Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 165 168 638 0 127 2021-02-18 37.48.65.149 Safari
tier domain count registrar name_servers org
0 tier_1 hochkrimmel.de 1 None None None
1 tier_1 arxivi.org 1 GoDaddy.com, LLC NS1.COMMONMX.COM None
2 tier_1 cavallord.com 1 TUCOWS, INC. NS1.COMMONMX.COM Contact Privacy Inc. Customer 0159513995
3 tier_1 endominicana.net 1 GoDaddy.com, LLC NS1.COMMONMX.COM None
4 tier_1 ebookwarez.com 1 DYNADOT10 LLC NS1.COMMONMX.COM None
5 tier_1 abcdwap.com 1 GoDaddy.com, LLC NS1.COMMONMX.COM None
6 tier_1 diziindir.org 1 Domainhysteria.com LLC NS1.COMMONMX.COM None
7 tier_1 indianfreestuff.in 1 Dynadot LLC ns1.commonmx.com None
8 tier_1 dominiosinnova.com 1 GoDaddy.com, LLC NS1.COMMONMX.COM None
9 tier_1 flyingsg.com 1 TUCOWS, INC. NS1.COMMONMX.COM Contact Privacy Inc. Customer 0158841585
10 tier_2 dprtb.com 76 1API GmbH NS1.DNSIMPLE.COM REDACTED FOR PRIVACY
11 tier_2 bradamante-per.com 48 Amazon Registrar, Inc. NS-1026.AWSDNS-00.ORG Whois Privacy Service
12 tier_2 1496.wcitianka.com 40 GoDaddy Online Services Cayman Islands LTD NS-1096.AWSDNS-09.ORG None
13 tier_2 americanlisted.com 39 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
14 tier_2 click.appcast.io 39 101Domain GRS Ltd NS-85.AWSDNS-10.COM None
15 tier_2 btpnative.com 19 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnative.com
16 tier_2 infopicked.com 18 NAMECHEAP INC NS0.DNSMADEEASY.COM WhoisGuard, Inc.
17 tier_2 managerformula.com 18 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
18 tier_2 alfik-fik.com 12 Amazon Registrar, Inc. NS-1264.AWSDNS-30.ORG Whois Privacy Service
19 tier_2 joblift.com 12 INWX GmbH & Co. KG NS-CLOUD-E1.GOOGLEDOMAINS.COM REDACTED FOR PRIVACY
20 tier_3 managerformula.com 29 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
21 tier_3 careerbuilder.com 25 CSC CORPORATE DOMAINS, INC. BROCK.CBJOBS.NET CareerBuilder, LLC
22 tier_3 s3.amazonaws.com 18 MarkMonitor, Inc. R1.AMAZONAWS.COM Amazon.com, Inc.
23 tier_3 affbank.com 5 DANESCO TRADING LTD GABE.NS.CLOUDFLARE.COM Advertecy LTD
24 tier_3 crutchfield.com 5 Domain.com, LLC NS1.CRUTCHFIELD.COM REDACTED FOR PRIVACY
25 tier_3 nextcareernow.com 4 GoDaddy.com, LLC NS53.DOMAINCONTROL.COM Domains By Proxy, LLC
26 tier_3 iosrecommendedvpn.com 3 None None None
27 tier_3 jobleads.com 3 united domains AG CRUZ.NS.CLOUDFLARE.COM None
28 tier_3 joblift.com 2 INWX GmbH & Co. KG NS-CLOUD-E1.GOOGLEDOMAINS.COM REDACTED FOR PRIVACY
29 tier_3 bing.com 2 MarkMonitor, Inc. DNS1.P09.NSONE.NET Microsoft Corporation
ip city region org postal country_name tier count hostname anycast
0 207.244.67.215 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 21 nan nan
1 207.244.67.218 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 17 nan nan
2 207.244.67.216 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 16 nan nan
3 207.244.67.214 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 10 nan nan
4 104.243.45.190 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 8 nan nan
5 104.243.45.179 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 7 nan nan
6 185.107.56.197 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 6 nan nan
7 104.243.45.178 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 6 nan nan
8 185.107.56.199 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 3 nan nan
9 185.107.56.198 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 3 nan nan
10 209.15.13.136 Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 95 nan nan
11 198.54.112.216 San Jose California AS22612 Namecheap, Inc. 95103 United States tier_2 40 nan nan
12 35.209.61.240 Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_2 39 240.61.209.35.bc.googleusercontent.com nan
13 54.84.27.165 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23452 United States tier_2 30 ec2-54-84-27-165.compute-1.amazonaws.com nan
14 34.200.146.95 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23452 United States tier_2 30 ec2-34-200-146-95.compute-1.amazonaws.com nan
15 3.234.136.137 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23452 United States tier_2 20 ec2-3-234-136-137.compute-1.amazonaws.com nan
16 173.192.101.24 Dallas Texas AS36351 SoftLayer Technologies Inc. 75270 United States tier_2 19 18.65.c0ad.ip4.static.sl-reverse.com nan
17 52.0.220.89 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23452 United States tier_2 19 ec2-52-0-220-89.compute-1.amazonaws.com nan
18 192.138.218.207 Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_2 12 rd.bizrate.com nan
19 35.190.64.22 Kansas City Missouri AS15169 Google LLC 64121 United States tier_2 12 22.64.190.35.bc.googleusercontent.com True
20 23.43.56.211 New York City New York AS20940 Akamai International B.V. 10004 United States tier_3 9 a23-43-56-211.deploy.static.akamaitechnologies.com nan
21 23.43.56.200 New York City New York AS20940 Akamai International B.V. 10004 United States tier_3 8 a23-43-56-200.deploy.static.akamaitechnologies.com nan
22 13.224.211.40 Seattle Washington AS16509 Amazon.com, Inc. 98101 United States tier_3 8 server-13-224-211-40.phl50.r.cloudfront.net nan
23 13.224.211.117 Seattle Washington AS16509 Amazon.com, Inc. 98101 United States tier_3 7 server-13-224-211-117.phl50.r.cloudfront.net nan
24 13.224.211.92 Seattle Washington AS16509 Amazon.com, Inc. 98101 United States tier_3 6 server-13-224-211-92.phl50.r.cloudfront.net nan
25 35.156.139.229 Frankfurt am Main Hesse AS16509 Amazon.com, Inc. 60311 Germany tier_3 5 ec2-35-156-139-229.eu-central-1.compute.amazonaws.com nan
26 205.196.12.74 Washington Washington, D.C. AS54391 Crutchfield New Media LLC 20045 United States tier_3 5 www.crutchfield.com nan
27 100.37.135.2 New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 5 pool-100-37-135-2.nycmny.fios.verizon.net nan
28 23.43.56.201 New York City New York AS20940 Akamai International B.V. 10004 United States tier_3 4 a23-43-56-201.deploy.static.akamaitechnologies.com nan
29 13.224.211.9 Seattle Washington AS16509 Amazon.com, Inc. 98101 United States tier_3 4 server-13-224-211-9.phl50.r.cloudfront.net nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website