Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
026627411960152021-04-11207.244.67.215Safari
tierdomaincountregistrarname_serversorg
0tier_1digaaz.com1NamePal.com #8013, LLCNS1.COMMONMX.COMNone
1tier_1filmapik.tv1Domain Landing Zone LLCNS1.COMMONMX.COMNone
2tier_1licnewagency.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
3tier_1la2tatcom.com1TUCOWS, INC.NS1.COMMONMX.COMContact Privacy Inc. Customer 0159165625
4tier_1cdhatver.com1NamePal.com #8010, LLCNS1.COMMONMX.COMNone
5tier_1interests.pro1DYNADOT LLCNS1.COMMONMX.COMNone
6tier_1editimage.org1GoDaddy.com, LLCNS1.COMMONMX.COMVirtua Drug Ltd
7tier_1jsamsplace.com1GoDaddy.com, LLCNS1.COMMONMX.COMDomains By Proxy, LLC
8tier_1123musiq.me1GoDaddy.com, LLCNoneNone
9tier_1eatatjacknjills.com1GoDaddy.com, LLCNS1.COMMONMX.COMDomains By Proxy, LLC
10tier_2btpnav.com1301API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
11tier_2aristo-hag.com74Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGWhois Privacy Service
12tier_21496.rawlexi.com43GoDaddy Online Services Cayman Islands LTDNS-128.AWSDNS-16.COMNone
13tier_2nizephoros-pom.com43Amazon Registrar, Inc.NS-1192.AWSDNS-21.ORGWhois Privacy Service
14tier_2americanlisted.com42ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
15tier_2winfreegift.net37DYNADOT, LLCVIP1.ALIDNS.COMNone
16tier_2click.expmediadirect.com27NoneNoneNone
17tier_2btpnative.com261API GmbHNS1.DNSIMPLE.COMRegistrant of btpnative.com
18tier_2infopicked.com26NAMECHEAP INCNS0.DNSMADEEASY.COMPrivacy service provided by Withheld for Privacy ehf
19tier_2ads35.adtelligent.com25DANESCO TRADING LTDNS.ANYCASTNS1.ORGVertamedia,LLC
20tier_2dsp35.adtelligent.com25DANESCO TRADING LTDNS.ANYCASTNS1.ORGVertamedia,LLC
21tier_2aldb1.mysearch.space25NoneNoneNone
22tier_2externals-1953518744.us-east-1.elb.amazonaws.com25MarkMonitor, Inc.R1.AMAZONAWS.COMAmazon.com, Inc.
23tier_2search.snjsearch.com25GoDaddy.com, LLCNS73.DOMAINCONTROL.COMDomains By Proxy, LLC
24tier_29nl.es23NoneNoneNone
25tier_2newre-conversions.clickmeter.com23NoneNoneNone
26tier_2trk.jometer.com21Amazon Registrar, Inc.NS-129.AWSDNS-16.COMWhois Privacy Service
27tier_2api.l5srv.net19GoDaddy.com, LLCNS53.DOMAINCONTROL.COMDomains By Proxy, LLC
28tier_2asufij.xyz18NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
29tier_2managerformula.com12NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
30tier_3free-gifts.net37DYNADOT, LLCVIP1.ALIDNS.COMNone
31tier_3managerformula.com30NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
32tier_3upward.careers19GoDaddy.com, LLCns21.domaincontrol.comDomains By Proxy, LLC
33tier_3xzb.subeamy.pw18NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
34tier_3bing.com15MarkMonitor, Inc.DNS1.P09.NSONE.NETMicrosoft Corporation
35tier_3us.tideri.com13united domains AGNS.UDAG.DENone
36tier_3s3.amazonaws.com12NoneNoneNone
37tier_3seekallanswrs.com10NameSilo, LLCNS-CLOUD-A1.GOOGLEDOMAINS.COMSee PrivacyGuardian.org
38tier_3kbb.com5CSC CORPORATE DOMAINS, INC.PDNS164.ULTRADNS.BIZAutotrader.com
39tier_3wayfair.com4NoneNoneNone
40tier_3click.appcast.io3101Domain GRS LtdNS-85.AWSDNS-10.COMNone
41tier_3rd.bizrate.com3MarkMonitor Inc.NS-1189.AWSDNS-20.ORGNone
42tier_3signup.finddreamjobs.com2GoDaddy.com, LLCALEXIS.NS.CLOUDFLARE.COMFind Dream Jobs
43tier_3storystudio.sfgate.com2CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
44tier_3whatjobs.com2123-Reg LimitedVIDA.NS.CLOUDFLARE.COMNone
45tier_3dollarshaveclub.com1GoDaddy.com, LLCNS-1465.AWSDNS-55.ORGDomains By Proxy, LLC
46tier_3click.appcast.io_LOOP_11NoneNoneNone
47tier_3netradioplayer.com1GoDaddy.com, LLCNS41.DOMAINCONTROL.COMDomains By Proxy, LLC
48tier_3nizephoros-pom.com1Amazon Registrar, Inc.NS-1192.AWSDNS-21.ORGWhois Privacy Service
49tier_3maurices.com_LOOP_11NoneNoneNone
50tier_3careerbuilder.com1CSC CORPORATE DOMAINS, INC.BROCK.CBJOBS.NETCareerBuilder, LLC
51tier_3promorepublic.com1Onlinenic IncLIA.NS.CLOUDFLARE.COMPromoRepublic Oy
52tier_3ballarddesigns.com_LOOP_11NoneNoneNone
53tier_3runnewest-bestextremelyfile.best1NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
54tier_3americanlisted.com1ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
55tier_3lampsplus.com_LOOP_11NoneNoneNone
56tier_3reebok.com1CSC CORPORATE DOMAINS, INC.NS1.NETNAMES.NETReebok International, Ltd.
57tier_3invictastores.com_LOOP_11NoneNoneNone
58tier_3jobs.jobget.com1Amazon Registrar, Inc.NS-1314.AWSDNS-36.ORGNone
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0207.244.67.215WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_137nannan
1207.244.67.218WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_133nannan
2207.244.67.214WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_121nannan
3207.244.67.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_120nannan
4104.243.45.190New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_114nannan
5104.243.45.178New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_112nannan
6206.221.176.184NewarkNew JerseyAS23470 ReliableSite.Net LLC07175United Statestier_112nannan
7104.243.45.179New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_111nannan
882.192.82.225AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_14nannan
974.63.241.30DallasTexasAS46475 Limestone Networks, Inc.75270United Statestier_1330-241-63-74.static.reverse.lstn.netnan
10209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_2157nannan
11198.54.112.216San JoseCaliforniaAS22612 Namecheap, Inc.95103United Statestier_243nannan
1235.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_242240.61.209.35.bc.googleusercontent.comnan
1347.254.67.38Mountain ViewCaliforniaAS45102 Alibaba (US) Technology Co., Ltd.94035United Statestier_337nannan
14198.134.116.30New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_227nannan
15173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_22618.65.c0ad.ip4.static.sl-reverse.comnan
16209.205.202.42New York CityNew YorkAS55081 24 SHELLS10004United Statestier_225static-42-202-205-209.24shells.netnan
17209.205.202.43New York CityNew YorkAS55081 24 SHELLS10004United Statestier_225static-43-202-205-209.24shells.netnan
1835.162.164.74BoardmanOregonAS16509 Amazon.com, Inc.97818United Statestier_225ec2-35-162-164-74.us-west-2.compute.amazonaws.comnan
1952.72.29.7AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_224ec2-52-72-29-7.compute-1.amazonaws.comnan
2052.206.108.38AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-206-108-38.compute-1.amazonaws.comnan
2134.197.176.2AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_220ec2-34-197-176-2.compute-1.amazonaws.comnan
2254.208.107.202AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_220ec2-54-208-107-202.compute-1.amazonaws.comnan
2367.227.173.37LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_219nannan
2418.235.67.128AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_217ec2-18-235-67-128.compute-1.amazonaws.comnan
2534.207.43.7AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_216ec2-34-207-43-7.compute-1.amazonaws.comnan
2650.16.173.246AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_216ec2-50-16-173-246.compute-1.amazonaws.comnan
27192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_33nannan
283.125.109.211Frankfurt am MainHesseAS16509 Amazon.com, Inc.60311Germanytier_215ec2-3-125-109-211.eu-central-1.compute.amazonaws.comnan
2923.21.53.13AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_215ec2-23-21-53-13.compute-1.amazonaws.comnan
3047.254.67.38Mountain ViewCaliforniaAS45102 Alibaba (US) Technology Co., Ltd.94035United Statestier_337nannan
3167.227.172.40LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_319nannan
32172.232.19.147NewarkNew JerseyAS20940 Akamai International B.V.07175United Statestier_317a172-232-19-147.deploy.static.akamaitechnologies.comnan
3335.246.171.123Frankfurt am MainHesseAS15169 Google LLC60311Germanytier_313123.171.246.35.bc.googleusercontent.comnan
34172.232.19.138NewarkNew JerseyAS20940 Akamai International B.V.07175United Statestier_313a172-232-19-138.deploy.static.akamaitechnologies.comnan
3535.165.21.241BoardmanOregonAS16509 Amazon.com, Inc.97818United Statestier_311ec2-35-165-21-241.us-west-2.compute.amazonaws.comnan
36204.79.197.200RedmondWashingtonAS8068 Microsoft Corporation98052United Statestier_310a-0001.a-msedge.netTrue
3735.226.116.123Council BluffsIowaAS15169 Google LLC51502United Statestier_310123.116.226.35.bc.googleusercontent.comnan
3852.88.215.122BoardmanOregonAS16509 Amazon.com, Inc.97818United Statestier_37ec2-52-88-215-122.us-west-2.compute.amazonaws.comnan
39100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_35pool-100-37-135-2.nycmny.fios.verizon.netnan
4013.107.21.200RedmondWashingtonAS8068 Microsoft Corporation98052United Statestier_35nanTrue
4123.44.217.143NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_35a23-44-217-143.deploy.static.akamaitechnologies.comnan
4223.39.32.237NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_34a23-39-32-237.deploy.static.akamaitechnologies.comnan
43192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_33nannan
443.234.0.165AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_32ec2-3-234-0-165.compute-1.amazonaws.comnan
4552.216.89.45AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_32s3-1.amazonaws.comnan
46104.17.47.14San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
4798.129.228.57DallasTexasAS33070 Rackspace Hosting75270United Statestier_32nannan
4852.217.110.78AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_32s3-1.amazonaws.comnan
49151.101.1.9San FranciscoCaliforniaAS54113 Fastly94107United Statestier_31nanTrue
5052.216.110.157AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31s3-1.amazonaws.comnan
5152.3.4.129AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-3-4-129.compute-1.amazonaws.comnan
5252.216.107.158AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31s3-1.amazonaws.comnan
5352.20.164.166AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-20-164-166.compute-1.amazonaws.comnan
5452.206.108.38AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-206-108-38.compute-1.amazonaws.comnan
5599.84.47.65NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31server-99-84-47-65.ewr52.r.cloudfront.netnan
56104.26.10.26San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
5754.231.97.211AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31s3-1.amazonaws.comnan
5852.217.131.176AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31s3-1.amazonaws.comnan
5952.20.53.118AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-20-53-118.compute-1.amazonaws.comnan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website