Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 163 161 600 0 16 2021-04-21 64.32.8.68 Safari
tier domain count registrar name_servers org
0 tier_1 freemoneysystem.net 1 Interlakenames.com LLC NS1.DNSNUTS.COM The Management Group II
1 tier_1 clipxplore.com 1 SouthNames Inc. NS1.DNSNUTS.COM The Management Group II
2 tier_1 albumkings.net 1 Snoqulamiedomains.com LLC NS1.DNSNUTS.COM The Management Group II
3 tier_1 drmommyonline.com 1 DevilDogDomains.com, LLC NS1.DNSNUTS.COM The Management Group II
4 tier_1 buysql.com 1 Long Drive Domains LLC NS1.DNSNUTS.COM None
5 tier_1 beritatrendz.com 1 Nameselite, LLC NS1.DNSNUTS.COM None
6 tier_1 dakmm.com 1 Private Domains, Incorporated NS1.DNSNUTS.COM None
7 tier_1 alchemicalpsychology.com 1 enom1033, Inc. NS1.DNSNUTS.COM None
8 tier_1 kahimyang.info 1 Allearthdomains.com LLC NS1.DNSNUTS.COM ['The Management Group II', 'Statutory Masking Enabled']
9 tier_1 download-wallpaper.net 1 eNom461, Incorporated NS1.DNSNUTS.COM The Management Group II
10 tier_2 1496.rawlexi.com 76 GoDaddy Online Services Cayman Islands LTD NS-128.AWSDNS-16.COM None
11 tier_2 americanlisted.com 70 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
12 tier_2 9nl.es 30 None None None
13 tier_2 newre-conversions.clickmeter.com 30 REGISTER S.P.A. NS-1498.AWSDNS-59.ORG REDACTED FOR PRIVACY
14 tier_2 trk.jometer.com 28 Amazon Registrar, Inc. NS-129.AWSDNS-16.COM Whois Privacy Service
15 tier_2 api.l5srv.net 28 GoDaddy.com, LLC NS53.DOMAINCONTROL.COM Domains By Proxy, LLC
16 tier_2 click.appcast.io 23 101Domain GRS Ltd NS-85.AWSDNS-10.COM None
17 tier_2 careerbliss.com 15 GoDaddy.com, LLC NS10.DNSMADEEASY.COM Domains By Proxy, LLC
18 tier_2 trk.careerbliss.com 15 GoDaddy.com, LLC NS10.DNSMADEEASY.COM Domains By Proxy, LLC
19 tier_2 aristo-hag.com 11 Amazon Registrar, Inc. NS-1226.AWSDNS-25.ORG Whois Privacy Service
20 tier_2 track.vcdc.com 10 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
21 tier_2 click.appcast.io_LOOP_1 10 None None None
22 tier_2 btpnav.com 10 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnav.com
23 tier_2 nizephoros-pom.com 6 Amazon Registrar, Inc. NS-1192.AWSDNS-21.ORG Whois Privacy Service
24 tier_2 managerformula.com 6 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM Privacy service provided by Withheld for Privacy ehf
25 tier_2 us.expand-backend.mindmatch.ai 3 None None None
26 tier_2 linkup.com 3 GoDaddy.com, LLC NS-102.AWSDNS-12.COM JobDig
27 tier_2 linkup.com_LOOP_1 3 None None None
28 tier_2 linkup.com_LOOP_2 3 None None None
29 tier_2 click.expmediadirect.com 2 NAMECHEAP INC NS1.LINODE.COM Privacy service provided by Withheld for Privacy ehf
30 tier_3 upward.careers 28 GoDaddy.com, LLC ns21.domaincontrol.com Domains By Proxy, LLC
31 tier_3 google.com 11 MarkMonitor, Inc. NS1.GOOGLE.COM Google LLC
32 tier_3 irl.com 11 GoDaddy.com, LLC NS-106.AWSDNS-13.COM Domains By Proxy, LLC
33 tier_3 careerbliss.com 8 GoDaddy.com, LLC NS10.DNSMADEEASY.COM Domains By Proxy, LLC
34 tier_3 s3.amazonaws.com 6 MarkMonitor Inc. R1.AMAZONAWS.COM None
35 tier_3 americanlisted.com 6 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
36 tier_3 juju.com 3 Network Solutions, LLC NS-1111.AWSDNS-10.ORG Juju Inc.
37 tier_3 linkedin.com 2 MarkMonitor, Inc. DNS1.P09.NSONE.NET LinkedIn Corporation
38 tier_3 us.allthetopbananas.com 2 ENOM, INC. DANE.NS.CLOUDFLARE.COM REDACTED FOR PRIVACY
39 tier_3 click.joveo.com 2 Go Canada Domains, LLC NS-1256.AWSDNS-29.ORG Domains By Proxy, LLC
40 tier_3 albeebaby.com_LOOP_1 1 None None None
41 tier_3 click.appcast.io_LOOP_1 1 None None None
42 tier_3 savatree.com 1 GoDaddy.com, LLC AURORA.NS.CLOUDFLARE.COM SavATree
43 tier_3 jobs.intuit.com 1 MarkMonitor, Inc. A1-182.AKAM.NET Intuit Inc.
44 tier_3 joblift.com 1 INWX GmbH & Co. KG NS-CLOUD-E1.GOOGLEDOMAINS.COM REDACTED FOR PRIVACY
45 tier_3 neuvoo.com 1 None None None
46 tier_3 click.appcast.io_LOOP_2 1 None None None
47 tier_3 caregivers.careinhomes.com 1 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM Redacted for Privacy Purposes
48 tier_3 11167218.searchiqnet.com 1 GoDaddy.com, LLC NS57.DOMAINCONTROL.COM Domains By Proxy, LLC
49 tier_3 manhattanjobs.com 1 ENOM, INC. DNS1.NAME-SERVICES.COM REDACTED FOR PRIVACY
50 tier_3 us.mindmatch.ai 1 None None None
51 tier_3 runnewest-bestextremelyfile.best 1 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM Privacy service provided by Withheld for Privacy ehf
52 tier_3 jobs.compassgroupcareers.com 1 Network Solutions, LLC NS-1431.AWSDNS-50.ORG Compass Group USA Inc.
53 tier_3 jobs.bswhealth.com 1 Network Solutions, LLC NS03.BAYLORHEALTHCARE.COM Baylor Health Care System
54 tier_3 us.tideri.com 1 united domains AG NS.UDAG.DE None
55 tier_3 slotocash.im 1 None dane.ns.cloudflare.com. None
56 tier_3 amazonhvh.thejobnetwork.com 1 GoDaddy.com, LLC NS-1356.AWSDNS-41.ORG RealMatch
57 tier_3 jobs.jobget.com 1 Amazon Registrar, Inc. NS-1314.AWSDNS-36.ORG Whois Privacy Service
ip hostname city region org postal country_name tier count anycast
0 64.32.8.68 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 19 nan
1 64.32.8.67 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 14 nan
2 64.32.8.70 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 14 nan
3 185.107.56.59 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 13 nan
4 185.107.56.58 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 10 nan
5 64.32.8.69 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 9 nan
6 185.107.56.60 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 9 nan
7 185.107.56.57 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 9 nan
8 198.54.112.216 nan San Jose California AS22612 Namecheap, Inc. 95103 United States tier_2 77 nan
9 35.209.61.240 240.61.209.35.bc.googleusercontent.com Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_3 6 nan
10 207.38.44.116 cbsmtp1.careerbliss.com Los Angeles California AS5693 Latisys-Irvine, LLC 90009 United States tier_3 8 nan
11 67.227.173.37 nan Lansing Michigan AS32244 Liquid Web, L.L.C 48901 United States tier_2 28 nan
12 54.197.247.190 ec2-54-197-247-190.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 19 nan
13 100.37.135.2 pool-100-37-135-2.nycmny.fios.verizon.net New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 3 nan
14 54.235.205.204 ec2-54-235-205-204.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 17 nan
15 23.21.53.13 ec2-23-21-53-13.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 13 nan
16 23.21.166.45 ec2-23-21-166-45.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 11 nan
17 99.84.114.17 server-99-84-114-17.ewr52.r.cloudfront.net Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 11 nan
18 167.233.8.197 static.197.8.233.167.clients.your-server.de N├╝rnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 10 nan
19 209.15.13.136 nan Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 10 nan
20 100.25.52.1 ec2-100-25-52-1.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 8 nan
21 52.72.29.7 ec2-52-72-29-7.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 8 nan
22 3.234.0.165 ec2-3-234-0-165.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 8 nan
23 99.84.114.53 server-99-84-114-53.ewr52.r.cloudfront.net Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 8 nan
24 52.3.4.129 ec2-52-3-4-129.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 7 nan
25 99.84.114.65 server-99-84-114-65.ewr52.r.cloudfront.net Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 6 nan
26 34.197.176.2 ec2-34-197-176-2.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 4 nan
27 34.120.235.106 106.235.120.34.bc.googleusercontent.com Kansas City Missouri AS15169 Google LLC 64121 United States tier_2 3 True
28 67.227.172.40 nan Lansing Michigan AS32244 Liquid Web, L.L.C 48901 United States tier_3 28 nan
29 207.38.44.116 cbsmtp1.careerbliss.com Los Angeles California AS5693 Latisys-Irvine, LLC 90009 United States tier_3 8 nan
30 172.217.10.100 lga34s15-in-f4.1e100.net Clifton New Jersey AS15169 Google LLC 07015 United States tier_3 6 nan
31 35.209.61.240 240.61.209.35.bc.googleusercontent.com Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_3 6 nan
32 172.217.12.164 lga25s62-in-f4.1e100.net Clifton New Jersey AS15169 Google LLC 07015 United States tier_3 3 nan
33 54.205.240.192 ec2-54-205-240-192.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 3 nan
34 100.37.135.2 pool-100-37-135-2.nycmny.fios.verizon.net New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 3 nan
35 52.216.240.38 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 2 nan
36 13.107.42.14 nan Redmond Washington AS8068 Microsoft Corporation 98052 United States tier_3 2 True
37 3.211.162.98 ec2-3-211-162-98.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 2 nan
38 67.207.81.229 nan North Bergen New Jersey AS14061 DigitalOcean, LLC 07047 United States tier_3 2 nan
39 52.217.82.166 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 2 nan
40 64.227.12.111 nan North Bergen New Jersey AS14061 DigitalOcean, LLC 07047 United States tier_3 2 nan
41 52.203.36.44 ec2-52-203-36-44.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 2 nan
42 172.217.10.228 lga25s59-in-f4.1e100.net Clifton New Jersey AS15169 Google LLC 07015 United States tier_3 2 nan
43 104.26.12.236 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 True
44 99.84.114.67 server-99-84-114-67.ewr52.r.cloudfront.net Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 1 nan
45 52.216.105.125 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
46 141.193.213.20 nan Austin Texas AS209242 Cloudflare London, LLC 78701 United States tier_3 1 True
47 172.232.19.104 a172-232-19-104.deploy.static.akamaitechnologies.com Newark New Jersey AS20940 Akamai International B.V. 07175 United States tier_3 1 nan
48 35.190.64.22 22.64.190.35.bc.googleusercontent.com Kansas City Missouri AS15169 Google LLC 64121 United States tier_3 1 True
49 34.232.57.217 ec2-34-232-57-217.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 nan
50 104.26.13.236 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 True
51 52.22.228.123 ec2-52-22-228-123.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 nan
52 209.132.243.15 nan Los Angeles California AS7296 Alchemy Communications, Inc. 90009 United States tier_3 1 nan
53 67.207.80.24 nan North Bergen New Jersey AS14061 DigitalOcean, LLC 07047 United States tier_3 1 nan
54 52.73.87.228 ec2-52-73-87-228.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 nan
55 68.168.84.196 196.84.168.68.static.dbsintl.net Norristown Pennsylvania AS17378 TierPoint, LLC 19403 United States tier_3 1 nan
56 104.21.50.192 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 True
57 52.20.53.118 ec2-52-20-53-118.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website