Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 64 62 105 0 13 2021-04-19 103.224.182.207 Android
tier domain count registrar name_servers org
0 tier_1 123gmail.com 1 TLD Registrar Solutions Ltd. NS1.ABOVE.COM Whois Privacy Corp.
1 tier_1 facebook-sex.com 1 Internet Domain Service BS Corp. NS1.ABOVE.COM Whois Privacy Corp.
2 tier_1 examfeedback.net 1 GoDaddy.com, LLC NS1.ABOVE.COM None
3 tier_1 etcandroid.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
4 tier_1 fashionmazia.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
5 tier_1 eljahome.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
6 tier_1 facebookquotes4u.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
7 tier_1 facebookprofileview.com 1 Internet Domain Service BS Corp. NS1.ABOVE.COM Whois Privacy Corp.
8 tier_1 ez141my.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
9 tier_1 ecmekohen.net 1 GoDaddy.com, LLC NS1.ABOVE.COM None
10 tier_2 0redirb.com 10 ABOVE.COM PTY LTD. NS1.ABOVE.COM None
11 tier_2 americanlisted.com 6 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
12 tier_2 r.lnk8j7.com 3 1&1 IONOS SE NS-1314.AWSDNS-36.ORG 1&1 Internet Limited
13 tier_2 kamala-cha.com 3 Amazon Registrar, Inc. NS-1005.AWSDNS-61.NET Whois Privacy Service
14 tier_2 click.appcast.io 3 101Domain GRS Ltd NS-85.AWSDNS-10.COM None
15 tier_2 careerbliss.com 3 GoDaddy.com, LLC NS10.DNSMADEEASY.COM Domains By Proxy, LLC
16 tier_2 trk.careerbliss.com 3 GoDaddy.com, LLC NS10.DNSMADEEASY.COM Domains By Proxy, LLC
17 tier_2 1496.rawlexi.com 3 None None None
18 tier_2 1redira.com 2 ABOVE.COM PTY LTD. NS1.TRELLIAN.COM None
19 tier_2 go.bshrdr.com 2 None None None
20 tier_2 linkup.com 2 GoDaddy.com, LLC NS-102.AWSDNS-12.COM JobDig
21 tier_2 click.expmediadirect.com 2 None None None
22 tier_2 search.eproute.info 2 GoDaddy.com, LLC NS22.DOMAINCONTROL.COM Domains By Proxy, LLC
23 tier_2 9nl.es 2 None None None
24 tier_2 newre-conversions.clickmeter.com 2 REGISTER S.P.A. NS-1498.AWSDNS-59.ORG REDACTED FOR PRIVACY
25 tier_2 trk.jometer.com 2 Amazon Registrar, Inc. NS-129.AWSDNS-16.COM Whois Privacy Service
26 tier_2 api.l5srv.net 2 GoDaddy.com, LLC NS53.DOMAINCONTROL.COM Domains By Proxy, LLC
27 tier_2 xml.sedodna.com 2 PSI-USA, Inc. dba Domain Robot NS-1222.AWSDNS-24.ORG None
28 tier_2 ww38.123gmail.com 1 TLD Registrar Solutions Ltd. NS1.ABOVE.COM Whois Privacy Corp.
29 tier_2 katie.v4.omgtnc.com 1 PSI-USA, Inc. dba Domain Robot NS-1133.AWSDNS-13.ORG None
30 tier_3 stripchat.com 2 None None None
31 tier_3 findoffers.co 2 Key-Systems GmbH ns4.monikerdns.net Moniker Privacy Services
32 tier_3 upward.careers 2 GoDaddy.com, LLC ns21.domaincontrol.com Domains By Proxy, LLC
33 tier_3 ram21.proasdf.com 2 GoDaddy.com, LLC NS61.DOMAINCONTROL.COM Domains By Proxy, LLC
34 tier_3 wayfair.com_LOOP_1 1 None None None
35 tier_3 drive4ashleydistribution.com 1 GoDaddy.com, LLC NS3.LIONZONE.COM Conversion Interactive Agency
36 tier_3 joinsmarty.com 1 None None None
37 tier_3 click.appcast.io_LOOP_1 1 None None None
38 tier_3 amazonhvh.thejobnetwork.com 1 GoDaddy.com, LLC NS-1356.AWSDNS-41.ORG RealMatch
39 tier_3 linkup.com_LOOP_1 1 None None None
40 tier_3 amazon.com 1 None None None
ip hostname city region org postal country_name tier count anycast
0 103.224.182.207 lb-182-207.above.com Los Angeles California AS133618 Trellian Pty. Limited 90009 United States tier_1 15 nan
1 103.224.212.247 lb-212-247.above.com Los Angeles California AS133618 Trellian Pty. Limited 90009 United States tier_2 10 nan
2 35.209.61.240 240.61.209.35.bc.googleusercontent.com Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_2 6 nan
3 207.38.44.116 cbsmtp1.careerbliss.com Los Angeles California AS5693 Latisys-Irvine, LLC 90009 United States tier_2 6 nan
4 143.204.148.57 server-143-204-148-57.ewr52.r.cloudfront.net Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 3 nan
5 198.54.112.216 nan San Jose California AS22612 Namecheap, Inc. 95103 United States tier_2 3 nan
6 192.138.218.207 rd.bizrate.com Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_2 2 nan
7 103.224.182.206 bidr.trellian.com Los Angeles California AS133618 Trellian Pty. Limited 90009 United States tier_2 2 nan
8 172.67.130.194 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_2 2 True
9 52.72.29.7 ec2-52-72-29-7.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 2 nan
10 100.25.52.1 ec2-100-25-52-1.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 2 nan
11 209.236.97.200 nan Minneapolis Minnesota AS13649 Flexential Colorado Corp. 55440 United States tier_2 2 nan
12 100.37.135.2 pool-100-37-135-2.nycmny.fios.verizon.net New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 3 nan
13 198.134.116.30 nan New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 2 nan
14 44.241.4.74 ec2-44-241-4-74.us-west-2.compute.amazonaws.com Boardman Oregon AS16509 Amazon.com, Inc. 97818 United States tier_2 2 nan
15 209.132.243.15 nan Los Angeles California AS7296 Alchemy Communications, Inc. 90009 United States tier_2 2 nan
16 67.227.173.37 nan Lansing Michigan AS32244 Liquid Web, L.L.C 48901 United States tier_2 2 nan
17 91.195.240.136 nan Frankfurt am Main Hesse AS47846 SEDO GmbH 60311 Germany tier_2 2 nan
18 173.239.53.32 nan New York City New York AS27257 Webair Internet Development Company Inc. 10004 United States tier_2 2 nan
19 173.192.101.24 18.65.c0ad.ip4.static.sl-reverse.com Dallas Texas AS36351 SoftLayer Technologies Inc. 75270 United States tier_2 2 nan
20 185.53.179.28 nan Munich Bavaria AS61969 Team Internet AG 80331 Germany tier_2 1 nan
21 100.37.135.2 pool-100-37-135-2.nycmny.fios.verizon.net New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 3 nan
22 104.19.182.41 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 2 True
23 18.190.1.57 ec2-18-190-1-57.us-east-2.compute.amazonaws.com Hilliard Ohio AS16509 Amazon.com, Inc. 43026 United States tier_3 2 nan
24 67.227.172.40 nan Lansing Michigan AS32244 Liquid Web, L.L.C 48901 United States tier_3 2 nan
25 162.243.10.151 nan New York City New York AS14061 DigitalOcean, LLC 10011 United States tier_3 2 nan
26 207.97.218.196 nan Washington Washington, D.C. AS27357 Rackspace Hosting 20045 United States tier_3 1 nan
27 172.67.68.204 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 True
28 199.83.128.213 199.83.128.213.ip.incapdns.net Redwood City California AS19551 Incapsula Inc 94065 United States tier_3 1 True
29 99.84.37.174 server-99-84-37-174.ewr52.r.cloudfront.net Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 1 nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website