Malware Discoverer Homepage.

Malware Discoverer Github Page (not maintained since 2022-07-28).

Daily Threat Intelligence Report¶

Our automated systems crawls large number of domains every day to discover URL redirections, malicious final landing sites, and malvertizing campaigns.

This report contains following information.

  1. Summary statistics (number of domains crawled, date, on what IP and with what device)
  2. Top 40 discovered domain, sorted by occurrence
  3. Top 40 discovered IP, sorted by occurrence
  4. Consolidated redirection paths
    1. green: tier one domain (what a user clicks)
    2. yellow: tier two domain (intermediate servers)
    3. red: tier three domain (what a user sees in the end)
  5. Consolidated screenshots of final landing sites

Content Warning: Some domain names and screenshots contain material that may be harmful or traumatizing to some audiences.

  num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 87 80 202 0 0 2022-12-01 185.107.56.59 chrome
  tier domain count registrar name_servers org
0 tier_1 rail-garden.com 1 Entertainment Names, LLC NS1.DNSNUTS.COM None
1 tier_1 cx-5-carsite.com 1 DomainSprouts.com LLC NS1.DNSNUTS.COM None
2 tier_1 7zol.com 1 Savethename.com LLC NS1.DNSNUTS.COM None
3 tier_1 achromaticwebcomic.com 1 Name Find Source LLC NS1.DNSNUTS.COM None
4 tier_1 uberpron.com 1 SNAPNAMES 8, LLC NS1.DNSNUTS.COM None
5 tier_1 sushibarkanemochi.com 1 PacificDomains, LLC NS1.DNSNUTS.COM None
6 tier_1 gj-tao.com 1 Hawthornedomains.com LLC NS1.DNSNUTS.COM None
7 tier_1 breaworlds.com 1 Major League Domains, LLC NS1.DNSNUTS.COM None
8 tier_1 grungeblogs.com 1 SNAPNAMES 26, LLC NS1.DNSNUTS.COM None
9 tier_1 dirtyfitapparel.com 1 Compuglobalhypermega.com LLC NS1.DNSNUTS.COM None
10 tier_1 phoneitech.com 1 Fastball Domains LLC NS1.DNSNUTS.COM None
11 tier_1 usastations.com 1 SNAPNAMES 57, LLC NS1.DNSNUTS.COM None
12 tier_1 moreadventureholidays.co.uk 1 Fasthosts Internet Ltd [Tag = LIVEDOMAINS] n None
13 tier_1 amatue21.com 1 Soldierofonedomains.com, LLC NS1.DNSNUTS.COM None
14 tier_1 surfsup-shavedice.com 1 Klaatudomains.com LLC NS1.DNSNUTS.COM None
15 tier_1 vdb-decoration.com 1 Sliceofheaven Domains, LLC NS1.DNSNUTS.COM None
16 tier_1 unegi-travel.com 1 NamePal.com #8011, LLC NS1.DNSNUTS.COM None
17 tier_1 ymav7.com 1 DuckbilledDomains.com LLC NS1.DNSNUTS.COM None
18 tier_1 vangards.com 1 Sea Wasp, LLC NS1.DNSNUTS.COM Jewella Privacy LLC Privacy ID# 1097822
19 tier_1 x8movies.com 1 MidWestDomains, LLC NS1.DNSNUTS.COM None
20 tier_1 teknotakim.com 1 SNAPNAMES 80, LLC NS1.DNSNUTS.COM None
21 tier_1 mejarisushi.com 1 Domainamania.com LLC NS1.DNSNUTS.COM None
22 tier_1 oosakakyuushoku-kc.com 1 Entrust Domains, LLC NS1.DNSNUTS.COM None
23 tier_1 superseotips.com 1 GreenZoneDomains, LLC NS1.DNSNUTS.COM None
24 tier_1 energyformfactory.com 1 Gradeadomainnames.com LLC NS1.DNSNUTS.COM None
25 tier_1 henrys-bietigheim.com 1 NorthNames, LLC NS1.DNSNUTS.COM None
26 tier_1 diet-dance.com 1 Name Nelly, LLC NS1.DNSNUTS.COM None
27 tier_1 voguetide.com 1 Heavydomains.net LLC NS1.DNSNUTS.COM None
28 tier_1 autobinarysignalssoftwarereviews.com 1 Chipshot Domains LLC NS1.DNSNUTS.COM None
29 tier_1 sukansentral.com 1 SNAPNAMES 47, LLC NS1.DNSNUTS.COM None
30 tier_1 whoridesavespa.com 1 Domaincomesaround.com LLC NS1.DNSNUTS.COM None
31 tier_1 chiyojewel.com 1 SNAPNAMES 78, LLC NS1.DNSNUTS.COM None
32 tier_1 kanarianlove.com 1 SNAPNAMES 40, LLC NS1.DNSNUTS.COM None
33 tier_1 dload-apk.com 1 SNAPNAMES 54, LLC NS1.DNSNUTS.COM None
34 tier_1 toyotachile.com 1 Sea Wasp, LLC NS1.DNSNUTS.COM Jewella Privacy LLC Privacy ID# 1084432
35 tier_1 resourcecheatsheet.com 1 NotSoFamousNames.com LLC NS1.DNSNUTS.COM None
36 tier_1 teen-mail4free.com 1 SantiamDomains.com LLC NS1.DNSNUTS.COM None
37 tier_1 fitness-stock.com 1 Easy Street Domains, LLC NS1.DNSNUTS.COM None
38 tier_1 kouryakunosuke.com 1 Sharkweek Domains LLC NS1.DNSNUTS.COM None
39 tier_1 pro-auction-script.com 1 Domain Landing Zone LLC NS1.DNSNUTS.COM None
40 tier_2 c.clickprotects.com 17 GoDaddy.com, LLC NS63.DOMAINCONTROL.COM Domains By Proxy, LLC
41 tier_2 11165151.addotnet.com 17 GoDaddy.com, LLC NS75.DOMAINCONTROL.COM Domains By Proxy, LLC
42 tier_2 geo.itunes.apple.com 8 CSC CORPORATE DOMAINS, INC. A.NS.APPLE.COM Apple Inc.
43 tier_2 itunes.apple.com 8 CSC CORPORATE DOMAINS, INC. A.NS.APPLE.COM Apple Inc.
44 tier_2 11165151.searchiqnet.com 7 GoDaddy.com, LLC NS57.DOMAINCONTROL.COM Domains By Proxy, LLC
45 tier_2 r.ealeo.com 6 DYNADOT, LLC NS-1186.AWSDNS-20.ORG None
46 tier_2 rd.bizrate.com 6 MarkMonitor, Inc. NS-1189.AWSDNS-20.ORG Meredith Operations Corporation
47 tier_2 rd.connexity.net 6 MarkMonitor Inc. NS-1190.AWSDNS-20.ORG None
48 tier_2 c.adclickthru.net 5 GoDaddy.com, LLC NS75.DOMAINCONTROL.COM Domains By Proxy, LLC
49 tier_2 clickserve.dartsearch.net 5 MarkMonitor, Inc. NS1.GOOGLE.COM Google LLC
50 tier_2 ad.doubleclick.net 5 MarkMonitor Inc. NS1.GOOGLE.COM None
51 tier_2 dbc.pathroutes.com 5 GoDaddy.com, LLC NS75.DOMAINCONTROL.COM Domains By Proxy, LLC
52 tier_2 c.trafficcertify.com 2 GoDaddy.com, LLC NS75.DOMAINCONTROL.COM Domains By Proxy, LLC
53 tier_2 6102.xg4ken.com 2 GoDaddy.com, LLC DNS1.P02.NSONE.NET Domains By Proxy, LLC
54 tier_2 ww1.rail-garden.com 1 Entertainment Names, LLC NS1.DNSNUTS.COM None
55 tier_2 ww1.achromaticwebcomic.com 1 Name Find Source LLC NS1.DNSNUTS.COM None
56 tier_2 ww1.sushibarkanemochi.com 1 PacificDomains, LLC NS1.DNSNUTS.COM None
57 tier_2 ww1.usastations.com 1 SNAPNAMES 57, LLC NS1.DNSNUTS.COM None
58 tier_2 ww1.surfsup-shavedice.com 1 Klaatudomains.com LLC NS1.DNSNUTS.COM None
59 tier_2 ww1.unegi-travel.com 1 NamePal.com #8011, LLC NS1.DNSNUTS.COM None
60 tier_2 660.dragonparking.com 1 Alibaba Cloud Computing Ltd. d/b/a HiChina (www.net.cn) NS3.DNSV4.COM None
61 tier_2 ww1.mejarisushi.com 1 Domainamania.com LLC NS1.DNSNUTS.COM None
62 tier_2 ww1.energyformfactory.com 1 Gradeadomainnames.com LLC NS1.DNSNUTS.COM None
63 tier_2 ww1.henrys-bietigheim.com 1 NorthNames, LLC NS1.DNSNUTS.COM None
64 tier_2 ww1.voguetide.com 1 Heavydomains.net LLC NS1.DNSNUTS.COM None
65 tier_2 ww1.kanarianlove.com 1 SNAPNAMES 40, LLC NS1.DNSNUTS.COM None
66 tier_2 mybettermb.com 1 NAMECHEAP INC NS10.DIGICERTDNS.COM Privacy service provided by Withheld for Privacy ehf
67 tier_2 lp1.securysearchwithus.com 1 NAMECHEAP INC ALEXIS.NS.CLOUDFLARE.COM Privacy service provided by Withheld for Privacy ehf
68 tier_2 google.com 1 MarkMonitor, Inc. NS1.GOOGLE.COM Google LLC
69 tier_2 ww1.pro-auction-script.com 1 Domain Landing Zone LLC NS1.DNSNUTS.COM None
70 tier_3 iyfbodn.com 10 PDR Ltd. d/b/a PublicDomainRegistry.com NS1.NSRESOLUTION.COM Privacy Protect, LLC (PrivacyProtect.org)
71 tier_3 tv.apple.com 9 CSC CORPORATE DOMAINS, INC. A.NS.APPLE.COM Apple Inc.
72 tier_3 music.apple.com 8 CSC CORPORATE DOMAINS, INC. A.NS.APPLE.COM Apple Inc.
73 tier_3 www.volvocars.com 4 CSC CORPORATE DOMAINS, INC. UDNS1.CSCDNS.NET VolvoCarCorporation
74 tier_3 www.blinds.com 2 CSC CORPORATE DOMAINS, INC. A1-27.AKAM.NET Global Custom Commerce, Inc.
75 tier_3 www.macys.com 2 Network Solutions, LLC A1-135.AKAM.NET None
76 tier_3 bouqs.com 1 GoDaddy.com, LLC AIDA.NS.CLOUDFLARE.COM Domains By Proxy, LLC
77 tier_3 survey-smiles.com 1 Media Elite Holdings Limited NS1.BODIS.COM Fundacion Privacy Services LTD
78 tier_3 240083468200116ce45e198a572ea3e0.parkingchina.diandongzhi.com 1 Alibaba Cloud Computing (Beijing) Co., Ltd. CLOE.NS.CLOUDFLARE.COM None
79 tier_3 ads.midwayusa.com 1 GoDaddy.com, LLC NS-1486.AWSDNS-57.ORG Domains By Proxy, LLC
80 tier_3 www.concordhealthsupply.com 1 GoDaddy.com, LLC NS3.VOLUSION.COM Domains By Proxy, LLC
81 tier_3 www.jcpenney.com 1 CSC CORPORATE DOMAINS, INC. ASIA3.AKAM.NET J.C. Penney Corporation, Inc.
82 tier_3 www.google.com 1 MarkMonitor, Inc. NS1.GOOGLE.COM Google LLC
83 tier_3 www.zennioptical.com 1 Wild West Domains, LLC NS10.DNSMADEEASY.COM Domains By Proxy, LLC
  ip city region org postal country_name isEU tier count anycast hostname
0 185.107.56.60 Eindhoven North Brabant AS43350 NForce Entertainment B.V. 5611 Netherlands True tier_1 19 nan nan
1 185.107.56.57 Eindhoven North Brabant AS43350 NForce Entertainment B.V. 5611 Netherlands True tier_1 10 nan nan
2 185.107.56.58 Eindhoven North Brabant AS43350 NForce Entertainment B.V. 5611 Netherlands True tier_1 8 nan nan
3 185.107.56.59 Eindhoven North Brabant AS43350 NForce Entertainment B.V. 5611 Netherlands True tier_1 7 nan nan
4 209.132.243.15 Irvine California AS7296 Alchemy Communications, Inc. 92612 United States False tier_2 53 nan nan
5 199.59.243.222 Tampa Florida AS16509 Amazon.com, Inc. 33609 United States False tier_3 1 True nan
6 96.16.138.46 Frankfurt am Main Hesse AS16625 Akamai Technologies, Inc. 60326 Germany True tier_2 8 nan a96-16-138-46.deploy.static.akamaitechnologies.com
7 72.246.168.25 Frankfurt am Main Hesse AS16625 Akamai Technologies, Inc. 60326 Germany True tier_3 17 nan a72-246-168-25.deploy.static.akamaitechnologies.com
8 66.165.243.160 Los Angeles California AS29802 HIVELOCITY, Inc. 90017 United States False tier_2 6 nan 66-165-243-160.static.hvvc.us
9 192.138.218.207 Seattle Washington AS14332 Connexity, Inc. 98101 United States False tier_2 6 nan rd.bizrate.com
10 192.138.218.139 Seattle Washington AS14332 Connexity, Inc. 98101 United States False tier_2 6 nan rd.connexity.net
11 142.250.185.110 Mörfelden-Walldorf Hesse AS15169 Google LLC 64546 Germany True tier_2 3 nan fra16s49-in-f14.1e100.net
12 142.250.186.70 Mörfelden-Walldorf Hesse AS15169 Google LLC 64546 Germany True tier_2 3 nan fra24s05-in-f6.1e100.net
13 142.250.185.70 Mörfelden-Walldorf Hesse AS15169 Google LLC 64546 Germany True tier_2 2 nan fra16s48-in-f6.1e100.net
14 72.246.168.25 Frankfurt am Main Hesse AS16625 Akamai Technologies, Inc. 60326 Germany True tier_3 17 nan a72-246-168-25.deploy.static.akamaitechnologies.com
15 208.91.196.46 Austin Texas AS40034 Confluence Networks Inc 78701 United States False tier_3 10 nan nan
16 23.37.37.102 Frankfurt am Main Hesse AS16625 Akamai Technologies, Inc. 60326 Germany True tier_3 4 nan a23-37-37-102.deploy.static.akamaitechnologies.com
17 104.94.250.165 Frankfurt am Main Hesse AS16625 Akamai Technologies, Inc. 60326 Germany True tier_3 2 nan a104-94-250-165.deploy.static.akamaitechnologies.com
18 104.75.88.188 Frankfurt am Main Hesse AS16625 Akamai Technologies, Inc. 60326 Germany True tier_3 2 nan a104-75-88-188.deploy.static.akamaitechnologies.com
19 104.16.10.83 San Francisco California AS13335 Cloudflare, Inc. 94107 United States False tier_3 1 True nan
20 199.59.243.222 Tampa Florida AS16509 Amazon.com, Inc. 33609 United States False tier_3 1 True nan
21 104.26.5.128 San Francisco California AS13335 Cloudflare, Inc. 94107 United States False tier_3 1 True nan
22 104.94.250.144 Frankfurt am Main Hesse AS16625 Akamai Technologies, Inc. 60326 Germany True tier_3 1 nan a104-94-250-144.deploy.static.akamaitechnologies.com
23 35.190.16.47 Kansas City Missouri AS15169 Google LLC 64106 United States False tier_3 1 True 47.16.190.35.bc.googleusercontent.com

Aggregated redirection graph of domains located on current IP address.¶

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶

Zhouhan Chen, zc1245@nyu.edu, Personal Website