Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
01631616000162021-04-2164.32.8.68Safari
tierdomaincountregistrarname_serversorg
0tier_1freemoneysystem.net1Interlakenames.com LLCNS1.DNSNUTS.COMThe Management Group II
1tier_1clipxplore.com1SouthNames Inc.NS1.DNSNUTS.COMThe Management Group II
2tier_1albumkings.net1Snoqulamiedomains.com LLCNS1.DNSNUTS.COMThe Management Group II
3tier_1drmommyonline.com1DevilDogDomains.com, LLCNS1.DNSNUTS.COMThe Management Group II
4tier_1buysql.com1Long Drive Domains LLCNS1.DNSNUTS.COMNone
5tier_1beritatrendz.com1Nameselite, LLCNS1.DNSNUTS.COMNone
6tier_1dakmm.com1Private Domains, IncorporatedNS1.DNSNUTS.COMNone
7tier_1alchemicalpsychology.com1enom1033, Inc.NS1.DNSNUTS.COMNone
8tier_1kahimyang.info1Allearthdomains.com LLCNS1.DNSNUTS.COM['The Management Group II', 'Statutory Masking Enabled']
9tier_1download-wallpaper.net1eNom461, IncorporatedNS1.DNSNUTS.COMThe Management Group II
10tier_21496.rawlexi.com76GoDaddy Online Services Cayman Islands LTDNS-128.AWSDNS-16.COMNone
11tier_2americanlisted.com70ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
12tier_29nl.es30NoneNoneNone
13tier_2newre-conversions.clickmeter.com30REGISTER S.P.A.NS-1498.AWSDNS-59.ORGREDACTED FOR PRIVACY
14tier_2trk.jometer.com28Amazon Registrar, Inc.NS-129.AWSDNS-16.COMWhois Privacy Service
15tier_2api.l5srv.net28GoDaddy.com, LLCNS53.DOMAINCONTROL.COMDomains By Proxy, LLC
16tier_2click.appcast.io23101Domain GRS LtdNS-85.AWSDNS-10.COMNone
17tier_2careerbliss.com15GoDaddy.com, LLCNS10.DNSMADEEASY.COMDomains By Proxy, LLC
18tier_2trk.careerbliss.com15GoDaddy.com, LLCNS10.DNSMADEEASY.COMDomains By Proxy, LLC
19tier_2aristo-hag.com11Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGWhois Privacy Service
20tier_2track.vcdc.com10Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
21tier_2click.appcast.io_LOOP_110NoneNoneNone
22tier_2btpnav.com101API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
23tier_2nizephoros-pom.com6Amazon Registrar, Inc.NS-1192.AWSDNS-21.ORGWhois Privacy Service
24tier_2managerformula.com6NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
25tier_2us.expand-backend.mindmatch.ai3NoneNoneNone
26tier_2linkup.com3GoDaddy.com, LLCNS-102.AWSDNS-12.COMJobDig
27tier_2linkup.com_LOOP_13NoneNoneNone
28tier_2linkup.com_LOOP_23NoneNoneNone
29tier_2click.expmediadirect.com2NAMECHEAP INCNS1.LINODE.COMPrivacy service provided by Withheld for Privacy ehf
30tier_3upward.careers28GoDaddy.com, LLCns21.domaincontrol.comDomains By Proxy, LLC
31tier_3google.com11MarkMonitor, Inc.NS1.GOOGLE.COMGoogle LLC
32tier_3irl.com11GoDaddy.com, LLCNS-106.AWSDNS-13.COMDomains By Proxy, LLC
33tier_3careerbliss.com8GoDaddy.com, LLCNS10.DNSMADEEASY.COMDomains By Proxy, LLC
34tier_3s3.amazonaws.com6MarkMonitor Inc.R1.AMAZONAWS.COMNone
35tier_3americanlisted.com6ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
36tier_3juju.com3Network Solutions, LLCNS-1111.AWSDNS-10.ORGJuju Inc.
37tier_3linkedin.com2MarkMonitor, Inc.DNS1.P09.NSONE.NETLinkedIn Corporation
38tier_3us.allthetopbananas.com2ENOM, INC.DANE.NS.CLOUDFLARE.COMREDACTED FOR PRIVACY
39tier_3click.joveo.com2Go Canada Domains, LLCNS-1256.AWSDNS-29.ORGDomains By Proxy, LLC
40tier_3albeebaby.com_LOOP_11NoneNoneNone
41tier_3click.appcast.io_LOOP_11NoneNoneNone
42tier_3savatree.com1GoDaddy.com, LLCAURORA.NS.CLOUDFLARE.COMSavATree
43tier_3jobs.intuit.com1MarkMonitor, Inc.A1-182.AKAM.NETIntuit Inc.
44tier_3joblift.com1INWX GmbH & Co. KGNS-CLOUD-E1.GOOGLEDOMAINS.COMREDACTED FOR PRIVACY
45tier_3neuvoo.com1NoneNoneNone
46tier_3click.appcast.io_LOOP_21NoneNoneNone
47tier_3caregivers.careinhomes.com1NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMRedacted for Privacy Purposes
48tier_311167218.searchiqnet.com1GoDaddy.com, LLCNS57.DOMAINCONTROL.COMDomains By Proxy, LLC
49tier_3manhattanjobs.com1ENOM, INC.DNS1.NAME-SERVICES.COMREDACTED FOR PRIVACY
50tier_3us.mindmatch.ai1NoneNoneNone
51tier_3runnewest-bestextremelyfile.best1NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
52tier_3jobs.compassgroupcareers.com1Network Solutions, LLCNS-1431.AWSDNS-50.ORGCompass Group USA Inc.
53tier_3jobs.bswhealth.com1Network Solutions, LLCNS03.BAYLORHEALTHCARE.COMBaylor Health Care System
54tier_3us.tideri.com1united domains AGNS.UDAG.DENone
55tier_3slotocash.im1Nonedane.ns.cloudflare.com.None
56tier_3amazonhvh.thejobnetwork.com1GoDaddy.com, LLCNS-1356.AWSDNS-41.ORGRealMatch
57tier_3jobs.jobget.com1Amazon Registrar, Inc.NS-1314.AWSDNS-36.ORGWhois Privacy Service
iphostnamecityregionorgpostalcountry_nametiercountanycast
064.32.8.68customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_119nan
164.32.8.67customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_114nan
264.32.8.70customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_114nan
3185.107.56.59nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_113nan
4185.107.56.58nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_110nan
564.32.8.69customer.sharktech.netLos AngelesCaliforniaAS46844 Sharktech90009United Statestier_19nan
6185.107.56.60nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_19nan
7185.107.56.57nanRotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_19nan
8198.54.112.216nanSan JoseCaliforniaAS22612 Namecheap, Inc.95103United Statestier_277nan
935.209.61.240240.61.209.35.bc.googleusercontent.comCouncil BluffsIowaAS15169 Google LLC51502United Statestier_36nan
10207.38.44.116cbsmtp1.careerbliss.comLos AngelesCaliforniaAS5693 Latisys-Irvine, LLC90009United Statestier_38nan
1167.227.173.37nanLansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_228nan
1254.197.247.190ec2-54-197-247-190.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_219nan
13100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_33nan
1454.235.205.204ec2-54-235-205-204.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_217nan
1523.21.53.13ec2-23-21-53-13.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_213nan
1623.21.166.45ec2-23-21-166-45.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_211nan
1799.84.114.17server-99-84-114-17.ewr52.r.cloudfront.netNewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_211nan
18167.233.8.197static.197.8.233.167.clients.your-server.deN├╝rnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_210nan
19209.15.13.136nanTorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_210nan
20100.25.52.1ec2-100-25-52-1.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_28nan
2152.72.29.7ec2-52-72-29-7.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_28nan
223.234.0.165ec2-3-234-0-165.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_28nan
2399.84.114.53server-99-84-114-53.ewr52.r.cloudfront.netNewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_28nan
2452.3.4.129ec2-52-3-4-129.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_27nan
2599.84.114.65server-99-84-114-65.ewr52.r.cloudfront.netNewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_26nan
2634.197.176.2ec2-34-197-176-2.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_24nan
2734.120.235.106106.235.120.34.bc.googleusercontent.comKansas CityMissouriAS15169 Google LLC64121United Statestier_23True
2867.227.172.40nanLansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_328nan
29207.38.44.116cbsmtp1.careerbliss.comLos AngelesCaliforniaAS5693 Latisys-Irvine, LLC90009United Statestier_38nan
30172.217.10.100lga34s15-in-f4.1e100.netCliftonNew JerseyAS15169 Google LLC07015United Statestier_36nan
3135.209.61.240240.61.209.35.bc.googleusercontent.comCouncil BluffsIowaAS15169 Google LLC51502United Statestier_36nan
32172.217.12.164lga25s62-in-f4.1e100.netCliftonNew JerseyAS15169 Google LLC07015United Statestier_33nan
3354.205.240.192ec2-54-205-240-192.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_33nan
34100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_33nan
3552.216.240.38s3-1.amazonaws.comAshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_32nan
3613.107.42.14nanRedmondWashingtonAS8068 Microsoft Corporation98052United Statestier_32True
373.211.162.98ec2-3-211-162-98.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_32nan
3867.207.81.229nanNorth BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_32nan
3952.217.82.166s3-1.amazonaws.comAshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_32nan
4064.227.12.111nanNorth BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_32nan
4152.203.36.44ec2-52-203-36-44.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_32nan
42172.217.10.228lga25s59-in-f4.1e100.netCliftonNew JerseyAS15169 Google LLC07015United Statestier_32nan
43104.26.12.236nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31True
4499.84.114.67server-99-84-114-67.ewr52.r.cloudfront.netNewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31nan
4552.216.105.125s3-1.amazonaws.comAshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31nan
46141.193.213.20nanAustinTexasAS209242 Cloudflare London, LLC78701United Statestier_31True
47172.232.19.104a172-232-19-104.deploy.static.akamaitechnologies.comNewarkNew JerseyAS20940 Akamai International B.V.07175United Statestier_31nan
4835.190.64.2222.64.190.35.bc.googleusercontent.comKansas CityMissouriAS15169 Google LLC64121United Statestier_31True
4934.232.57.217ec2-34-232-57-217.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31nan
50104.26.13.236nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31True
5152.22.228.123ec2-52-22-228-123.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31nan
52209.132.243.15nanLos AngelesCaliforniaAS7296 Alchemy Communications, Inc.90009United Statestier_31nan
5367.207.80.24nanNorth BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_31nan
5452.73.87.228ec2-52-73-87-228.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31nan
5568.168.84.196196.84.168.68.static.dbsintl.netNorristownPennsylvaniaAS17378 TierPoint, LLC19403United Statestier_31nan
56104.21.50.192nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31True
5752.20.53.118ec2-52-20-53-118.compute-1.amazonaws.comAshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website