Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 234 237 830 0 16 2021-04-09 74.63.241.23 Chrome
tier domain count registrar name_servers org
0 tier_1 jkgschool.com 1 GoDaddy.com, LLC NS1.COMMONMX.COM None
1 tier_1 maxo.pro 1 None None None
2 tier_1 evanzhang.me 1 None None None
3 tier_1 gaben.us 1 Communigal Communication Ltd ns2.commonmx.com None
4 tier_1 studiojimbo.io 1 None None None
5 tier_1 la2tatcom.com 1 TUCOWS, INC. NS1.COMMONMX.COM Contact Privacy Inc. Customer 0159165625
6 tier_1 mooncake.us 1 Communigal Communication Ltd ns2.commonmx.com None
7 tier_1 l2s.cc 1 DYNADOT LLC NS1.COMMONMX.COM None
8 tier_1 tophost.pro 1 None None None
9 tier_1 verid.org 1 None None None
10 tier_2 rqhere2.com 104 None None None
11 tier_2 click.expmediadirect.com 101 None None None
12 tier_2 btpnav.com 45 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnav.com
13 tier_2 1496.rawlexi.com 39 GoDaddy Online Services Cayman Islands LTD NS-128.AWSDNS-16.COM None
14 tier_2 americanlisted.com 35 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
15 tier_2 9nl.es 19 None None None
16 tier_2 newre-conversions.clickmeter.com 19 REGISTER S.P.A. NS-1498.AWSDNS-59.ORG REDACTED FOR PRIVACY
17 tier_2 trk.jometer.com 17 Amazon Registrar, Inc. NS-129.AWSDNS-16.COM Whois Privacy Service
18 tier_2 api.l5srv.net 14 GoDaddy.com, LLC NS53.DOMAINCONTROL.COM Domains By Proxy, LLC
19 tier_2 aristo-hag.com 7 Amazon Registrar, Inc. NS-1226.AWSDNS-25.ORG Whois Privacy Service
20 tier_2 clk.rtpdn12.com 6 None None None
21 tier_2 rtbstream.com 6 1API GmbH NS1.DNSIMPLE.COM Registrant of rtbstream.com
22 tier_2 ads35.adtelligent.com 5 DANESCO TRADING LTD NS.ANYCASTNS1.ORG Vertamedia,LLC
23 tier_2 dsp35.adtelligent.com 5 DANESCO TRADING LTD NS.ANYCASTNS1.ORG Vertamedia,LLC
24 tier_2 aldb1.mysearch.space 5 None None None
25 tier_2 externals-1953518744.us-east-1.elb.amazonaws.com 5 MarkMonitor, Inc. R1.AMAZONAWS.COM Amazon.com, Inc.
26 tier_2 search.snjsearch.com 5 GoDaddy.com, LLC NS73.DOMAINCONTROL.COM Domains By Proxy, LLC
27 tier_2 track.vcdc.com 5 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
28 tier_2 click.appcast.io 5 None None None
29 tier_2 whatjobs.com 3 123-Reg Limited VIDA.NS.CLOUDFLARE.COM None
30 tier_3 healthideal.club 61 None None None
31 tier_3 healthyspirit.info 28 None None None
32 tier_3 naturalsymud.club 15 None None None
33 tier_3 us.tideri.com 14 united domains AG NS.UDAG.DE None
34 tier_3 upward.careers 14 GoDaddy.com, LLC ns21.domaincontrol.com Domains By Proxy, LLC
35 tier_3 bing.com 5 MarkMonitor, Inc. DNS1.P09.NSONE.NET Microsoft Corporation
36 tier_3 americanlisted.com 3 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
37 tier_3 click.appcast.io 2 None None None
38 tier_3 ram21.proasdf.com 2 GoDaddy.com, LLC NS61.DOMAINCONTROL.COM Domains By Proxy, LLC
39 tier_3 click.appcast.io_LOOP_1 2 None None None
40 tier_3 signup.finddreamjobs.com 2 GoDaddy.com, LLC ALEXIS.NS.CLOUDFLARE.COM Find Dream Jobs
41 tier_3 1.contentgate.uno 1 None None None
42 tier_3 google.com_LOOP_1 1 None None None
43 tier_3 driverfixersoftware.com 1 TLDS L.L.C. d/b/a SRSPlus NINA.NS.CLOUDFLARE.COM None
44 tier_3 opticsplanet.com 1 GoDaddy.com, LLC NS1.ECENTRIA.COM ECENTRIA IPH, LLC
45 tier_3 rd.bizrate.com 1 MarkMonitor, Inc. NS-1189.AWSDNS-20.ORG Meredith Corporation
46 tier_3 search.discoverweb.com 1 GoDaddy.com, LLC NINA.NS.CLOUDFLARE.COM Domains By Proxy, LLC
47 tier_3 higher-hire.com 1 Name.com, Inc. NS1GMZ.NAME.COM Everlong Media, LLC
48 tier_3 reebok.com 1 CSC CORPORATE DOMAINS, INC. NS1.NETNAMES.NET Reebok International, Ltd.
49 tier_3 wayfair.com 1 MarkMonitor, Inc. A1-100.AKAM.NET Wayfair, LLC
50 tier_3 saferealestatesearch.com 1 GoDaddy.com, LLC NS63.DOMAINCONTROL.COM Domains By Proxy, LLC
51 tier_3 2.contentgate.uno 1 None None None
ip city region org postal country_name tier count hostname anycast
0 207.244.67.218 Washington Washington, D.C. AS30633 Leaseweb USA, Inc. 20045 United States tier_1 27 nan nan
1 207.244.67.215 Washington Washington, D.C. AS30633 Leaseweb USA, Inc. 20045 United States tier_1 24 nan nan
2 207.244.67.216 Washington Washington, D.C. AS30633 Leaseweb USA, Inc. 20045 United States tier_1 20 nan nan
3 206.221.176.184 Newark New Jersey AS23470 ReliableSite.Net LLC 07175 United States tier_1 17 nan nan
4 207.244.67.214 Washington Washington, D.C. AS30633 Leaseweb USA, Inc. 20045 United States tier_1 16 nan nan
5 104.243.45.179 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 9 nan nan
6 104.243.45.178 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 6 nan nan
7 104.243.45.190 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 6 nan nan
8 82.192.82.225 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 6 nan nan
9 37.48.65.150 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 3 nan nan
10 167.99.3.175 North Bergen New Jersey AS14061 DigitalOcean, LLC 07047 United States tier_2 104 nan nan
11 198.134.116.30 New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 103 nan nan
12 209.15.13.136 Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 52 nan nan
13 198.54.112.216 San Jose California AS22612 Namecheap, Inc. 95103 United States tier_2 39 nan nan
14 35.209.61.240 Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_3 3 240.61.209.35.bc.googleusercontent.com nan
15 67.227.173.37 Lansing Michigan AS32244 Liquid Web, L.L.C 48901 United States tier_2 14 nan nan
16 23.21.166.230 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 12 ec2-23-21-166-230.compute-1.amazonaws.com nan
17 54.235.205.204 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 12 ec2-54-235-205-204.compute-1.amazonaws.com nan
18 99.84.114.53 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 8 server-99-84-114-53.ewr52.r.cloudfront.net nan
19 54.197.247.190 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 7 ec2-54-197-247-190.compute-1.amazonaws.com nan
20 23.21.53.13 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 7 ec2-23-21-53-13.compute-1.amazonaws.com nan
21 173.239.53.32 New York City New York AS27257 Webair Internet Development Company Inc. 10004 United States tier_2 6 nan nan
22 192.138.218.207 Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_3 1 nan nan
23 209.205.202.42 New York City New York AS55081 24 SHELLS 10004 United States tier_2 5 static-42-202-205-209.24shells.net nan
24 209.205.202.43 New York City New York AS55081 24 SHELLS 10004 United States tier_2 5 static-43-202-205-209.24shells.net nan
25 35.162.164.74 Boardman Oregon AS16509 Amazon.com, Inc. 97818 United States tier_2 5 ec2-35-162-164-74.us-west-2.compute.amazonaws.com nan
26 99.84.114.65 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 5 server-99-84-114-65.ewr52.r.cloudfront.net nan
27 178.62.225.201 Amsterdam North Holland AS14061 DigitalOcean, LLC 1012 Netherlands tier_3 2 nan nan
28 167.233.8.197 N├╝rnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 5 static.197.8.233.167.clients.your-server.de nan
29 34.207.43.7 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 4 ec2-34-207-43-7.compute-1.amazonaws.com nan
30 104.21.59.182 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 37 nan True
31 172.67.182.64 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 24 nan True
32 35.246.171.123 Frankfurt am Main Hesse AS15169 Google LLC 60311 Germany tier_3 14 123.171.246.35.bc.googleusercontent.com nan
33 67.227.172.40 Lansing Michigan AS32244 Liquid Web, L.L.C 48901 United States tier_3 14 nan nan
34 104.21.30.32 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 14 nan True
35 100.37.135.2 New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 14 pool-100-37-135-2.nycmny.fios.verizon.net nan
36 172.67.219.181 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 8 nan True
37 104.21.38.63 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 7 nan True
38 172.67.150.117 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 4 nan True
39 204.79.197.200 Redmond Washington AS8068 Microsoft Corporation 98052 United States tier_3 3 a-0001.a-msedge.net True
40 35.209.61.240 Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_3 3 240.61.209.35.bc.googleusercontent.com nan
41 13.107.21.200 Redmond Washington AS8068 Microsoft Corporation 98052 United States tier_3 2 nan True
42 178.62.225.201 Amsterdam North Holland AS14061 DigitalOcean, LLC 1012 Netherlands tier_3 2 nan nan
43 162.243.10.151 New York City New York AS14061 DigitalOcean, LLC 10011 United States tier_3 2 nan nan
44 104.17.47.14 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 2 nan True
45 52.3.4.129 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 ec2-52-3-4-129.compute-1.amazonaws.com nan
46 104.21.83.108 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 nan True
47 100.25.52.1 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 ec2-100-25-52-1.compute-1.amazonaws.com nan
48 152.195.32.168 Ashburn Virginia AS15133 MCI Communications Services, Inc. d/b/a Verizon Business 20147 United States tier_3 1 nan True
49 192.138.218.207 Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_3 1 nan nan
50 104.21.95.133 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 nan True
51 23.44.210.223 Edison New Jersey AS16625 Akamai Technologies, Inc. 08817 United States tier_3 1 a23-44-210-223.deploy.static.akamaitechnologies.com nan
52 23.41.189.99 Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 1 a23-41-189-99.deploy.static.akamaitechnologies.com nan
53 134.122.9.169 Clifton New Jersey AS14061 DigitalOcean, LLC 07014 United States tier_3 1 nan nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website