Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
02632729560142021-04-1774.63.241.23Iphone
tierdomaincountregistrarname_serversorg
0tier_1serviciosjr.co1GoDaddy.com, LLCns2.commonmx.comNone
1tier_1100mdollarclub.co1Dynadot LLCns2.commonmx.comNone
2tier_1tpremium.me1Dynadot, LLCNoneNone
3tier_1abuadzhan.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
4tier_1englishfluency.co1GoDaddy.com, LLCns2.commonmx.comNone
5tier_152stu.me1Dynadot, LLCNoneNone
6tier_1beritbart.com1ABOVE.COM PTY LTD.NS1.COMMONMX.COMNone
7tier_1rebell.co1GoDaddy.com, LLCns2.commonmx.comNone
8tier_1balabalabags.co1Dynadot LLCns2.commonmx.comNone
9tier_1basicschoolnews.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
10tier_2aristo-hag.com86Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGWhois Privacy Service
11tier_2btpnav.com751API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
12tier_2click.expmediadirect.com70NAMECHEAP INCNS1.LINODE.COMPrivacy service provided by Withheld for Privacy ehf
13tier_2atnpx.com68GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMDomains By Proxy, LLC
14tier_2api.apptap.com19Amazon Registrar, Inc.NS-1256.AWSDNS-29.ORGWhois Privacy Service
15tier_2api.quotes.com18Internet Domain Service BS Corp.NS-CANADA.TOPDNS.COMWhois Privacy Corp.
16tier_2changeslots.com18Instra Corporation Pty Ltd.CLEO.NS.CLOUDFLARE.COMREDACTED FOR PRIVACY
17tier_2ad.doubleclick.net18MarkMonitor, Inc.NS1.GOOGLE.COMGoogle Inc.
18tier_2redirect.viglink.com17Amazon Registrar, Inc.NS1.VIGLINK.COMWhois Privacy Service
19tier_2exporimy.com17GoDaddy.com, LLCNS-1145.AWSDNS-15.ORGDomains By Proxy, LLC
20tier_2sorrectionki.space17NoneNoneNone
21tier_2link.sylikes.com15NoneNoneNone
22tier_2rd.bizrate.com13MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
23tier_2rd.connexity.net11NoneNoneNone
24tier_2api.mplayit.com11Amazon Registrar, Inc.NS-1236.AWSDNS-26.ORGWhois Privacy Service
25tier_2btpnative.com101API GmbHNS1.DNSIMPLE.COMRegistrant of btpnative.com
26tier_2infopicked.com10NAMECHEAP INCNS0.DNSMADEEASY.COMPrivacy service provided by Withheld for Privacy ehf
27tier_2security-rd.com9NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
28tier_2web-shield-club.com8NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
29tier_2apptime.xyz8NAMECHEAP INCPETE.NS.CLOUDFLARE.COMPrivacy service provided by Withheld for Privacy ehf
30tier_3kbb.com63CSC CORPORATE DOMAINS, INC.PDNS164.ULTRADNS.BIZAutotrader.com
31tier_3bestappland.me36NAMECHEAP INCNoneNone
32tier_3theconnectvpn.com18DonDominio (SCIP)ARNOLD.NS.CLOUDFLARE.COMSoluciones Corporativas IP, c/o Whois Proxy
33tier_3theory.com12CSC CORPORATE DOMAINS, INC.NS0.DNSMADEEASY.COMTheory LLC
34tier_3irl.com10GoDaddy.com, LLCNS-106.AWSDNS-13.COMDomains By Proxy, LLC
35tier_3tackis.xyz9NAMECHEAP INCPETE.NS.CLOUDFLARE.COMPrivacy service provided by Withheld for Privacy ehf
36tier_3storystudio.sfgate.com8CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
37tier_3gramp.xyz5NAMECHEAP INCDAVID.NS.CLOUDFLARE.COMPrivacy service provided by Withheld for Privacy ehf
38tier_3robogarden.io5GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMNone
39tier_3bulley.shop3Namecheap, Inc.DAVID.NS.CLOUDFLARE.COMNone
40tier_3rd.bizrate.com2MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
41tier_3java.limitedtopoffers.com21&1 IONOS SERORY.NS.CLOUDFLARE.COM1&1 Internet Inc
42tier_3macys.com1Network Solutions, LLCA1-135.AKAM.NETMacy's Systems and Technology, Inc.
43tier_3theory.com_LOOP_11NoneNoneNone
44tier_3grabwebhosting.com1GoDaddy.com, LLCNS1.MYSECURECLOUDHOST.COMNone
45tier_3neuvoo.com1MarkMonitor, Inc.NS-1302.AWSDNS-34.ORGTalent.com
46tier_3aristo-hag.com1Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGNone
47tier_3tracking.s24.com1GANDI SASNS-1158.AWSDNS-16.ORGNone
48tier_3vitalydesign.com1GoDaddy.com, LLCNS11.DOMAINCONTROL.COMVitaly Design Ltd.
49tier_3ballarddesigns.com_LOOP_11NoneNoneNone
50tier_3citypass.com_LOOP_11NoneNoneNone
51tier_3click.expmediadirect.com1NoneNoneNone
52tier_3filter.onwardclick.com1NAMECHEAP INCNS1.ENCONTEXT.COMPrivacy service provided by Withheld for Privacy ehf
53tier_3uniqlo.com11API GmbHNS-1415.AWSDNS-48.ORGNone
54tier_3clkmg.com1GoDaddy.com, LLCNS1.SOFTLAYER.COMClickMagick, Inc.
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0207.244.67.214WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_136nannan
1207.244.67.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_121nannan
2207.244.67.218WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_121nannan
3207.244.67.215WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_119nannan
4206.221.176.184New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_112nannan
5104.243.45.178New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_111nannan
6104.243.45.190New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_19nannan
7104.243.45.179New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_17nannan
837.48.65.151AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_16nannan
9185.107.56.199RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_15nannan
10209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_286nannan
11198.134.116.30New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_270nannan
1234.197.176.2AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_239ec2-34-197-176-2.compute-1.amazonaws.comnan
13104.26.10.53San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_228nanTrue
14192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_32rd.bizrate.comnan
15104.26.11.53San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_222nanTrue
1654.208.107.202AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_221ec2-54-208-107-202.compute-1.amazonaws.comnan
175.79.68.236AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_218nannan
1834.207.32.33AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_218ec2-34-207-32-33.compute-1.amazonaws.comnan
1918.235.67.128AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-18-235-67-128.compute-1.amazonaws.comnan
20172.67.74.77San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_218nanTrue
2134.202.14.39AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_217ec2-34-202-14-39.compute-1.amazonaws.comnan
2252.72.29.7AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_214ec2-52-72-29-7.compute-1.amazonaws.comnan
23173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_21218.65.c0ad.ip4.static.sl-reverse.comnan
24192.138.218.139SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_211rd.connexity.netnan
253.85.252.251AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_211ec2-3-85-252-251.compute-1.amazonaws.comnan
2654.197.172.17AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_211ec2-54-197-172-17.compute-1.amazonaws.comnan
273.224.109.140AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_210ec2-3-224-109-140.compute-1.amazonaws.comnan
28173.239.53.32New York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_210nannan
2954.84.4.127AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_29ec2-54-84-4-127.compute-1.amazonaws.comnan
3023.44.217.143NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_362a23-44-217-143.deploy.static.akamaitechnologies.comnan
31142.93.4.215North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_336nannan
32104.21.91.236San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_312nanTrue
3323.73.239.49EdisonNew JerseyAS16625 Akamai Technologies, Inc.08817United Statestier_312a23-73-239-49.deploy.static.akamaitechnologies.comnan
34151.101.0.200San FranciscoCaliforniaAS54113 Fastly94107United Statestier_38nanTrue
35172.67.189.184San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_37nanTrue
36172.67.181.234San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_36nanTrue
37104.21.92.190San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_33nanTrue
38100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_33pool-100-37-135-2.nycmny.fios.verizon.netnan
39104.21.80.8San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_33nanTrue
40104.21.65.93San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
41172.67.197.33San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
42192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_32rd.bizrate.comnan
43104.21.25.197San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
44172.67.172.143San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
4552.73.153.209AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_32ec2-52-73-153-209.compute-1.amazonaws.comnan
4623.41.189.63NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31a23-41-189-63.deploy.static.akamaitechnologies.comnan
4752.203.36.44AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-203-36-44.compute-1.amazonaws.comnan
4852.73.87.228AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-73-87-228.compute-1.amazonaws.comnan
49167.172.136.193North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_31nannan
50172.67.134.131San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
51104.21.28.174San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
52173.255.247.91FremontCaliforniaAS63949 Linode, LLC94536United Statestier_31r208.sfo7.mysecurecloudhost.comnan
53172.67.146.238San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
5467.207.81.229North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_31nannan
5554.211.44.127AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-54-211-44-127.compute-1.amazonaws.comnan
56161.35.60.200North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_31nannan
5718.235.67.128AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-18-235-67-128.compute-1.amazonaws.comnan
5854.205.240.192AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-54-205-240-192.compute-1.amazonaws.comnan
595.11.50.201Frankfurt am MainHesseAS47215 Filoo GmbH60311Germanytier_315-11-50-201.reverse.cust.as47215.netnan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website