Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 279 277 956 0 16 2021-04-07 74.63.241.23 Safari
tier domain count registrar name_servers org
0 tier_1 teamice.us 1 Communigal Communication Ltd ns2.commonmx.com None
1 tier_1 girlystuff.info 1 Dynadot, LLC NS1.COMMONMX.COM None
2 tier_1 uhmanoa.net 1 GoDaddy.com, LLC NS1.COMMONMX.COM None
3 tier_1 studiojimbo.io 1 Dynadot, LLC NS1.COMMONMX.COM None
4 tier_1 786.name 1 None None None
5 tier_1 misopan.net 1 DYNADOT, LLC NS1.COMMONMX.COM None
6 tier_1 yume-baken.com 1 Communigal Communication Ltd NS1.COMMONMX.COM None
7 tier_1 editimage.org 1 GoDaddy.com, LLC NS1.COMMONMX.COM Virtua Drug Ltd
8 tier_1 mooncake.us 1 Communigal Communication Ltd ns2.commonmx.com None
9 tier_1 aashagupta.com 1 TUCOWS, INC. NS1.COMMONMX.COM Contact Privacy Inc. Customer 0158839965
10 tier_2 click.expmediadirect.com 138 None None None
11 tier_2 rqhere2.com 138 None None None
12 tier_2 btpnav.com 47 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnav.com
13 tier_2 1496.rawlexi.com 43 GoDaddy Online Services Cayman Islands LTD NS-128.AWSDNS-16.COM None
14 tier_2 americanlisted.com 35 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
15 tier_2 9nl.es 16 None None None
16 tier_2 newre-conversions.clickmeter.com 16 REGISTER S.P.A. NS-1498.AWSDNS-59.ORG REDACTED FOR PRIVACY
17 tier_2 trk.jometer.com 15 Amazon Registrar, Inc. NS-129.AWSDNS-16.COM Whois Privacy Service
18 tier_2 api.l5srv.net 14 GoDaddy.com, LLC NS53.DOMAINCONTROL.COM Domains By Proxy, LLC
19 tier_2 nizephoros-pom.com 7 Amazon Registrar, Inc. NS-1192.AWSDNS-21.ORG Whois Privacy Service
20 tier_2 managerformula.com 6 None None None
21 tier_2 click.appcast.io 5 101Domain GRS Ltd NS-85.AWSDNS-10.COM None
22 tier_2 7587.rawlexi.com 4 GoDaddy Online Services Cayman Islands LTD NS-128.AWSDNS-16.COM None
23 tier_2 affilynx.g2afse.com 4 GoDaddy.com, LLC NS-1393.AWSDNS-46.ORG Aditec Solutions, UAB
24 tier_2 tracking.trkshark.cc 4 None None None
25 tier_2 apptrk.space 4 None None None
26 tier_2 joblift.com 3 INWX GmbH & Co. KG NS-CLOUD-E1.GOOGLEDOMAINS.COM REDACTED FOR PRIVACY
27 tier_2 click.appcast.io_LOOP_1 3 None None None
28 tier_2 api.apptap.com 3 Amazon Registrar, Inc. NS-1256.AWSDNS-29.ORG Whois Privacy Service
29 tier_2 redirect.viglink.com 3 Amazon Registrar, Inc. NS1.VIGLINK.COM Whois Privacy Service
30 tier_3 clearhealthaspect.info 61 None None None
31 tier_3 thehealthlevel.info 36 None None None
32 tier_3 livingyoung.info 25 None None None
33 tier_3 youthandcare.info 16 None None None
34 tier_3 us.tideri.com 15 united domains AG NS.UDAG.DE None
35 tier_3 upward.careers 14 GoDaddy.com, LLC ns21.domaincontrol.com Domains By Proxy, LLC
36 tier_3 americanlisted.com 8 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
37 tier_3 s3.amazonaws.com 6 MarkMonitor, Inc. R1.AMAZONAWS.COM Amazon.com, Inc.
38 tier_3 apple.global-info.space 3 None None None
39 tier_3 music.apple.com 1 CSC CORPORATE DOMAINS, INC. A.NS.APPLE.COM Apple Inc.
40 tier_3 jobs.dish.com 1 Network Solutions, LLC NS-01.DISH.COM Dish Network LLC
41 tier_3 managerformula.com 1 None None None
42 tier_3 robogarden.io 1 GoDaddy.com, LLC BECKY.NS.CLOUDFLARE.COM None
43 tier_3 click.expmediadirect.com 1 None None None
44 tier_3 socalhondadealers.com 1 DREAMHOST NS1.DREAMHOST.COM Proxy Protection LLC
45 tier_3 click.appcast.io 1 101Domain GRS Ltd NS-85.AWSDNS-10.COM None
46 tier_3 apple.service-care.space 1 None None None
47 tier_3 linkedin.com 1 MarkMonitor, Inc. DNS1.P09.NSONE.NET LinkedIn Corporation
48 tier_3 1496.rawlexi.com 1 GoDaddy Online Services Cayman Islands LTD NS-128.AWSDNS-16.COM None
49 tier_3 joblift.com_LOOP_1 1 None None None
50 tier_3 eharmony.com 1 None None None
51 tier_3 michaelkors.com 1 NOM-IQ Ltd dba Com Laude A1-111.AKAM.NET Michael Kors, L.L.C.
52 tier_3 albeebaby.com_LOOP_1 1 None None None
53 tier_3 open.app.jobrapido.com_LOOP_1 1 None None None
54 tier_3 maurices.com_LOOP_1 1 None None None
55 tier_3 welry.com 1 Amazon Registrar, Inc. NS-1079.AWSDNS-06.ORG Whois Privacy Service
56 tier_3 signup.finddreamjobs.com 1 GoDaddy.com, LLC ALEXIS.NS.CLOUDFLARE.COM Find Dream Jobs
ip city region org postal country_name tier count hostname anycast
0 207.244.67.218 Washington Washington, D.C. AS30633 Leaseweb USA, Inc. 20045 United States tier_1 32 nan nan
1 207.244.67.214 Washington Washington, D.C. AS30633 Leaseweb USA, Inc. 20045 United States tier_1 27 nan nan
2 207.244.67.215 Washington Washington, D.C. AS30633 Leaseweb USA, Inc. 20045 United States tier_1 24 nan nan
3 207.244.67.216 Washington Washington, D.C. AS30633 Leaseweb USA, Inc. 20045 United States tier_1 21 nan nan
4 104.243.45.190 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 19 nan nan
5 206.221.176.184 Newark New Jersey AS23470 ReliableSite.Net LLC 07175 United States tier_1 18 nan nan
6 104.243.45.179 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 14 nan nan
7 104.243.45.178 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 12 nan nan
8 82.192.82.228 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 4 nan nan
9 185.107.56.198 Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 3 nan nan
10 198.134.116.30 New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 139 nan nan
11 167.99.3.175 North Bergen New Jersey AS14061 DigitalOcean, LLC 07047 United States tier_2 138 nan nan
12 209.15.13.136 Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 47 nan nan
13 198.54.112.216 San Jose California AS22612 Namecheap, Inc. 95103 United States tier_3 1 nan nan
14 35.209.61.240 Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_3 8 240.61.209.35.bc.googleusercontent.com nan
15 67.227.173.37 Lansing Michigan AS32244 Liquid Web, L.L.C 48901 United States tier_2 14 nan nan
16 23.21.166.230 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 10 ec2-23-21-166-230.compute-1.amazonaws.com nan
17 54.235.205.204 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 8 ec2-54-235-205-204.compute-1.amazonaws.com nan
18 23.21.53.13 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 8 ec2-23-21-53-13.compute-1.amazonaws.com nan
19 54.197.247.190 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 6 ec2-54-197-247-190.compute-1.amazonaws.com nan
20 99.84.114.53 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 6 server-99-84-114-53.ewr52.r.cloudfront.net nan
21 192.138.218.207 Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_2 6 rd.bizrate.com nan
22 100.37.135.2 New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 6 pool-100-37-135-2.nycmny.fios.verizon.net nan
23 99.84.114.17 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 4 server-99-84-114-17.ewr52.r.cloudfront.net nan
24 212.32.252.81 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_2 4 nan nan
25 212.32.249.98 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_2 4 nan nan
26 3.128.251.116 Hilliard Ohio AS16509 Amazon.com, Inc. 43026 United States tier_2 4 ec2-3-128-251-116.us-east-2.compute.amazonaws.com nan
27 34.207.43.7 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 4 ec2-34-207-43-7.compute-1.amazonaws.com nan
28 172.232.19.138 Newark New Jersey AS20940 Akamai International B.V. 07175 United States tier_2 4 a172-232-19-138.deploy.static.akamaitechnologies.com nan
29 35.190.64.22 Kansas City Missouri AS15169 Google LLC 64121 United States tier_2 3 22.64.190.35.bc.googleusercontent.com True
30 104.21.60.64 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 41 nan True
31 104.21.75.98 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 27 nan True
32 172.67.192.183 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 20 nan True
33 104.21.94.161 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 18 nan True
34 35.246.171.123 Frankfurt am Main Hesse AS15169 Google LLC 60311 Germany tier_3 15 123.171.246.35.bc.googleusercontent.com nan
35 67.227.172.40 Lansing Michigan AS32244 Liquid Web, L.L.C 48901 United States tier_3 14 nan nan
36 104.21.11.199 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 13 nan True
37 172.67.220.94 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 9 nan True
38 35.209.61.240 Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_3 8 240.61.209.35.bc.googleusercontent.com nan
39 172.67.138.17 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 7 nan True
40 100.37.135.2 New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 6 pool-100-37-135-2.nycmny.fios.verizon.net nan
41 172.67.167.55 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 3 nan True
42 104.21.78.145 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 3 nan True
43 52.217.97.102 Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 2 s3-1.amazonaws.com nan
44 52.216.249.206 Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 2 s3-1.amazonaws.com nan
45 54.163.189.80 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 ec2-54-163-189-80.compute-1.amazonaws.com nan
46 172.232.19.147 Newark New Jersey AS20940 Akamai International B.V. 07175 United States tier_3 1 a172-232-19-147.deploy.static.akamaitechnologies.com nan
47 104.21.80.8 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 nan True
48 35.174.35.73 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 ec2-35-174-35-73.compute-1.amazonaws.com nan
49 3.234.0.165 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 ec2-3-234-0-165.compute-1.amazonaws.com nan
50 52.216.186.21 Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 s3-1.amazonaws.com nan
51 104.21.77.6 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 nan True
52 13.107.42.14 Redmond Washington AS8068 Microsoft Corporation 98052 United States tier_3 1 nan True
53 198.54.112.216 San Jose California AS22612 Namecheap, Inc. 95103 United States tier_3 1 nan nan
54 104.16.9.138 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 nan True
55 184.85.16.53 Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 1 a184-85-16-53.deploy.static.akamaitechnologies.com nan
56 107.23.69.42 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 ec2-107-23-69-42.compute-1.amazonaws.com nan
57 104.17.47.14 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 nan True
58 52.216.162.85 Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 s3-1.amazonaws.com nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website