Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
025325210500162021-04-2174.63.241.23Android
tierdomaincountregistrarname_serversorg
0tier_1microcephaly.us1Communi Gal Communications Ltd.ns2.commonmx.comNone
1tier_1epayfaucets.com1TUCOWS, INC.NS1.COMMONMX.COMContact Privacy Inc. Customer 0159169997
2tier_1tsimokh.name1NoneNoneNone
3tier_1rissospacificos.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
4tier_1ecovillages.us1Communi Gal Communications Ltd.ns2.commonmx.comNone
5tier_1canon-support.us1Dynadot LLCns2.commonmx.comNone
6tier_1detox-cleanse.us1Communi Gal Communications Ltd.ns2.commonmx.comNone
7tier_1pecl.net1GoDaddy.com, LLCNS1.COMMONMX.COMNone
8tier_1styling.name1NoneNoneNone
9tier_1blatle.net1TUCOWS, INC.NS1.COMMONMX.COMContact Privacy Inc. Customer 0158496796
10tier_21496.rawlexi.com190GoDaddy Online Services Cayman Islands LTDNS-128.AWSDNS-16.COMNone
11tier_2americanlisted.com186ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
12tier_29nl.es40NoneNoneNone
13tier_2newre-conversions.clickmeter.com40REGISTER S.P.A.NS-1498.AWSDNS-59.ORGREDACTED FOR PRIVACY
14tier_2trk.jometer.com40Amazon Registrar, Inc.NS-129.AWSDNS-16.COMWhois Privacy Service
15tier_2api.l5srv.net39GoDaddy.com, LLCNS53.DOMAINCONTROL.COMDomains By Proxy, LLC
16tier_2rd.centrumjobs.com16GoDaddy.com, LLCNS-1527.AWSDNS-62.ORGDomains By Proxy, LLC
17tier_2click.appcast.io15101Domain GRS LtdNS-85.AWSDNS-10.COMNone
18tier_2rd.hpjalerts.com11GoDaddy.com, LLCNS-1342.AWSDNS-39.ORGDomains By Proxy, LLC
19tier_2systems.job.com7GoDaddy Online Services Cayman Islands LTDCASS.NS.CLOUDFLARE.COMNone
20tier_2click.appcast.io_LOOP_17NoneNoneNone
21tier_2nizephoros-pom.com3Amazon Registrar, Inc.NS-1192.AWSDNS-21.ORGWhois Privacy Service
22tier_2get.popplunder.com3NoneNoneNone
23tier_2trustedpush.com3NoneNoneNone
24tier_2win1.trustedpush.com3NoneNoneNone
25tier_2win2.trustedpush.com3NoneNoneNone
26tier_2win3.trustedpush.com3NoneNoneNone
27tier_2rd.windwardjobs.com3GoDaddy.com, LLCNS1045.UI-DNS.BIZDomains By Proxy, LLC
28tier_2open.app.jobrapido.com3Marcaria.com International, Inc.NS-CLOUD-D1.GOOGLEDOMAINS.COMGDPR Masked
29tier_2us.jobrapido.com3Marcaria.com International, Inc.NS-CLOUD-D1.GOOGLEDOMAINS.COMGDPR Masked
30tier_3google.com117MarkMonitor, Inc.NS1.GOOGLE.COMGoogle LLC
31tier_3upward.careers39GoDaddy.com, LLCns21.domaincontrol.comDomains By Proxy, LLC
32tier_3neuvoo.com13NoneNoneNone
33tier_3findatruckerjob.com11GoDaddy.com, LLCNS63.DOMAINCONTROL.COMDomains By Proxy, LLC
34tier_3americanlisted.com5ilait ABNS1.TELECOM3.NETIntegration 3 Group AB
35tier_3open.app.jobrapido.com_LOOP_13NoneNoneNone
36tier_3toryburch.com2CSC CORPORATE DOMAINS, INC.DNS1.CSCDNS.NETRiver Light V, L.P.
37tier_3win5.trustedpush.com2NoneNoneNone
38tier_3booking.com_LOOP_11NoneNoneNone
39tier_3whatjobs.com1123-Reg LimitedVIDA.NS.CLOUDFLARE.COMNone
40tier_3win4.trustedpush.com1NoneNoneNone
41tier_3robogarden.io1GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMNone
42tier_3socalhondadealers.com1DREAMHOSTNS1.DREAMHOST.COMProxy Protection LLC
43tier_3talent.com1Namespro Solutions INC.NS-1486.AWSDNS-57.ORGNamespro.ca PrivateWHOIS
44tier_3click.appcast.io1101Domain GRS LtdNS-85.AWSDNS-10.COMNone
45tier_3amazon.com1MarkMonitor, Inc.NS1.P31.DYNECT.NETAmazon Technologies, Inc.
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0207.244.67.218WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_129nannan
1207.244.67.214WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_125nannan
2207.244.67.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_125nannan
3207.244.67.215WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_125nannan
4104.243.45.179New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_119nannan
5104.243.45.178New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_114nannan
6104.243.45.190New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_112nannan
782.192.82.226AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_17nannan
8206.221.176.184New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_16nannan
982.192.82.225AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_15nannan
10198.54.112.216San JoseCaliforniaAS22612 Namecheap, Inc.95103United Statestier_2190nannan
1135.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_35240.61.209.35.bc.googleusercontent.comnan
1267.227.173.37LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_239nannan
1354.197.247.190AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_223ec2-54-197-247-190.compute-1.amazonaws.comnan
1423.21.53.13AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_220ec2-23-21-53-13.compute-1.amazonaws.comnan
1554.235.205.204AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_220ec2-54-235-205-204.compute-1.amazonaws.comnan
1623.21.166.45AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_217ec2-23-21-166-45.compute-1.amazonaws.comnan
1799.84.126.61NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_32server-99-84-126-61.ewr52.r.cloudfront.netnan
1899.84.126.24NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_212server-99-84-126-24.ewr52.r.cloudfront.netnan
1999.84.126.65NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_211server-99-84-126-65.ewr52.r.cloudfront.netnan
2099.84.126.52NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_29server-99-84-126-52.ewr52.r.cloudfront.netnan
2199.84.126.63NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_28server-99-84-126-63.ewr52.r.cloudfront.netnan
223.226.165.125AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_27ec2-3-226-165-125.compute-1.amazonaws.comnan
233.234.0.165AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-3-234-0-165.compute-1.amazonaws.comnan
24100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_35pool-100-37-135-2.nycmny.fios.verizon.netnan
2552.203.101.113AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_27ec2-52-203-101-113.compute-1.amazonaws.comnan
2652.200.26.103AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_27ec2-52-200-26-103.compute-1.amazonaws.comnan
2734.196.177.100AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_25ec2-34-196-177-100.compute-1.amazonaws.comnan
28192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_24rd.bizrate.comnan
2952.3.4.129AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_24ec2-52-3-4-129.compute-1.amazonaws.comnan
3067.227.172.40LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_339nannan
31172.217.7.4Clinton CornersNew YorkAS15169 Google LLC12514United Statestier_337lga25s56-in-f4.1e100.netnan
32172.217.10.132CliftonNew JerseyAS15169 Google LLC07015United Statestier_324lga34s16-in-f4.1e100.netnan
33172.217.12.132CliftonNew JerseyAS15169 Google LLC07015United Statestier_322lga34s19-in-f4.1e100.netnan
34172.217.11.4New York CityNew YorkAS15169 Google LLC10004United Statestier_319lga25s60-in-f4.1e100.netnan
35142.250.64.100WestburyNew YorkAS15169 Google LLC11590United Statestier_315lga34s31-in-f4.1e100.netnan
3635.209.61.240Council BluffsIowaAS15169 Google LLC51502United Statestier_35240.61.209.35.bc.googleusercontent.comnan
37100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_35pool-100-37-135-2.nycmny.fios.verizon.netnan
3835.171.215.128AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_34ec2-35-171-215-128.compute-1.amazonaws.comnan
3954.173.167.240AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_33ec2-54-173-167-240.compute-1.amazonaws.comnan
4034.232.57.217AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_33ec2-34-232-57-217.compute-1.amazonaws.comnan
4118.232.246.222AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_32ec2-18-232-246-222.compute-1.amazonaws.comnan
4299.84.126.61NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_32server-99-84-126-61.ewr52.r.cloudfront.netnan
4354.159.124.229AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_32ec2-54-159-124-229.compute-1.amazonaws.comnan
4423.38.170.98NewarkNew JerseyAS20940 Akamai International B.V.07175United Statestier_31a23-38-170-98.deploy.static.akamaitechnologies.comnan
45172.67.72.65San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
4654.242.20.247AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-54-242-20-247.compute-1.amazonaws.comnan
4735.175.47.233AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-35-175-47-233.compute-1.amazonaws.comnan
48104.21.80.8San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
4954.163.119.112AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-54-163-119-112.compute-1.amazonaws.comnan
503.229.173.44AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-3-229-173-44.compute-1.amazonaws.comnan
5135.174.35.73AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-35-174-35-73.compute-1.amazonaws.comnan
5234.235.174.239AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-34-235-174-239.compute-1.amazonaws.comnan
5352.21.31.105AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-21-31-105.compute-1.amazonaws.comnan
543.234.0.165AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-3-234-0-165.compute-1.amazonaws.comnan
5523.38.170.41NewarkNew JerseyAS20940 Akamai International B.V.07175United Statestier_31a23-38-170-41.deploy.static.akamaitechnologies.comnan
5623.193.179.89New York CityNew YorkAS16625 Akamai Technologies, Inc.10004United Statestier_31a23-193-179-89.deploy.static.akamaitechnologies.comnan
5752.22.57.118AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-22-57-118.compute-1.amazonaws.comnan
5854.211.44.127AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-54-211-44-127.compute-1.amazonaws.comnan
5934.235.106.23AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-34-235-106-23.compute-1.amazonaws.comnan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website