Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

1. Overall statistics
   1. Number of domains detected
   2. Number of domains detected by Google Safe Browsing
   3. IP address behind entry-level domains
   4. date of collection
2. Top 10 domain statistics
   1. count (number of redirection paths that contain this domain)
   2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
   3. registar
   4. organization
3. Top 10 IP statistics
   1. count
   2. location (city, country, region)
   3. hostname
   4. organization
4. Consolidated redirection path
   1. green: tier one domain
   2. yellow: tier two domain
   3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	199	202	690	0	10	2021-04-14	74.63.241.23	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	asiancams365.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
1	tier_1	darksideofthetune.com	1	Domain Lifestyle, LLC	NS1.COMMONMX.COM	None
2	tier_1	allmomboy.com	1	ABOVE.COM PTY LTD.	NS1.COMMONMX.COM	None
3	tier_1	akktif.com	1	OldTownDomains.com LLC	NS1.COMMONMX.COM	None
4	tier_1	abuadzhan.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
5	tier_1	brooklyning.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
6	tier_1	craiglisttampa.com	1	SNAPNAMES 2, LLC	NS1.COMMONMX.COM	None
7	tier_1	dggfd.com	1	None	None	None
8	tier_1	elizabeth4idr10.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
9	tier_1	atlantisbio.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
10	tier_2	rqhere2.com	117	NAMECHEAP INC	JEROME.NS.CLOUDFLARE.COM	Privacy service provided by Withheld for Privacy ehf
11	tier_2	click.expmediadirect.com	116	NAMECHEAP INC	NS1.LINODE.COM	Privacy service provided by Withheld for Privacy ehf
12	tier_2	1496.rawlexi.com	28	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
13	tier_2	americanlisted.com	28	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
14	tier_2	btpnav.com	18	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
15	tier_2	9nl.es	13	None	None	None
16	tier_2	newre-conversions.clickmeter.com	13	REGISTER S.P.A.	NS-1498.AWSDNS-59.ORG	REDACTED FOR PRIVACY
17	tier_2	click.appcast.io	9	101Domain GRS Ltd	NS-85.AWSDNS-10.COM	None
18	tier_2	ring.joveo.com	6	Go Canada Domains, LLC	NS-1256.AWSDNS-29.ORG	Domains By Proxy, LLC
19	tier_2	click.joveo.com	4	Go Canada Domains, LLC	NS-1256.AWSDNS-29.ORG	Domains By Proxy, LLC
20	tier_2	jobdiagnosis.com	3	GoDaddy.com, LLC	10.SUCURIDNS.COM	VHMnetwork LLC
21	tier_2	click.junmediadirect.com	3	NAMECHEAP INC	NS1.LINODE.COM	Privacy service provided by Withheld for Privacy ehf
22	tier_2	us.tideri.com	3	united domains AG	NS.UDAG.DE	None
23	tier_2	trk.jometer.com	3	Amazon Registrar, Inc.	NS-129.AWSDNS-16.COM	Whois Privacy Service
24	tier_2	api.apptap.com	2	Amazon Registrar, Inc.	NS-1256.AWSDNS-29.ORG	Whois Privacy Service
25	tier_2	api.mplayit.com	2	Amazon Registrar, Inc.	NS-1236.AWSDNS-26.ORG	Whois Privacy Service
26	tier_2	redirect.viglink.com	2	Amazon Registrar, Inc.	NS1.VIGLINK.COM	Whois Privacy Service
27	tier_2	link.sylikes.com	2	MarkMonitor, Inc.	NS-1063.AWSDNS-04.ORG	Connexity, Inc.
28	tier_2	clk.rtpdn12.com	2	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
29	tier_2	p.nexxt.com	2	Network Solutions, LLC	NS21.WORLDNIC.COM	None
30	tier_3	thehealthcloud.club	70	NAMECHEAP INC	molly.ns.cloudflare.com	Privacy service provided by Withheld for Privacy ehf
31	tier_3	yourhealthcall.club	47	None	None	None
32	tier_3	us.tideri.com	4	united domains AG	NS.UDAG.DE	None
33	tier_3	click.joveo.com	4	Go Canada Domains, LLC	NS-1256.AWSDNS-29.ORG	Domains By Proxy, LLC
34	tier_3	homeadvisorpros.com	3	GoDaddy.com, LLC	ARYA.NS.CLOUDFLARE.COM	Service Magic Inc
35	tier_3	google.com	3	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google LLC
36	tier_3	careerbuilder.com	3	CSC CORPORATE DOMAINS, INC.	BROCK.CBJOBS.NET	CareerBuilder, LLC
37	tier_3	signup.finddreamjobs.com	2	GoDaddy.com, LLC	ALEXIS.NS.CLOUDFLARE.COM	Find Dream Jobs
38	tier_3	upward.careers	2	GoDaddy.com, LLC	ns21.domaincontrol.com	Domains By Proxy, LLC
39	tier_3	trk.careerbliss.com	1	GoDaddy.com, LLC	NS10.DNSMADEEASY.COM	Domains By Proxy, LLC
40	tier_3	s3.amazonaws.com	1	None	None	None
41	tier_3	rd.bizrate.com	1	None	None	None
42	tier_3	linkup.com	1	GoDaddy.com, LLC	NS-102.AWSDNS-12.COM	JobDig
43	tier_3	getstarjobs.getitcorporate.com	1	GoDaddy.com, LLC	NS-CLOUD-E1.GOOGLEDOMAINS.COM	Get It LLC
44	tier_3	rqhere2.com	1	NAMECHEAP INC	JEROME.NS.CLOUDFLARE.COM	Privacy service provided by Withheld for Privacy ehf
45	tier_3	monster.com	1	CSC CORPORATE DOMAINS, INC.	NS1.TMPW.NET	Monster Worldwide, Inc.
46	tier_3	jobleads.com	1	united domains AG	CRUZ.NS.CLOUDFLARE.COM	None
47	tier_3	charterseniorliving.jobaline.com	1	GoDaddy.com, LLC	NS-1232.AWSDNS-26.ORG	Jobaline Inc.
48	tier_3	us.jobtome.com	1	GoDaddy.com, LLC	CHRIS.NS.CLOUDFLARE.COM	None
49	tier_3	ballarddesigns.com_LOOP_1	1	None	None	None

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	26	nan	nan
1	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	22	nan	nan
2	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	22	nan	nan
3	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	20	nan	nan
4	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	11	nan	nan
5	206.221.176.184	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	10	nan	nan
6	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	8	nan	nan
7	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	6	nan	nan
8	74.63.241.19	Dallas	Texas	AS46475 Limestone Networks, Inc.	75270	United States	tier_1	3	19-241-63-74.static.reverse.lstn.net	nan
9	185.107.56.200	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	2	nan	nan
10	167.99.3.175	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	1	nan	nan
11	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	116	nan	nan
12	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	28	nan	nan
13	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_2	28	240.61.209.35.bc.googleusercontent.com	nan
14	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	18	nan	nan
15	23.21.166.45	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	9	ec2-23-21-166-45.compute-1.amazonaws.com	nan
16	23.21.53.13	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	7	ec2-23-21-53-13.compute-1.amazonaws.com	nan
17	54.235.205.204	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	6	ec2-54-235-205-204.compute-1.amazonaws.com	nan
18	3.234.0.165	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	4	ec2-3-234-0-165.compute-1.amazonaws.com	nan
19	54.197.247.190	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	4	ec2-54-197-247-190.compute-1.amazonaws.com	nan
20	13.33.46.15	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	3	server-13-33-46-15.ewr52.r.cloudfront.net	nan
21	192.124.249.12	Menifee	California	AS30148 Sucuri	92584	United States	tier_2	3	cloudproxy10012.sucuri.net	True
22	198.134.116.18	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	3	nan	nan
23	35.246.171.123	Frankfurt am Main	Hesse	AS15169 Google LLC	60311	Germany	tier_3	4	123.171.246.35.bc.googleusercontent.com	nan
24	100.25.52.1	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	3	ec2-100-25-52-1.compute-1.amazonaws.com	nan
25	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	1	rd.bizrate.com	nan
26	173.239.53.32	New York City	New York	AS27257 Webair Internet Development Company Inc.	10004	United States	tier_2	3	nan	nan
27	99.84.114.107	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-114-107.ewr52.r.cloudfront.net	nan
28	52.205.177.114	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	2	ec2-52-205-177-114.compute-1.amazonaws.com	nan
29	13.33.46.77	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	2	server-13-33-46-77.ewr52.r.cloudfront.net	nan
30	104.21.11.113	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	44	nan	True
31	104.21.54.180	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	27	nan	True
32	172.67.191.250	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	26	nan	True
33	172.67.141.5	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	20	nan	True
34	35.246.171.123	Frankfurt am Main	Hesse	AS15169 Google LLC	60311	Germany	tier_3	4	123.171.246.35.bc.googleusercontent.com	nan
35	104.16.10.24	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	3	nan	True
36	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	2	pool-100-37-135-2.nycmny.fios.verizon.net	nan
37	172.217.10.100	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_3	2	lga34s15-in-f4.1e100.net	nan
38	104.17.47.14	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	2	nan	True
39	99.84.114.81	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	2	server-99-84-114-81.ewr52.r.cloudfront.net	nan
40	67.227.172.40	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_3	2	nan	nan
41	99.84.47.14	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	2	server-99-84-47-14.ewr52.r.cloudfront.net	nan
42	172.217.10.132	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_3	1	lga34s16-in-f4.1e100.net	nan
43	207.38.44.116	Los Angeles	California	AS5693 Latisys-Irvine, LLC	90009	United States	tier_3	1	cbsmtp1.careerbliss.com	nan
44	99.84.114.4	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-114-4.ewr52.r.cloudfront.net	nan
45	52.216.152.198	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
46	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	1	rd.bizrate.com	nan
47	35.241.55.51	Kansas City	Missouri	AS15169 Google LLC	64121	United States	tier_3	1	51.55.241.35.bc.googleusercontent.com	True
48	167.99.3.175	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	1	nan	nan
49	99.84.114.107	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-114-107.ewr52.r.cloudfront.net	nan
50	99.84.47.94	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-47-94.ewr52.r.cloudfront.net	nan
51	194.6.195.224	Hamburg	Hamburg	AS39227 Corpex Internet GmbH	20038	Germany	tier_3	1	www.jobleads.de	nan
52	18.233.183.34	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-18-233-183-34.compute-1.amazonaws.com	nan
53	99.84.47.36	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-47-36.ewr52.r.cloudfront.net	nan
54	130.211.38.206	Kansas City	Missouri	AS15169 Google LLC	64121	United States	tier_3	1	206.38.211.130.bc.googleusercontent.com	True

Aggregated redirection graph of domains located on current IP address.

• The redirection flows from left to right
• Leftmost domains are initial domains hosted on current IP
• Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website