd.com1TUCOWS, INC.NS1.COMMONMX.COMContact Privacy Inc. Customer 0158502496
7tier_1elizabeth4idr10.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
8tier_1atlantisbio.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
9tier_1boonananexpress.com1TUCOWS, INC.NS1.COMMONMX.COMContact Privacy Inc. Customer 0159848537
10tier_2click.expmediadirect.com96NAMECHEAP INCNS1.LINODE.COMPrivacy service provided by Withheld for Privacy ehf
11tier_2rqhere2.com96NAMECHEAP INCJEROME.NS.CLOUDFLARE.COMPrivacy service provided by Withheld for Privacy ehf
12tier_21496.rawlexi.com39NoneNoneNone
13tier_2americanlisted.com37ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
14tier_2btpnav.com271API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
15tier_29nl.es20NoneNoneNone
16tier_2newre-conversions.clickmeter.com20REGISTER S.P.A.NS-1498.AWSDNS-59.ORGREDACTED FOR PRIVACY
17tier_2api.l5srv.net18GoDaddy.com, LLCNS53.DOMAINCONTROL.COMDomains By Proxy, LLC
18tier_2trk.jometer.com17Amazon Registrar, Inc.NS-129.AWSDNS-16.COMWhois Privacy Service
19tier_2melanthios-ana.com10Amazon Registrar, Inc.NS-1354.AWSDNS-41.ORGWhois Privacy Service
20tier_2click.unknownclick.com10NoneNoneNone
21tier_2rar.maxtrackmax.net7NAMECHEAP INCALINA.NS.CLOUDFLARE.COMPrivacy service provided by Withheld for Privacy ehf
22tier_2click.appcast.io6101Domain GRS LtdNS-85.AWSDNS-10.COMNone
23tier_2cash.admobe.com3GoDaddy.com, LLCRAQUEL.NS.CLOUDFLARE.COMDomains By Proxy, LLC
24tier_2ring.joveo.com3Go Canada Domains, LLCNS-1256.AWSDNS-29.ORGDomains By Proxy, LLC
25tier_2rd.bizrate.com3MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
26tier_2rd.connexity.net3NoneNoneNone
27tier_2api.apptap.com2Amazon Registrar, Inc.NS-1256.AWSDNS-29.ORGWhois Privacy Service
28tier_2api.mplayit.com2Amazon Registrar, Inc.NS-1236.AWSDNS-26.ORGWhois Privacy Service
29tier_2redirect.viglink.com2Amazon Registrar, Inc.NS1.VIGLINK.COMWhois Privacy Service
30tier_3ecnoandmlive.club55NAMECHEAP INCmolly.ns.cloudflare.comPrivacy service provided by Withheld for Privacy ehf
31tier_3healthlark.club21NAMECHEAP INCmolly.ns.cloudflare.comPrivacy service provided by Withheld for Privacy ehf
32tier_3upward.careers18GoDaddy.com, LLCns21.domaincontrol.comDomains By Proxy, LLC
33tier_3yourhealthcall.club15NoneNoneNone
34tier_3google.com6MarkMonitor, Inc.NS1.GOOGLE.COMGoogle LLC
35tier_3boot-uprefined-bestcompletelyfile.best6NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
36tier_3us.tideri.com6united domains AGNS.UDAG.DENone
37tier_3thehealthcloud.club5NAMECHEAP INCmolly.ns.cloudflare.comPrivacy service provided by Withheld for Privacy ehf
38tier_3operateuber-thequickfile.best3NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
39tier_3signup.careersandjobs.co2GoDaddy.com, LLCalexis.ns.cloudflare.comDomains By Proxy, LLC
40tier_3click.appcast.io2101Domain GRS LtdNS-85.AWSDNS-10.COMNone
41tier_3americanlisted.com2ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
42tier_3belk.com2CSC CORPORATE DOMAINS, INC.DNS1.P08.NSONE.NETBelk Stores Services, Inc
43tier_3volvocars.com1CSC CORPORATE DOMAINS, INC.UDNS1.CSCDNS.NETVolvoCarCorporation
44tier_3rd.bizrate.com1MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
45tier_3mactoolsfranchises.com1GoDaddy.com, LLCNS21.DOMAINCONTROL.COMus media digital
46tier_3boot-upcompletely-bestrefinedfile.best1NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
47tier_3browserimprovements.com1GoDaddy.com, LLCNS69.DOMAINCONTROL.COMDomains By Proxy, LLC
48tier_3signup.finddreamjobs.com1GoDaddy.com, LLCALEXIS.NS.CLOUDFLARE.COMFind Dream Jobs
49tier_3offer.alibaba.com1Alibaba Cloud Computing (Beijing) Co., Ltd.NS1.ALIBABADNS.COMNone
50tier_31496.rawlexi.com1NoneNoneNone
51tier_3nexxt.com1Network Solutions, LLCNS21.WORLDNIC.COMNone
52tier_3roamans.com1CSC CORPORATE DOMAINS, INC.PDNS1.ULTRADNS.NETFullBeauty Brands Operations, LLC
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0207.244.67.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_124nannan
1207.244.67.215WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_123nannan
2207.244.67.214WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_118nannan
3207.244.67.218WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_118nannan
4104.243.45.190New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_110nannan
5104.243.45.179New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_19nannan
6104.243.45.178New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_18nannan
7206.221.176.184New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_17nannan
8185.107.56.197RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_14nannan
974.63.241.25DallasTexasAS46475 Limestone Networks, Inc.75270United Statestier_1325-241-63-74.static.reverse.lstn.netnan
10198.134.116.30New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_296nannan
11167.99.3.175North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_296nannan
12198.54.112.216San JoseCaliforniaAS22612 Namecheap, Inc.95103United Statestier_31nannan
1335.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_32240.61.209.35.bc.googleusercontent.comnan
14209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_227nannan
1567.227.173.37LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_218nannan
1654.235.205.204AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_212ec2-54-235-205-204.compute-1.amazonaws.comnan
1754.197.247.190AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_211ec2-54-197-247-190.compute-1.amazonaws.comnan
1818.208.62.125AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_210ec2-18-208-62-125.compute-1.amazonaws.comnan
1923.21.166.45AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_29ec2-23-21-166-45.compute-1.amazonaws.comnan
2023.21.53.13AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_28ec2-23-21-53-13.compute-1.amazonaws.comnan
2199.84.114.65NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_28server-99-84-114-65.ewr52.r.cloudfront.netnan
22107.20.106.95AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_27ec2-107-20-106-95.compute-1.amazonaws.comnan
2354.208.107.202AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_26ec2-54-208-107-202.compute-1.amazonaws.comnan
2418.235.67.128AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_25ec2-18-235-67-128.compute-1.amazonaws.comnan
25192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_31rd.bizrate.comnan
2699.84.114.17NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_24server-99-84-114-17.ewr52.r.cloudfront.netnan
2752.44.196.184AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_23ec2-52-44-196-184.compute-1.amazonaws.comnan
28209.132.243.15Los AngelesCaliforniaAS7296 Alchemy Communications, Inc.90009United Statestier_23nannan
2999.84.114.53NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_23server-99-84-114-53.ewr52.r.cloudfront.netnan
30104.21.25.171San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_341nanTrue
3167.227.172.40LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_318nannan
32172.67.134.105San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_314nanTrue
33172.67.141.5San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_312nanTrue
34104.21.19.102San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_311nanTrue
35172.67.185.192San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_310nanTrue
363.233.37.12AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_37ec2-3-233-37-12.compute-1.amazonaws.comnan
3735.246.171.123Frankfurt am MainHesseAS15169 Google LLC60311Germanytier_36123.171.246.35.bc.googleusercontent.comnan
38104.21.11.113San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_34nanTrue
39142.250.80.4New York CityNew YorkAS15169 Google LLC10004United Statestier_34lga34s33-in-f4.1e100.netnan
4034.196.206.149AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_33ec2-34-196-206-149.compute-1.amazonaws.comnan
41104.21.54.180San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_33nanTrue
42104.21.10.65San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
433.234.0.165AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_32ec2-3-234-0-165.compute-1.amazonaws.comnan
4435.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_32240.61.209.35.bc.googleusercontent.comnan
45151.101.1.131San FranciscoCaliforniaAS54113 Fastly94107United Statestier_32nanTrue
46172.217.12.164CliftonNew JerseyAS15169 Google LLC07015United Statestier_31lga25s62-in-f4.1e100.netnan
47184.87.71.70NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31a184-87-71-70.deploy.static.akamaitechnologies.comnan
48192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_31rd.bizrate.comnan
49142.93.2.250North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_31usmedia.holbihost.comnan
50172.67.191.250San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
51172.217.10.68CliftonNew JerseyAS15169 Google LLC07015United Statestier_31lga34s14-in-f4.1e100.netnan
52159.89.47.47CliftonNew JerseyAS14061 DigitalOcean, LLC07014United Statestier_31nannan
53104.17.48.14San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
5423.193.196.210New York CityNew YorkAS16625 Akamai Technologies, Inc.10004United Statestier_31a23-193-196-210.deploy.static.akamaitechnologies.comnan
55198.54.112.216San JoseCaliforniaAS22612 Namecheap, Inc.95103United Statestier_31nannan
5668.168.84.60NorristownPennsylvaniaAS17378 TierPoint, LLC19403United Statestier_3160.84.168.68.static.dbsintl.netnan
5764.71.161.151AshburnVirginiaAS393259 Yottaa, Inc20149United Statestier_31nannan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website