Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
02242297910142021-04-08185.107.56.199Iphone
tierdomaincountregistrarname_serversorg
0tier_1havaispark.com1TUCOWS, INC.NS1.COMMONMX.COMContact Privacy Inc. Customer 0159839698
1tier_1completeitprofessional.com1Heavydomains.net LLCNS1.COMMONMX.COMNone
2tier_1behm.de1NoneNoneNone
3tier_1champshubdxb.com1TUCOWS, INC.NS1.COMMONMX.COMContact Privacy Inc. Customer 0159166652
4tier_1examnotes.net1NameSilo, LLCNS1.COMMONMX.COMSee PrivacyGuardian.org
5tier_1iori-yagami.mobi1DYNADOT LLCNoneNone
6tier_1gokids.de1NoneNoneNone
7tier_1bloz.info1DYNADOT LLCNS1.COMMONMX.COMNone
8tier_1ivho.nl1Sombrero.de Gmbhns1.commonmx.comNone
9tier_1etudions.net1GoDaddy.com, LLCNS1.COMMONMX.COMNone
10tier_2changeslots.com56Instra Corporation Pty Ltd.CLEO.NS.CLOUDFLARE.COMREDACTED FOR PRIVACY
11tier_2rugab-ans.com50Amazon Registrar, Inc.NS-1165.AWSDNS-17.ORGWhois Privacy Service
12tier_2btpnav.com411API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
13tier_2atnpx.com41GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMDomains By Proxy, LLC
14tier_2click.expmediadirect.com36NoneNoneNone
15tier_2api.quotes.com36Internet Domain Service BS Corp.NS-CANADA.TOPDNS.COMWhois Privacy Corp.
16tier_2ad.doubleclick.net28MarkMonitor, Inc.NS1.GOOGLE.COMGoogle Inc.
17tier_2btpnative.com241API GmbHNS1.DNSIMPLE.COMRegistrant of btpnative.com
18tier_2infopicked.com24NAMECHEAP INCNS0.DNSMADEEASY.COMPrivacy service provided by Withheld for Privacy ehf
19tier_2p274639.infopicked.com20NoneNoneNone
20tier_2track.vcdc.com15Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
21tier_2link.sylikes.com11MarkMonitor, Inc.NS-1063.AWSDNS-04.ORGConnexity, Inc.
22tier_2rd.bizrate.com11MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
23tier_2rd.connexity.net10NoneNoneNone
24tier_2clk.rtpdn12.com7NoneNoneNone
25tier_2r.ealeo.com7DYNADOT LLCNS-1186.AWSDNS-20.ORGNone
26tier_2api.apptap.com5Amazon Registrar, Inc.NS-1256.AWSDNS-29.ORGWhois Privacy Service
27tier_2api.mplayit.com5Amazon Registrar, Inc.NS-1236.AWSDNS-26.ORGWhois Privacy Service
28tier_2redirect.viglink.com4Amazon Registrar, Inc.NS1.VIGLINK.COMWhois Privacy Service
29tier_2rtbstream.com21API GmbHNS1.DNSIMPLE.COMRegistrant of rtbstream.com
30tier_3theconnectvpn.com56DonDominio (SCIP)ARNOLD.NS.CLOUDFLARE.COMSoluciones Corporativas IP, c/o Whois Proxy
31tier_3bestappland.me38NoneNoneNone
32tier_3kbb.com28CSC CORPORATE DOMAINS, INC.PDNS164.ULTRADNS.BIZAutotrader.com
33tier_3robogarden.io13GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMNone
34tier_3storystudio.sfgate.com9CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
35tier_3wayfair.com6MarkMonitor, Inc.A1-100.AKAM.NETWayfair, LLC
36tier_3maurices.com_LOOP_12NoneNoneNone
37tier_3go-x34n7wbcoes-ok.live2NoneNoneNone
38tier_3rd.bizrate.com1NoneNoneNone
39tier_3qksrv.net1NoneNoneNone
40tier_3music.apple.com1CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
41tier_3grandinroad.com1Network Solutions, LLCNS1.HSN.NETNone
42tier_3rugab-ans.com1Amazon Registrar, Inc.NS-1165.AWSDNS-17.ORGWhois Privacy Service
43tier_3owletcare.com_LOOP_11NoneNoneNone
44tier_3lampsplus.com_LOOP_11NoneNoneNone
45tier_3equinoxadvertising.com1NoneNoneNone
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0207.244.67.214WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_129nannan
1207.244.67.215WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_125nannan
2207.244.67.218WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_122nannan
3104.243.45.190New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_117nannan
4207.244.67.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_114nannan
5206.221.176.184NewarkNew JerseyAS23470 ReliableSite.Net LLC07175United Statestier_110nannan
6104.243.45.178New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_110nannan
7104.243.45.179New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_16nannan
874.63.241.25DallasTexasAS46475 Limestone Networks, Inc.75270United Statestier_1325-241-63-74.static.reverse.lstn.netnan
974.63.241.21DallasTexasAS46475 Limestone Networks, Inc.75270United Statestier_1321-241-63-74.static.reverse.lstn.netnan
10209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_268nannan
1134.207.32.33AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_256ec2-34-207-32-33.compute-1.amazonaws.comnan
12173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_24418.65.c0ad.ip4.static.sl-reverse.comnan
13198.134.116.30New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_236nannan
145.79.68.236AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_236nannan
15192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_31rd.bizrate.comnan
16104.26.11.53San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_221nanTrue
17167.233.8.197NürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_215static.197.8.233.167.clients.your-server.denan
18172.67.74.77San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_214nanTrue
19172.217.3.102WestburyNew YorkAS15169 Google LLC11590United Statestier_214lga34s18-in-f6.1e100.netnan
2034.207.43.7AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_210ec2-34-207-43-7.compute-1.amazonaws.comnan
2154.208.107.202AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_210ec2-54-208-107-202.compute-1.amazonaws.comnan
22192.138.218.139SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_210rd.connexity.netnan
2352.72.29.7AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-72-29-7.compute-1.amazonaws.comnan
24204.44.79.214Los AngelesCaliforniaAS8100 QuadraNet Enterprises LLC90014United Statestier_29204.44.79.214.static.quadranet.comnan
25173.239.53.32New York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_29nannan
2652.206.108.38AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_29ec2-52-206-108-38.compute-1.amazonaws.comnan
2718.235.67.128AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_27ec2-18-235-67-128.compute-1.amazonaws.comnan
2866.165.243.151Los AngelesCaliforniaAS29802 HIVELOCITY, Inc.90009United Statestier_2766-165-243-151.static.hvvc.usnan
29104.26.10.53San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_26nanTrue
30142.93.4.215North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_338nannan
31172.67.181.234San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_337nanTrue
3223.44.217.143NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_322a23-44-217-143.deploy.static.akamaitechnologies.comnan
33104.21.91.236San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_319nanTrue
3498.129.228.57DallasTexasAS33070 Rackspace Hosting75270United Statestier_39nannan
35172.67.172.143San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_37nanTrue
36104.21.80.8San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_36nanTrue
3723.1.205.179EdisonNew JerseyAS16625 Akamai Technologies, Inc.08817United Statestier_36a23-1-205-179.deploy.static.akamaitechnologies.comnan
3823.39.32.237NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_36a23-39-32-237.deploy.static.akamaitechnologies.comnan
39100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_35pool-100-37-135-2.nycmny.fios.verizon.netnan
40192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_31rd.bizrate.comnan
41104.21.86.43San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
42159.127.43.26WashingtonWashington, D.C.AS25751 Conversant, Inc.20045United Statestier_31nannan
43184.87.71.113NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31a184-87-71-113.deploy.static.akamaitechnologies.comnan
44172.67.214.202San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
4552.72.29.7AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-72-29-7.compute-1.amazonaws.comnan
4669.16.204.63LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_31host.encontext.comnan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website