Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
02272328500132021-04-13185.107.56.199Iphone
tierdomaincountregistrarname_serversorg
0tier_1akerdersevi.com1DYNADOT9 LLCNS1.COMMONMX.COMNone
1tier_1adultstarmakers.com1eNom389, IncorporatedNS1.COMMONMX.COMNone
2tier_128277b.com1Sliceofheaven Domains, LLCNS1.COMMONMX.COMNone
3tier_12012columbo.com1TUCOWS, INC.NS1.COMMONMX.COMContact Privacy Inc. Customer 0159174620
4tier_1americanstrikermma.com1Communigal Communication LtdNS1.COMMONMX.COMNone
5tier_1acylogy.com1Snag Your Name LLCNS1.COMMONMX.COMNone
6tier_158xingqu.com1MidWest Domains LLCNS1.COMMONMX.COMNone
7tier_148dc47c7234e5258.com1Communigal Communication LtdNS1.COMMONMX.COMNone
8tier_1alantemusic.com1New Order Domains, LLCNS1.COMMONMX.COMNone
9tier_1acusp.info1Communigal Communication LtdNS1.COMMONMX.COMNone
10tier_2click.expmediadirect.com82NoneNoneNone
11tier_2aristo-hag.com49Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGWhois Privacy Service
12tier_2btpnav.com451API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
13tier_2atnpx.com40GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMDomains By Proxy, LLC
14tier_2api.apptap.com35Amazon Registrar, Inc.NS-1256.AWSDNS-29.ORGWhois Privacy Service
15tier_2redirect.viglink.com34Amazon Registrar, Inc.NS1.VIGLINK.COMWhois Privacy Service
16tier_2link.sylikes.com34MarkMonitor, Inc.NS-1063.AWSDNS-04.ORGConnexity, Inc.
17tier_2api.mplayit.com29Amazon Registrar, Inc.NS-1236.AWSDNS-26.ORGWhois Privacy Service
18tier_2rd.bizrate.com28NoneNoneNone
19tier_2rd.connexity.net25MarkMonitor Inc.NS-1190.AWSDNS-20.ORGNone
20tier_2wayfair.com23NoneNoneNone
21tier_2api.quotes.com13Internet Domain Service BS Corp.NS-CANADA.TOPDNS.COMWhois Privacy Corp.
22tier_2changeslots.com13Instra Corporation Pty Ltd.CLEO.NS.CLOUDFLARE.COMREDACTED FOR PRIVACY
23tier_2btpnative.com81API GmbHNS1.DNSIMPLE.COMRegistrant of btpnative.com
24tier_2exporimy.com7GoDaddy.com, LLCNS-1145.AWSDNS-15.ORGDomains By Proxy, LLC
25tier_2sorrectionki.space7NoneNoneNone
26tier_2infopicked.com7NoneNoneNone
27tier_2ad.doubleclick.net6MarkMonitor, Inc.NS1.GOOGLE.COMGoogle Inc.
28tier_2apptime.xyz6NoneNoneNone
29tier_2rtbstream.com51API GmbHNS1.DNSIMPLE.COMRegistrant of rtbstream.com
30tier_3bestappland.me40NoneNoneNone
31tier_3kbb.com31CSC CORPORATE DOMAINS, INC.PDNS164.ULTRADNS.BIZAutotrader.com
32tier_3wayfair.com_LOOP_121NoneNoneNone
33tier_3theconnectvpn.com13DonDominio (SCIP)ARNOLD.NS.CLOUDFLARE.COMSoluciones Corporativas IP, c/o Whois Proxy
34tier_3robogarden.io9GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMNone
35tier_3storystudio.sfgate.com7CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
36tier_3rd.bizrate.com6MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
37tier_3tackis.xyz6NoneNoneNone
38tier_3wayfair.com_LOOP_22NoneNoneNone
39tier_3music.apple.com2CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
40tier_3vpn1aprotectplus.com1Internet Domain Service BS Corp.SETH.NS.CLOUDFLARE.COMWhois Privacy Corp.
41tier_3vivint.com1GoDaddy.com, LLCNS0.DNSMADEEASY.COMVivint
42tier_3mycitybeat.com1Wild West Domains, LLCNS1.UPTMEDIA.COMDomains By Proxy, LLC
43tier_3beyourxfriend.com1GoDaddy.com, LLCNS0.DNSMADEEASY.COMNone
44tier_3harryanddavid.com_LOOP_11NoneNoneNone
45tier_3bulley.shop1NoneNoneNone
46tier_3irl.com1GoDaddy.com, LLCNS-106.AWSDNS-13.COMDomains By Proxy, LLC
47tier_3adameve.com1Network Solutions, LLCA1-75.AKAM.NETNone
48tier_3ram21.proasdf.com1GoDaddy.com, LLCNS61.DOMAINCONTROL.COMDomains By Proxy, LLC
49tier_3bedbathandbeyond.com1Network Solutions, LLCA1-189.AKAM.NETBed Bath & Beyond Procurement Co. Inc.
50tier_3maurices.com_LOOP_11NoneNoneNone
51tier_3reebok.com1CSC CORPORATE DOMAINS, INC.NS1.NETNAMES.NETReebok International, Ltd.
52tier_3catherines.com1CSC CORPORATE DOMAINS, INC.PDNS1.ULTRADNS.NETFullBeauty Brands Operations, LLC
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0207.244.67.215WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_131nannan
1207.244.67.218WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_126nannan
2207.244.67.214WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_124nannan
3207.244.67.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_118nannan
4206.221.176.184New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_110nannan
5104.243.45.179New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_19nannan
6104.243.45.178New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_17nannan
7104.243.45.190New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_16nannan
8185.107.56.198RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_13nannan
9185.107.56.199RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_13nannan
10198.134.116.30New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_282nannan
11192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_36nannan
12209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_258nannan
1352.206.141.190AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_234ec2-52-206-141-190.compute-1.amazonaws.comnan
14192.138.218.139SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_225rd.connexity.netnan
15172.67.74.77San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_223nanTrue
1623.39.32.237NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_223a23-39-32-237.deploy.static.akamaitechnologies.comnan
1734.197.67.232AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_219ec2-34-197-67-232.compute-1.amazonaws.comnan
183.226.37.31AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_217ec2-3-226-37-31.compute-1.amazonaws.comnan
1934.225.128.119AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_217ec2-34-225-128-119.compute-1.amazonaws.comnan
2052.72.29.7AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_216ec2-52-72-29-7.compute-1.amazonaws.comnan
2134.197.176.2AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_214ec2-34-197-176-2.compute-1.amazonaws.comnan
2254.208.107.202AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_214ec2-54-208-107-202.compute-1.amazonaws.comnan
235.79.68.236AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_213nannan
2434.207.32.33AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_213ec2-34-207-32-33.compute-1.amazonaws.comnan
2552.205.177.114AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_211ec2-52-205-177-114.compute-1.amazonaws.comnan
26104.26.10.53San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_211nanTrue
27173.239.53.32New York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_29nannan
28173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_2818.65.c0ad.ip4.static.sl-reverse.comnan
2918.235.67.128AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_27ec2-18-235-67-128.compute-1.amazonaws.comnan
30142.93.4.215North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_340nannan
3123.44.217.143NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_331a23-44-217-143.deploy.static.akamaitechnologies.comnan
32100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_327pool-100-37-135-2.nycmny.fios.verizon.netnan
33172.67.181.234San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_38nanTrue
34104.21.80.8San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_37nanTrue
35151.101.0.200San FranciscoCaliforniaAS54113 Fastly94107United Statestier_37nanTrue
36192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_36nannan
37104.21.91.236San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_35nanTrue
38104.21.65.93San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_34nanTrue
39172.67.172.143San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
40172.67.189.184San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
41172.67.169.241San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
42104.18.11.116San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
43209.87.151.122DetroitMichiganAS36444 Liquid Web, L.L.C48226United Statestier_31server1.uptmedia.comnan
4445.33.8.244RichardsonTexasAS63949 Linode, LLC75080United Statestier_31li962-244.members.linode.comnan
45104.21.25.197San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
4664.227.12.111North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_31nannan
4723.73.247.78EdisonNew JerseyAS16625 Akamai Technologies, Inc.08817United Statestier_31a23-73-247-78.deploy.static.akamaitechnologies.comnan
48162.243.10.151New York CityNew YorkAS14061 DigitalOcean, LLC10011United Statestier_31nannan
4923.38.173.123NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31a23-38-173-123.deploy.static.akamaitechnologies.comnan
5023.44.210.223EdisonNew JerseyAS16625 Akamai Technologies, Inc.08817United Statestier_31a23-44-210-223.deploy.static.akamaitechnologies.comnan
51204.141.88.99ChicagoIllinoisAS393259 Yottaa, Inc60666United Statestier_31nannan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website