Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
02272287930162021-04-0974.63.241.23Safari
tierdomaincountregistrarname_serversorg
0tier_1jkgschool.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
1tier_1maxo.pro1DYNADOT LLCNS1.COMMONMX.COMNone
2tier_1mouthpick.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
3tier_1evanzhang.me1GoDaddy.com, LLCNoneNone
4tier_1gaben.us1Communi Gal Communications Ltd.ns2.commonmx.comNone
5tier_1bemember.me1GoDaddy.com, LLCNoneNone
6tier_1studiojimbo.io1Dynadot, LLCNS1.COMMONMX.COMNone
7tier_1la2tatcom.com1TUCOWS, INC.NS1.COMMONMX.COMContact Privacy Inc. Customer 0159165625
8tier_1mooncake.us1Communi Gal Communications Ltd.ns2.commonmx.comNone
9tier_1l2s.cc1DYNADOT LLCNS1.COMMONMX.COMNone
10tier_2rqhere2.com136NoneNoneNone
11tier_2click.expmediadirect.com127NoneNoneNone
12tier_2btpnav.com281API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
13tier_21496.rawlexi.com22GoDaddy Online Services Cayman Islands LTDNS-128.AWSDNS-16.COMNone
14tier_2americanlisted.com21ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
15tier_29nl.es15NoneNoneNone
16tier_2newre-conversions.clickmeter.com15REGISTER S.P.A.NS-1498.AWSDNS-59.ORGREDACTED FOR PRIVACY
17tier_2trk.jometer.com13Amazon Registrar, Inc.NS-129.AWSDNS-16.COMWhois Privacy Service
18tier_2api.l5srv.net10GoDaddy.com, LLCNS53.DOMAINCONTROL.COMDomains By Proxy, LLC
19tier_2nizephoros-pom.com8Amazon Registrar, Inc.NS-1192.AWSDNS-21.ORGWhois Privacy Service
20tier_2clk.rtpdn12.com7NoneNoneNone
21tier_2track.vcdc.com6Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
22tier_2click.appcast.io6101Domain GRS LtdNS-85.AWSDNS-10.COMNone
23tier_2managerformula.com4NoneNoneNone
24tier_2aristo-hag.com3Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGWhois Privacy Service
25tier_2click.junmediadirect.com3NAMECHEAP INCNS1.LINODE.COMPrivacy service provided by Withheld for Privacy ehf
26tier_2ring.joveo.com2Go Canada Domains, LLCNS-1256.AWSDNS-29.ORGDomains By Proxy, LLC
27tier_2xml.onwardclick.com1NoneNoneNone
28tier_2thelastpicture.show1NoneNoneNone
29tier_262885.click.validclick.net1Safenames LtdNS1.FULLMAILBOX.COMNone
30tier_3naturalsymud.club69NameCheap, Inc.molly.ns.cloudflare.comPrivacy service provided by Withheld for Privacy ehf
31tier_3healthideal.club66NoneNoneNone
32tier_3upward.careers10GoDaddy.com, LLCns21.domaincontrol.comDomains By Proxy, LLC
33tier_3s3.amazonaws.com5MarkMonitor, Inc.R1.AMAZONAWS.COMAmazon.com, Inc.
34tier_3us.tideri.com4united domains AGNS.UDAG.DENone
35tier_3managerformula.com3NoneNoneNone
36tier_3signup.finddreamjobs.com2GoDaddy.com, LLCALEXIS.NS.CLOUDFLARE.COMFind Dream Jobs
37tier_3whatjobs.com2123-Reg LimitedVIDA.NS.CLOUDFLARE.COMNone
38tier_3thelastpicture.show_LOOP_11NoneNoneNone
39tier_3storystudio.sfgate.com1CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
40tier_3monster.com1CSC CORPORATE DOMAINS, INC.NS1.TMPW.NETMonster Worldwide, Inc.
41tier_3bing.com_LOOP_11NoneNoneNone
42tier_3blockchain-com.email1NameSilo, LLCns1.selectel.orgSee PrivacyGuardian.org
43tier_3jobleads.com1united domains AGCRUZ.NS.CLOUDFLARE.COMNone
44tier_3xzb.subeamy.pw1NoneNoneNone
45tier_3americanlisted.com1ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
46tier_31751869267.rsc.cdn77.org1GRANSY S.R.O D/B/A SUBREG.CZNS1.CDN77.ORGDataCamp Limited
47tier_3trk.careerbliss.com1GoDaddy.com, LLCNS10.DNSMADEEASY.COMDomains By Proxy, LLC
48tier_3macpaw.com1GANDI SASNS-1492.AWSDNS-58.ORGMacPaw Family Ltd.
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0207.244.67.214WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_130nannan
1207.244.67.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_125nannan
2207.244.67.215WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_124nannan
3207.244.67.218WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_123nannan
4206.221.176.184NewarkNew JerseyAS23470 ReliableSite.Net LLC07175United Statestier_112nannan
5104.243.45.178New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_111nannan
6104.243.45.190New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_19nannan
7104.243.45.179New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_16nannan
837.48.65.148AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_15nannan
9185.107.56.198RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_13nannan
10167.99.3.175North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_2136nannan
11198.134.116.30New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_2128nannan
12209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_228nannan
13198.54.112.216San JoseCaliforniaAS22612 Namecheap, Inc.95103United Statestier_222nannan
1435.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_31240.61.209.35.bc.googleusercontent.comnan
1523.21.166.230AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_210ec2-23-21-166-230.compute-1.amazonaws.comnan
1623.21.53.13AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_210ec2-23-21-53-13.compute-1.amazonaws.comnan
1767.227.173.37LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_210nannan
18173.239.53.32New York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_28nannan
1999.84.114.53NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_26server-99-84-114-53.ewr52.r.cloudfront.netnan
20167.233.8.197NürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_26static.197.8.233.167.clients.your-server.denan
2154.197.247.190AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_25ec2-54-197-247-190.compute-1.amazonaws.comnan
2254.235.205.204AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_25ec2-54-235-205-204.compute-1.amazonaws.comnan
2399.84.114.25NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_25server-99-84-114-25.ewr52.r.cloudfront.netnan
2454.208.107.202AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_24ec2-54-208-107-202.compute-1.amazonaws.comnan
25198.134.116.18New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_23nannan
2618.235.67.128AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_22ec2-18-235-67-128.compute-1.amazonaws.comnan
273.234.0.165AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_22ec2-3-234-0-165.compute-1.amazonaws.comnan
2834.197.176.2AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_22ec2-34-197-176-2.compute-1.amazonaws.comnan
2952.3.4.129AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_22ec2-52-3-4-129.compute-1.amazonaws.comnan
30104.21.59.182San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_340nanTrue
31104.21.38.63San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_336nanTrue
32172.67.219.181San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_333nanTrue
33172.67.182.64San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_326nanTrue
3467.227.172.40LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_310nannan
3535.246.171.123Frankfurt am MainHesseAS15169 Google LLC60311Germanytier_34123.171.246.35.bc.googleusercontent.comnan
36100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_32pool-100-37-135-2.nycmny.fios.verizon.netnan
37104.17.47.14San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
3852.216.107.150AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_32s3-1.amazonaws.comnan
39104.26.7.145San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
4023.200.0.9EdisonNew JerseyAS20940 Akamai International B.V.08817United Statestier_31a23-200-0-9.deploy.static.akamaitechnologies.comnan
4152.217.41.182AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31s3-1.amazonaws.comnan
4298.129.228.57DallasTexasAS33070 Rackspace Hosting75270United Statestier_31nannan
4352.217.101.190AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31s3-1.amazonaws.comnan
4499.84.47.112NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31server-99-84-47-112.ewr52.r.cloudfront.netnan
455.8.47.52HaarlemNorth HollandAS209813 Fast Content Delivery LTD2031Netherlandstier_31nannan
4652.217.40.166AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31s3-1.amazonaws.comnan
4723.200.0.41EdisonNew JerseyAS20940 Akamai International B.V.08817United Statestier_31a23-200-0-41.deploy.static.akamaitechnologies.comnan
48194.6.195.224HamburgHamburgAS39227 Corpex Internet GmbH20038Germanytier_31www.jobleads.denan
4935.165.21.241BoardmanOregonAS16509 Amazon.com, Inc.97818United Statestier_31ec2-35-165-21-241.us-west-2.compute.amazonaws.comnan
5035.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_31240.61.209.35.bc.googleusercontent.comnan
51156.146.36.24New York CityNew YorkAS60068 Datacamp Limited10004United Statestier_31unn-156-146-36-24.cdn77.comnan
5223.200.0.13EdisonNew JerseyAS20940 Akamai International B.V.08817United Statestier_31a23-200-0-13.deploy.static.akamaitechnologies.comnan
53207.38.44.116Los AngelesCaliforniaAS5693 Latisys-Irvine, LLC90009United Statestier_31cbsmtp1.careerbliss.comnan
5435.224.231.200Council BluffsIowaAS15169 Google LLC51502United Statestier_31200.231.224.35.bc.googleusercontent.comnan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website