Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
02672719740132021-04-1774.63.241.23Android
tierdomaincountregistrarname_serversorg
0tier_1serviciosjr.co1GoDaddy.com, LLCns2.commonmx.comNone
1tier_1tpremium.me1Dynadot, LLCNoneNone
2tier_1abuadzhan.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
3tier_1englishfluency.co1GoDaddy.com, LLCns2.commonmx.comNone
4tier_152stu.me1Dynadot, LLCNoneNone
5tier_1beritbart.com1ABOVE.COM PTY LTD.NS1.COMMONMX.COMNone
6tier_1rebell.co1GoDaddy.com, LLCns2.commonmx.comNone
7tier_1basicschoolnews.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
8tier_1zhuoqiang.me1GoDaddy.com, LLCNoneNone
9tier_1mediatechblog.net1GoDaddy.com, LLCNS1.COMMONMX.COMNone
10tier_2aristo-hag.com168Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGWhois Privacy Service
11tier_2btpnav.com1561API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
12tier_2atnpx.com114GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMDomains By Proxy, LLC
13tier_2ad.doubleclick.net26MarkMonitor, Inc.NS1.GOOGLE.COMGoogle Inc.
14tier_2media-px.com17GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMDomains By Proxy, LLC
15tier_2track.vcdc.com9Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
16tier_2servedby.flashtalking.com7MESH DIGITAL LIMITEDNS1.P09.DYNECT.NETFlashtalking, Inc.
17tier_2click.expmediadirect.com6NAMECHEAP INCNS1.LINODE.COMPrivacy service provided by Withheld for Privacy ehf
18tier_263139.click.validclick.net5Safenames LtdNS1.FULLMAILBOX.COMNone
19tier_263028.click.validclick.net4Safenames LtdNS1.FULLMAILBOX.COMNone
20tier_263086.click.validclick.net4Safenames LtdNS1.FULLMAILBOX.COMNone
21tier_2btpnative.com41API GmbHNS1.DNSIMPLE.COMRegistrant of btpnative.com
22tier_2infopicked.com4NAMECHEAP INCNS0.DNSMADEEASY.COMPrivacy service provided by Withheld for Privacy ehf
23tier_2api.apptap.com4Amazon Registrar, Inc.NS-1256.AWSDNS-29.ORGWhois Privacy Service
24tier_263084.click.validclick.net3Safenames LtdNS1.FULLMAILBOX.COMNone
25tier_22893.rawlexi.com3NoneNoneNone
26tier_2awakeningsco.com3NoneNoneNone
27tier_2api.mplayit.com3Amazon Registrar, Inc.NS-1236.AWSDNS-26.ORGWhois Privacy Service
28tier_2redirect.viglink.com3Amazon Registrar, Inc.NS1.VIGLINK.COMWhois Privacy Service
29tier_2link.sylikes.com3MarkMonitor, Inc.NS-1063.AWSDNS-04.ORGConnexity, Inc.
30tier_3kbb.com90CSC CORPORATE DOMAINS, INC.PDNS164.ULTRADNS.BIZAutotrader.com
31tier_3robogarden.io33GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMNone
32tier_3storystudio.sfgate.com22CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
33tier_3irl.com13GoDaddy.com, LLCNS-106.AWSDNS-13.COMDomains By Proxy, LLC
34tier_3socalhondadealers.com7DREAMHOSTNS1.DREAMHOST.COMProxy Protection LLC
35tier_3neuvoo.com2MarkMonitor, Inc.NS-1302.AWSDNS-34.ORGTalent.com
36tier_3aristo-hag.com1Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGNone
37tier_3pzelq.hotboysnearby.com1Amazon Registrar, Inc.NS-1405.AWSDNS-47.ORGNone
38tier_3a.dollarsurvey365.online1URL Solutions Inc.CRYSTAL.NS.CLOUDFLARE.COMNone
39tier_3m.placesiteb.xyz1NoneNoneNone
40tier_3m.thomann.de1NoneNoneNone
41tier_3bedbathandbeyond.com1Network Solutions, LLCA1-189.AKAM.NETBed Bath & Beyond Procurement Co. Inc.
42tier_3win4.trustedpush.com1NAMECHEAP INCNS-1142.AWSDNS-14.ORGPrivacy service provided by Withheld for Privacy ehf
43tier_3reebok.com1CSC CORPORATE DOMAINS, INC.NS1.NETNAMES.NETReebok International, Ltd.
44tier_3citypass.com_LOOP_11NoneNoneNone
45tier_3orthofeet.com1Network Solutions, LLCNS27.WORLDNIC.COMORTHOFEET INC.
46tier_3harryanddavid.com_LOOP_11NoneNoneNone
47tier_3b.gladspaceplane.xyz1Epik LLCMARJORY.NS.CLOUDFLARE.COMAnonymize, Inc.
48tier_3win5.trustedpush.com1NAMECHEAP INCNS-1142.AWSDNS-14.ORGPrivacy service provided by Withheld for Privacy ehf
49tier_3ram21.proasdf.com1GoDaddy.com, LLCNS61.DOMAINCONTROL.COMDomains By Proxy, LLC
50tier_3beyourxfriend.com1GoDaddy.com, LLCNS0.DNSMADEEASY.COMNone
51tier_3ad.doubleclick.net1MarkMonitor, Inc.NS1.GOOGLE.COMGoogle Inc.
52tier_3b.funmapd.xyz1NoneNoneNone
53tier_3moneyfinancegold.com1NAMECHEAP INCANNA.NS.CLOUDFLARE.COMPrivacy service provided by Withheld for Privacy ehf
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0207.244.67.215WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_130nannan
1207.244.67.218WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_127nannan
2207.244.67.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_126nannan
3207.244.67.214WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_125nannan
4104.243.45.178New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_112nannan
5206.221.176.184New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_111nannan
6104.243.45.190New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_19nannan
7104.243.45.179New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_19nannan
8185.107.56.198RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_15nannan
982.192.82.228AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_14nannan
10209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_2161nannan
1134.197.176.2AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_256ec2-34-197-176-2.compute-1.amazonaws.comnan
12104.26.10.53San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_248nanTrue
1352.72.29.7AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_241ec2-52-72-29-7.compute-1.amazonaws.comnan
1418.235.67.128AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-18-235-67-128.compute-1.amazonaws.comnan
15104.26.11.53San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_239nanTrue
1654.208.107.202AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_236ec2-54-208-107-202.compute-1.amazonaws.comnan
17172.67.74.77San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_227nanTrue
18204.44.79.214Los AngelesCaliforniaAS8100 QuadraNet Enterprises LLC90014United Statestier_222204.44.79.214.static.quadranet.comnan
19172.67.134.220San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_215nanTrue
20172.217.3.102WestburyNew YorkAS15169 Google LLC11590United Statestier_214lga34s18-in-f6.1e100.netnan
21167.233.8.197NürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_29static.197.8.233.167.clients.your-server.denan
22172.217.9.230CliftonNew JerseyAS15169 Google LLC07015United Statestier_27lga34s11-in-f6.1e100.netnan
23198.134.116.30New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_26nannan
24159.127.43.26WashingtonWashington, D.C.AS25751 Conversant, Inc.20045United Statestier_26nannan
25192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_26rd.bizrate.comnan
26172.217.10.6WestburyNew YorkAS15169 Google LLC11590United Statestier_25lga34s12-in-f6.1e100.netnan
2713.224.208.81PhiladelphiaPennsylvaniaAS16509 Amazon.com, Inc.19099United Statestier_25server-13-224-208-81.phl50.r.cloudfront.netnan
28205.185.216.42DallasTexasAS20446 Highwinds Network Group, Inc.75201United Statestier_24map2.hwcdn.netTrue
29173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_2418.65.c0ad.ip4.static.sl-reverse.comnan
3023.1.205.179EdisonNew JerseyAS16625 Akamai Technologies, Inc.08817United Statestier_354a23-1-205-179.deploy.static.akamaitechnologies.comnan
3123.44.217.143NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_336a23-44-217-143.deploy.static.akamaitechnologies.comnan
32151.101.0.200San FranciscoCaliforniaAS54113 Fastly94107United Statestier_322nanTrue
33172.67.172.143San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_319nanTrue
34104.21.80.8San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_314nanTrue
3535.174.35.73AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_34ec2-35-174-35-73.compute-1.amazonaws.comnan
36100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_34pool-100-37-135-2.nycmny.fios.verizon.netnan
3734.207.4.240AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_33ec2-34-207-4-240.compute-1.amazonaws.comnan
38167.172.139.120North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_33nannan
3967.207.81.229North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_32nannan
4052.73.153.209AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_32ec2-52-73-153-209.compute-1.amazonaws.comnan
41104.18.82.149San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
4254.205.240.192AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-54-205-240-192.compute-1.amazonaws.comnan
4318.235.67.128AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-18-235-67-128.compute-1.amazonaws.comnan
4434.192.40.54AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-34-192-40-54.compute-1.amazonaws.comnan
4554.163.119.112AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-54-163-119-112.compute-1.amazonaws.comnan
46157.245.242.152North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_31nannan
47104.26.15.226San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
48104.18.81.149San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
49157.245.84.7North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_31nannan
5052.203.36.44AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-203-36-44.compute-1.amazonaws.comnan
5152.73.87.228AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-73-87-228.compute-1.amazonaws.comnan
52212.204.75.167MunichBavariaAS8767 M-net Telekommunikations GmbH80331Germanytier_31m.thomann.denan
5323.38.173.123NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31a23-38-173-123.deploy.static.akamaitechnologies.comnan
5423.44.210.223EdisonNew JerseyAS16625 Akamai Technologies, Inc.08817United Statestier_31a23-44-210-223.deploy.static.akamaitechnologies.comnan
55167.172.136.193North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_31nannan
5623.227.38.74OttawaOntarioAS13335 Cloudflare, Inc.K2PCanadatier_31nanTrue
57162.243.10.151New York CityNew YorkAS14061 DigitalOcean, LLC10011United Statestier_31nannan
5818.232.246.222AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-18-232-246-222.compute-1.amazonaws.comnan
5945.33.8.244RichardsonTexasAS63949 Linode, LLC75080United Statestier_31li962-244.members.linode.comnan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website