Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
025726710530172021-04-1137.48.65.149Safari
tierdomaincountregistrarname_serversorg
0tier_13waycafe.com1DYNADOT LLCNS1.COMMONMX.COMNone
1tier_1bankexamsindia.in1Dynadot LLCns1.commonmx.comNone
2tier_1fibroidclear.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
3tier_1gaybear.in1Dynadot LLCns1.commonmx.comNone
4tier_1endominicana.net1GoDaddy.com, LLCNS1.COMMONMX.COMNone
5tier_1bape.asia1DYNADOT LLCNS1.COMMONMX.COMNone
6tier_1assuncionistas.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
7tier_1gazcelebs.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
8tier_1dinosriverwest.com1GoDaddy.com, LLCNS1.COMMONMX.COMDomains By Proxy, LLC
9tier_1dogstreet.in1Dynadot LLCns1.commonmx.comNone
10tier_2btpnav.com1041API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
11tier_2nizephoros-pom.com69Amazon Registrar, Inc.NS-1192.AWSDNS-21.ORGWhois Privacy Service
12tier_21496.rawlexi.com42NoneNoneNone
13tier_2americanlisted.com39ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
14tier_2click.expmediadirect.com34NoneNoneNone
15tier_2hureseyd.top27NameSilo, LLCns1.selectel.orgSee PrivacyGuardian.org
16tier_2managerformula.com25NoneNoneNone
17tier_2aristo-hag.com22Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGWhois Privacy Service
18tier_29nl.es21NoneNoneNone
19tier_2newre-conversions.clickmeter.com21REGISTER S.P.A.NS-1498.AWSDNS-59.ORGREDACTED FOR PRIVACY
20tier_2btpnative.com181API GmbHNS1.DNSIMPLE.COMRegistrant of btpnative.com
21tier_2trk.jometer.com17Amazon Registrar, Inc.NS-129.AWSDNS-16.COMWhois Privacy Service
22tier_2infopicked.com17NoneNoneNone
23tier_2blockchain-com.email16NameSilo, LLCns1.selectel.orgSee PrivacyGuardian.org
24tier_2clk.rtpdn12.com16NoneNoneNone
25tier_2api.l5srv.net15GoDaddy.com, LLCNS53.DOMAINCONTROL.COMDomains By Proxy, LLC
26tier_2ads35.adtelligent.com15DANESCO TRADING LTDNS.ANYCASTNS1.ORGVertamedia,LLC
27tier_2dsp35.adtelligent.com15DANESCO TRADING LTDNS.ANYCASTNS1.ORGVertamedia,LLC
28tier_2externals-1953518744.us-east-1.elb.amazonaws.com15MarkMonitor, Inc.R1.AMAZONAWS.COMAmazon.com, Inc.
29tier_2search.snjsearch.com15GoDaddy.com, LLCNS73.DOMAINCONTROL.COMDomains By Proxy, LLC
30tier_3managerformula.com44NoneNoneNone
31tier_3s3.amazonaws.com25MarkMonitor, Inc.R1.AMAZONAWS.COMAmazon.com, Inc.
32tier_3upward.careers15GoDaddy.com, LLCns21.domaincontrol.comDomains By Proxy, LLC
33tier_3us.tideri.com12united domains AGNS.UDAG.DENone
34tier_3bing.com12MarkMonitor, Inc.DNS1.P09.NSONE.NETMicrosoft Corporation
35tier_3play.google.com11NoneNoneNone
36tier_3blockchain-com.email11NameSilo, LLCns1.selectel.orgSee PrivacyGuardian.org
37tier_3check-your-profitzone.life5NoneNoneNone
38tier_3americanlisted.com3ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
39tier_3seekallanswrs.com3NameSilo, LLCNS-CLOUD-A1.GOOGLEDOMAINS.COMSee PrivacyGuardian.org
40tier_3runnewest-bestextremelyfile.best3NoneNoneNone
41tier_3signup.careersandjobs.co3GoDaddy.com, LLCalexis.ns.cloudflare.comDomains By Proxy, LLC
42tier_3chrismoneymaker.com3GoDaddy.com, LLCNS65.DOMAINCONTROL.COMAmaya Services Limited
43tier_3reebok.com2CSC CORPORATE DOMAINS, INC.NS1.NETNAMES.NETReebok International, Ltd.
44tier_3click.appcast.io2101Domain GRS LtdNS-85.AWSDNS-10.COMNone
45tier_3macys.com2Network Solutions, LLCA1-135.AKAM.NETMacy's Systems and Technology, Inc.
46tier_3affbank.com2DANESCO TRADING LTDGABE.NS.CLOUDFLARE.COMAdvertecy LTD
47tier_3storystudio.sfgate.com1CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
48tier_3linkup.com_LOOP_11NoneNoneNone
49tier_3signup.finddreamjobs.com1GoDaddy.com, LLCALEXIS.NS.CLOUDFLARE.COMFind Dream Jobs
50tier_3thelastpicture.show_LOOP_11NoneNoneNone
51tier_3careerbuilder.com1CSC CORPORATE DOMAINS, INC.BROCK.CBJOBS.NETCareerBuilder, LLC
52tier_3joblift.com1INWX GmbH & Co. KGNS-CLOUD-E1.GOOGLEDOMAINS.COMREDACTED FOR PRIVACY
53tier_3click.appcast.io_LOOP_11NoneNoneNone
54tier_3wayup.com1NoneNoneNone
55tier_3giftcards.com1MarkMonitor, Inc.NS-1503.AWSDNS-59.ORGBlackhawk Network Holdings, Inc.
56tier_3godaddy.com1GoDaddy.com, LLCA1-245.AKAM.NETGo Daddy Operating Company, LLC
57tier_3joblift.com_LOOP_11NoneNoneNone
58tier_3boatoutfitters.com1GoDaddy.com, LLCNS47.DOMAINCONTROL.COMTeak Isle Inc
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0207.244.67.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_135nannan
1207.244.67.215WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_124nannan
2207.244.67.218WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_123nannan
3207.244.67.214WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_123nannan
4104.243.45.190New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_112nannan
5206.221.176.184NewarkNew JerseyAS23470 ReliableSite.Net LLC07175United Statestier_111nannan
6104.243.45.179New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_19nannan
7104.243.45.178New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_17nannan
8185.107.56.197RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_13nannan
9185.107.56.199RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_12nannan
10209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_2125nannan
11198.54.112.216San JoseCaliforniaAS22612 Namecheap, Inc.95103United Statestier_242nannan
1235.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_33240.61.209.35.bc.googleusercontent.comnan
13198.134.116.30New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_234nannan
14185.233.2.13Saint PetersburgSt.-PetersburgAS48096 Enterprise Cloud Ltd.190000Russiatier_227nannan
1552.72.29.7AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_222ec2-52-72-29-7.compute-1.amazonaws.comnan
1634.197.176.2AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_218ec2-34-197-176-2.compute-1.amazonaws.comnan
17173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_21818.65.c0ad.ip4.static.sl-reverse.comnan
1854.208.107.202AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_217ec2-54-208-107-202.compute-1.amazonaws.comnan
1952.206.108.38AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_217ec2-52-206-108-38.compute-1.amazonaws.comnan
20173.239.53.32New York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_217nannan
215.8.47.52HaarlemNorth HollandAS209813 Fast Content Delivery LTD2031Netherlandstier_39nannan
2267.227.173.37LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_215nannan
23209.205.202.42New York CityNew YorkAS55081 24 SHELLS10004United Statestier_215static-42-202-205-209.24shells.netnan
24209.205.202.43New York CityNew YorkAS55081 24 SHELLS10004United Statestier_215static-43-202-205-209.24shells.netnan
2535.162.164.74BoardmanOregonAS16509 Amazon.com, Inc.97818United Statestier_215ec2-35-162-164-74.us-west-2.compute.amazonaws.comnan
26167.99.3.175North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_215nannan
2723.21.166.230AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_212ec2-23-21-166-230.compute-1.amazonaws.comnan
2854.235.205.204AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_212ec2-54-235-205-204.compute-1.amazonaws.comnan
2934.207.43.7AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_212ec2-34-207-43-7.compute-1.amazonaws.comnan
3023.43.59.162New York CityNew YorkAS20940 Akamai International B.V.10004United Statestier_317a23-43-59-162.deploy.static.akamaitechnologies.comnan
3123.43.59.155New York CityNew YorkAS20940 Akamai International B.V.10004United Statestier_317a23-43-59-155.deploy.static.akamaitechnologies.comnan
3267.227.172.40LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_315nannan
3335.246.171.123Frankfurt am MainHesseAS15169 Google LLC60311Germanytier_312123.171.246.35.bc.googleusercontent.comnan
3423.43.59.178New York CityNew YorkAS20940 Akamai International B.V.10004United Statestier_310a23-43-59-178.deploy.static.akamaitechnologies.comnan
35204.79.197.200RedmondWashingtonAS8068 Microsoft Corporation98052United Statestier_310a-0001.a-msedge.netTrue
365.8.47.52HaarlemNorth HollandAS209813 Fast Content Delivery LTD2031Netherlandstier_39nannan
37100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_36pool-100-37-135-2.nycmny.fios.verizon.netnan
3831.184.202.191HaarlemNorth HollandAS209813 Fast Content Delivery LTD2031Netherlandstier_35nannan
39142.250.64.78Mountain ViewCaliforniaAS15169 Google LLC94043United Statestier_34lga34s30-in-f14.1e100.netnan
40172.217.10.14WestburyNew YorkAS15169 Google LLC11590United Statestier_34lga34s12-in-f14.1e100.netnan
4135.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_33240.61.209.35.bc.googleusercontent.comnan
4235.226.116.123Council BluffsIowaAS15169 Google LLC51502United Statestier_33123.116.226.35.bc.googleusercontent.comnan
4352.20.53.118AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_33ec2-52-20-53-118.compute-1.amazonaws.comnan
4492.205.4.117StrasbourgGrand EstAS21499 Host Europe GmbH67000Francetier_33ip-92-205-4-117.ip.secureserver.netnan
4523.201.27.178NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_32a23-201-27-178.deploy.static.akamaitechnologies.comnan
46172.217.10.238CliftonNew JerseyAS15169 Google LLC07015United Statestier_32lga25s59-in-f14.1e100.netnan
4752.217.97.246AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_32s3-1.amazonaws.comnan
4835.156.139.229Frankfurt am MainHesseAS16509 Amazon.com, Inc.60311Germanytier_32ec2-35-156-139-229.eu-central-1.compute.amazonaws.comnan
4913.107.21.200RedmondWashingtonAS8068 Microsoft Corporation98052United Statestier_32nanTrue
50104.21.10.65San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
5152.216.169.21AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31s3-1.amazonaws.comnan
5252.216.25.70AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31s3-1.amazonaws.comnan
5398.129.228.57DallasTexasAS33070 Rackspace Hosting75270United Statestier_31nannan
54172.217.12.142CliftonNew JerseyAS15169 Google LLC07015United Statestier_31lga34s19-in-f14.1e100.netnan
5552.216.168.109AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31s3-1.amazonaws.comnan
5652.3.4.129AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-3-4-129.compute-1.amazonaws.comnan
57104.17.47.14San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
5852.217.44.174AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31s3-1.amazonaws.comnan
5952.216.81.3AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31s3-1.amazonaws.comnan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website