Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 178 177 534 0 131 2021-02-20 207.244.67.215 Safari
tier domain count registrar name_servers org
0 tier_1 ecomatt.co 1 GoDaddy.com, LLC ns2.commonmx.com None
1 tier_1 720pizle.co 1 GoDaddy.com, LLC ns2.commonmx.com None
2 tier_1 dudedigitalcodes.com 1 Chipshot Domains LLC NS1.COMMONMX.COM None
3 tier_1 desigay.org 1 Beartrapdomains.com LLC NS1.COMMONMX.COM None
4 tier_1 gamefirst.me 1 Dynadot, LLC None None
5 tier_1 davmodeldgp.org 1 Domainamania.com LLC NS1.COMMONMX.COM None
6 tier_1 fueledup.co 1 Communigal Communication Ltd ns2.commonmx.com None
7 tier_1 borno.co 1 Communigal Communication Ltd ns1.commonmx.com None
8 tier_1 firmfile.us 1 Communigal Communication Ltd ns2.commonmx.com None
9 tier_1 busyghana.com 1 Hawthornedomains.com LLC NS1.COMMONMX.COM None
10 tier_3 dprtb.com 52 1API GmbH NS1.DNSIMPLE.COM REDACTED FOR PRIVACY
11 tier_3 careerbuilder.com 30 CSC CORPORATE DOMAINS, INC. BROCK.CBJOBS.NET CareerBuilder, LLC
12 tier_3 btpnative.com 16 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnative.com
13 tier_3 managerformula.com 13 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
14 tier_3 s3.amazonaws.com 11 MarkMonitor, Inc. R1.AMAZONAWS.COM Amazon.com, Inc.
15 tier_3 americanlisted.com 2 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
16 tier_3 squirt.org 2 NAMECHEAP INC NS5.DNSMADEEASY.COM WhoisGuard, Inc.
17 tier_3 joblift.com 2 INWX GmbH & Co. KG NS-CLOUD-E1.GOOGLEDOMAINS.COM REDACTED FOR PRIVACY
18 tier_3 signup.myjobscorner.com 1 GoDaddy.com, LLC ALDO.NS.CLOUDFLARE.COM Domains By Proxy, LLC
19 tier_3 jobleads.com 1 united domains AG CRUZ.NS.CLOUDFLARE.COM None
20 tier_2 dprtb.com 52 1API GmbH NS1.DNSIMPLE.COM REDACTED FOR PRIVACY
21 tier_2 1496.wcitianka.com 38 GoDaddy Online Services Cayman Islands LTD NS-1096.AWSDNS-09.ORG None
22 tier_2 americanlisted.com 36 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
23 tier_2 click.appcast.io 36 101Domain GRS Ltd NS-85.AWSDNS-10.COM None
24 tier_2 bradamante-per.com 24 Amazon Registrar, Inc. NS-1026.AWSDNS-00.ORG Whois Privacy Service
25 tier_2 btpnative.com 14 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnative.com
26 tier_2 infopicked.com 13 NAMECHEAP INC NS0.DNSMADEEASY.COM WhoisGuard, Inc.
27 tier_2 managerformula.com 11 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
28 tier_2 joblift.com 4 INWX GmbH & Co. KG NS-CLOUD-E1.GOOGLEDOMAINS.COM REDACTED FOR PRIVACY
29 tier_2 click.appcast.io_LOOP_1 3 None None None
ip city region org postal country_name tier count hostname
0 207.244.67.215 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 22 nan
1 207.244.67.216 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 22 nan
2 207.244.67.218 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 17 nan
3 207.244.67.214 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 17 nan
4 104.243.45.178 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 10 nan
5 104.243.45.179 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 8 nan
6 104.243.45.190 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 7 nan
7 206.221.176.184 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 6 nan
8 82.192.82.226 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 5 nan
9 37.48.65.150 Soest Utrecht AS60781 LeaseWeb Netherlands B.V. 3765 Netherlands tier_1 3 nan
10 209.15.13.136 Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 66 nan
11 13.225.218.48 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 9 server-13-225-218-48.jfk51.r.cloudfront.net
12 13.225.218.90 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 9 server-13-225-218-90.jfk51.r.cloudfront.net
13 23.200.0.41 Edison New Jersey AS20940 Akamai International B.V. 08817 United States tier_2 5 a23-200-0-41.deploy.static.akamaitechnologies.com
14 13.225.218.50 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 7 server-13-225-218-50.jfk51.r.cloudfront.net
15 13.225.218.25 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 5 server-13-225-218-25.jfk51.r.cloudfront.net
16 23.200.0.5 Edison New Jersey AS20940 Akamai International B.V. 08817 United States tier_2 6 a23-200-0-5.deploy.static.akamaitechnologies.com
17 100.37.135.2 New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 4 pool-100-37-135-2.nycmny.fios.verizon.net
18 52.217.74.182 Virginia Beach Virginia AS16509 Amazon.com, Inc. 23452 United States tier_3 2 s3-1.amazonaws.com
19 52.216.24.110 Virginia Beach Virginia AS16509 Amazon.com, Inc. 23452 United States tier_3 2 s3-1.amazonaws.com
20 209.15.13.136 Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 66 nan
21 198.54.112.216 San Jose California AS22612 Namecheap, Inc. 95103 United States tier_2 38 nan
22 35.209.61.240 Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_2 36 240.61.209.35.bc.googleusercontent.com
23 52.0.220.89 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23452 United States tier_2 21 ec2-52-0-220-89.compute-1.amazonaws.com
24 54.84.27.165 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23452 United States tier_2 15 ec2-54-84-27-165.compute-1.amazonaws.com
25 3.234.136.137 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23452 United States tier_2 15 ec2-3-234-136-137.compute-1.amazonaws.com
26 173.192.101.24 Dallas Texas AS36351 SoftLayer Technologies Inc. 75270 United States tier_2 14 18.65.c0ad.ip4.static.sl-reverse.com
27 34.200.146.95 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23452 United States tier_2 11 ec2-34-200-146-95.compute-1.amazonaws.com
28 23.200.0.5 Edison New Jersey AS20940 Akamai International B.V. 08817 United States tier_2 6 a23-200-0-5.deploy.static.akamaitechnologies.com
29 23.200.0.41 Edison New Jersey AS20940 Akamai International B.V. 08817 United States tier_2 5 a23-200-0-41.deploy.static.akamaitechnologies.com

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website