Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 123 116 398 0 35 2021-01-17 37.48.65.151 Safari
tier domain count registrar name_servers org
0 tier_1 bitenergy.org 1 Allearthdomains.com LLC NS1.COMMONMX.COM None
1 tier_1 write.name 1 None None None
2 tier_1 beactivedentist.com 1 enom1008, Inc. NS1.COMMONMX.COM None
3 tier_1 5ka.me 1 Dynadot, LLC None None
4 tier_1 9novels.net 1 ! #1 Host Japan, Inc. NS1.DNSNUTS.COM The Management Group II
5 tier_1 3files.net 1 TUCOWS, INC. NS1.COMMONMX.COM Contact Privacy Inc. Customer 0158497154
6 tier_1 andisucirta.com 1 DYNADOT14 LLC NS1.COMMONMX.COM None
7 tier_1 vikings.name 1 None None None
8 tier_1 applique.me 1 GoDaddy.com, LLC None None
9 tier_1 archives.name 1 None None None
10 tier_2 1496.wcitianka.com 31 GoDaddy Online Services Cayman Islands LTD NS-1096.AWSDNS-09.ORG None
11 tier_2 americanlisted.com 31 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
12 tier_2 click.appcast.io 29 101Domain GRS Ltd NS-85.AWSDNS-10.COM None
13 tier_2 dprtb.com 27 1API GmbH NS1.DNSIMPLE.COM REDACTED FOR PRIVACY
14 tier_2 5339.wcitianka.com 27 GoDaddy Online Services Cayman Islands LTD NS-1096.AWSDNS-09.ORG None
15 tier_2 tr.trackingsys.tech 27 DonDominio (SCIP) NS1.DONDOMINIO.COM Soluciones Corporativas IP, c/o Whois Proxy
16 tier_2 get38.admedit.net 27 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
17 tier_2 careerbliss.com 12 GoDaddy.com, LLC NS10.DNSMADEEASY.COM Domains By Proxy, LLC
18 tier_2 trk.careerbliss.com 12 GoDaddy.com, LLC NS10.DNSMADEEASY.COM Domains By Proxy, LLC
19 tier_2 open.app.jobrapido.com 6 Marcaria.com International, Inc. NS-CLOUD-D1.GOOGLEDOMAINS.COM GDPR Masked
20 tier_3 careerbliss.com 17 GoDaddy.com, LLC NS10.DNSMADEEASY.COM Domains By Proxy, LLC
21 tier_3 soft4update.findperfectplaces4download.work 5 None None None
22 tier_3 installworking.findyourultimateplayersfirst.best 4 None None None
23 tier_3 workingupdate.findyourultimateplayersfirst.best 4 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
24 tier_3 ready4maintain.findyourultimateplayersfirst.best 4 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
25 tier_3 upgradelive.findperfectplaces4download.work 3 None None None
26 tier_3 update2new.thestablegreatupgrades.best 3 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
27 tier_3 checksoft.findyourultimateplayersfirst.best 3 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
28 tier_3 applytothisjob.com 2 GoDaddy.com, LLC NS-1499.AWSDNS-59.ORG JobDig
29 tier_3 google.com 2 MarkMonitor, Inc. NS1.GOOGLE.COM Google LLC
ip city region org postal country_name tier count hostname anycast
0 207.244.67.218 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 13 nan nan
1 207.244.67.215 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 11 nan nan
2 207.244.67.216 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 8 nan nan
3 207.244.67.214 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 8 nan nan
4 104.243.45.179 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 5 nan nan
5 206.221.176.184 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 4 nan nan
6 185.107.56.200 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 3 nan nan
7 104.243.45.178 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 2 nan nan
8 37.48.65.150 Soest Utrecht AS60781 LeaseWeb Netherlands B.V. 3765 Netherlands tier_1 2 nan nan
9 104.243.45.190 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 2 nan nan
10 198.54.112.216 San Jose California AS22612 Namecheap, Inc. 95103 United States tier_2 58 nan nan
11 35.209.61.240 Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_2 31 240.61.209.35.bc.googleusercontent.com nan
12 209.15.13.136 Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 28 nan nan
13 34.231.10.22 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23479 United States tier_2 27 ec2-34-231-10-22.compute-1.amazonaws.com nan
14 137.74.180.226 Strasbourg Grand Est AS16276 OVH SAS 67000 France tier_2 27 ip226.ip-137-74-180.eu nan
15 207.38.44.116 Los Angeles California AS5693 Latisys-Irvine, LLC 90009 United States tier_3 17 cbsmtp1.careerbliss.com nan
16 34.194.75.233 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23479 United States tier_2 16 ec2-34-194-75-233.compute-1.amazonaws.com nan
17 3.211.178.164 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23479 United States tier_2 13 ec2-3-211-178-164.compute-1.amazonaws.com nan
18 100.37.135.2 New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 2 pool-100-37-135-2.nycmny.fios.verizon.net nan
19 178.33.228.114 Roubaix Hauts-de-France AS16276 OVH SAS 59051 CEDEX 1 France tier_2 6 ns3021656.ip-178-33-228.eu nan
20 54.175.171.244 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23479 United States tier_3 27 ec2-54-175-171-244.compute-1.amazonaws.com nan
21 207.38.44.116 Los Angeles California AS5693 Latisys-Irvine, LLC 90009 United States tier_3 17 cbsmtp1.careerbliss.com nan
22 209.236.97.202 Minneapolis Minnesota AS13649 Flexential Colorado Corp. 55440 United States tier_3 2 nan nan
23 184.87.68.204 Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 2 a184-87-68-204.deploy.static.akamaitechnologies.com nan
24 100.37.135.2 New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 2 pool-100-37-135-2.nycmny.fios.verizon.net nan
25 35.246.171.123 Frankfurt am Main Hesse AS15169 Google LLC 60311 Germany tier_3 2 123.171.246.35.bc.googleusercontent.com nan
26 52.217.87.164 Virginia Beach Virginia AS16509 Amazon.com, Inc. 23479 United States tier_3 1 s3-1-w.amazonaws.com nan
27 172.217.9.228 Clifton New Jersey AS15169 Google LLC 07015 United States tier_3 1 lga34s11-in-f4.1e100.net nan
28 23.227.38.32 Ottawa Ontario AS13335 Cloudflare, Inc. K2P Canada tier_3 1 myshopify.com True
29 172.232.19.91 Newark New Jersey AS20940 Akamai International B.V. 07175 United States tier_3 1 a172-232-19-91.deploy.static.akamaitechnologies.com nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website