Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 253 262 1001 1 16 2021-04-16 185.107.56.199 Android
tier domain count registrar name_servers org
0 tier_1 erotop.info 1 DYNADOT LLC NS1.COMMONMX.COM None
1 tier_1 best-ga.me 1 Dynadot, LLC None None
2 tier_1 aurbataao.com 1 TUCOWS, INC. NS1.COMMONMX.COM Contact Privacy Inc. Customer 0159179997
3 tier_1 atransmissionclinic.com 1 ! #1 Host Canada, Inc. NS1.COMMONMX.COM None
4 tier_1 skymaps.org 1 GoDaddy.com, LLC NS1.COMMONMX.COM None
5 tier_1 bicoholics.com 1 TUCOWS, INC. NS1.COMMONMX.COM Contact Privacy Inc. Customer 0158852663
6 tier_1 massagista.org 1 GoDaddy.com, LLC NS1.COMMONMX.COM None
7 tier_1 brainwaves.me 1 Dynadot, LLC None None
8 tier_1 verid.org 1 Communigal Communication Ltd NS1.COMMONMX.COM None
9 tier_1 myvgp.org 1 GoDaddy.com, LLC NS1.COMMONMX.COM None
10 tier_2 aristo-hag.com 144 Amazon Registrar, Inc. NS-1226.AWSDNS-25.ORG Whois Privacy Service
11 tier_2 btpnav.com 128 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnav.com
12 tier_2 atnpx.com 105 GoDaddy.com, LLC BECKY.NS.CLOUDFLARE.COM Domains By Proxy, LLC
13 tier_2 ad.doubleclick.net 25 MarkMonitor, Inc. NS1.GOOGLE.COM Google Inc.
14 tier_2 click.expmediadirect.com 15 NAMECHEAP INC NS1.LINODE.COM Privacy service provided by Withheld for Privacy ehf
15 tier_2 api.apptap.com 13 Amazon Registrar, Inc. NS-1256.AWSDNS-29.ORG Whois Privacy Service
16 tier_2 api.mplayit.com 13 Amazon Registrar, Inc. NS-1236.AWSDNS-26.ORG Whois Privacy Service
17 tier_2 redirect.viglink.com 13 Amazon Registrar, Inc. NS1.VIGLINK.COM Whois Privacy Service
18 tier_2 link.sylikes.com 13 MarkMonitor, Inc. NS-1063.AWSDNS-04.ORG Connexity, Inc.
19 tier_2 rd.bizrate.com 13 None None None
20 tier_2 rd.connexity.net 12 None None None
21 tier_2 rtbstream.com 11 1API GmbH NS1.DNSIMPLE.COM Registrant of rtbstream.com
22 tier_2 nizephoros-pom.com 10 Amazon Registrar, Inc. NS-1192.AWSDNS-21.ORG None
23 tier_2 get.popplunder.com 10 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM Privacy service provided by Withheld for Privacy ehf
24 tier_2 trustedpush.com 9 NAMECHEAP INC NS-1142.AWSDNS-14.ORG Privacy service provided by Withheld for Privacy ehf
25 tier_2 win1.trustedpush.com 9 NAMECHEAP INC NS-1142.AWSDNS-14.ORG Privacy service provided by Withheld for Privacy ehf
26 tier_2 media-px.com 8 GoDaddy.com, LLC BECKY.NS.CLOUDFLARE.COM Domains By Proxy, LLC
27 tier_2 wayfair.com 8 MarkMonitor, Inc. A1-100.AKAM.NET Wayfair, LLC
28 tier_2 trackyourmpg.com 7 GoDaddy Online Services Cayman Islands LTD HUGH.NS.CLOUDFLARE.COM None
29 tier_2 btpnative.com 7 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnative.com
30 tier_3 kbb.com 80 CSC CORPORATE DOMAINS, INC. PDNS164.ULTRADNS.BIZ Autotrader.com
31 tier_3 robogarden.io 27 GoDaddy.com, LLC BECKY.NS.CLOUDFLARE.COM None
32 tier_3 storystudio.sfgate.com 18 CSC CORPORATE DOMAINS, INC. NS1.HEARSTNP.COM Hearst Communications, Inc.
33 tier_3 wayfair.com_LOOP_1 7 None None None
34 tier_3 rd.bizrate.com 4 MarkMonitor, Inc. NS-1189.AWSDNS-20.ORG Meredith Corporation
35 tier_3 socalhondadealers.com 4 DREAMHOST NS1.DREAMHOST.COM Proxy Protection LLC
36 tier_3 m.gladplacespin.xyz 4 Epik LLC MARJORY.NS.CLOUDFLARE.COM Anonymize, Inc.
37 tier_3 aristo-hag.com 3 Amazon Registrar, Inc. NS-1226.AWSDNS-25.ORG None
38 tier_3 win4.trustedpush.com 3 NAMECHEAP INC NS-1142.AWSDNS-14.ORG Privacy service provided by Withheld for Privacy ehf
39 tier_3 win2.trustedpush.com 3 NAMECHEAP INC NS-1142.AWSDNS-14.ORG Privacy service provided by Withheld for Privacy ehf
40 tier_3 ram21.proasdf.com 2 GoDaddy.com, LLC NS61.DOMAINCONTROL.COM Domains By Proxy, LLC
41 tier_3 ads.midwayusa.com 2 GoDaddy.com, LLC NS-1486.AWSDNS-57.ORG MidwayUSA
42 tier_3 moneyfinancegold.com 2 NAMECHEAP INC ANNA.NS.CLOUDFLARE.COM Privacy service provided by Withheld for Privacy ehf
43 tier_3 win5.trustedpush.com 2 NAMECHEAP INC NS-1142.AWSDNS-14.ORG Privacy service provided by Withheld for Privacy ehf
44 tier_3 ad.doubleclick.net 2 MarkMonitor, Inc. NS1.GOOGLE.COM Google Inc.
45 tier_3 appliancesconnection.com 1 GoDaddy.com, LLC NS67.DOMAINCONTROL.COM Domains By Proxy, LLC
46 tier_3 b.playspind.xyz 1 Sav.comLLC HUGH.NS.CLOUDFLARE.COM Privacy Protection
47 tier_3 edureka.co 1 Network Solutions, LLC ns-1218.awsdns-24.org kapil
48 tier_3 wayfair.com_LOOP_2 1 None None None
49 tier_3 dollartree.com 1 Network Solutions, LLC A1-230.AKAM.NET None
50 tier_3 m.fastmapc.xyz 1 Sav.comLLC HUGH.NS.CLOUDFLARE.COM Privacy Protection
51 tier_3 orthofeet.com_LOOP_1 1 None None None
52 tier_3 trustedpush.com 1 NameCheap, Inc. NS-1142.AWSDNS-14.ORG None
53 tier_3 google.com 1 MarkMonitor, Inc. NS1.GOOGLE.COM Google LLC
54 tier_3 win3.trustedpush.com 1 NAMECHEAP INC NS-1142.AWSDNS-14.ORG Privacy service provided by Withheld for Privacy ehf
55 tier_3 beyourxfriend.com 1 GoDaddy.com, LLC NS0.DNSMADEEASY.COM None
56 tier_3 atnpx.com 1 GoDaddy.com, LLC BECKY.NS.CLOUDFLARE.COM Domains By Proxy, LLC
57 tier_3 m.placesiteb.xyz 1 Sav.comLLC HUGH.NS.CLOUDFLARE.COM Privacy Protection
58 tier_3 wayfair.com 1 MarkMonitor, Inc. A1-100.AKAM.NET Wayfair, LLC
ip city region org postal country_name tier count hostname anycast
0 207.244.67.214 Washington Washington, D.C. AS30633 Leaseweb USA, Inc. 20045 United States tier_1 24 nan nan
1 207.244.67.215 Washington Washington, D.C. AS30633 Leaseweb USA, Inc. 20045 United States tier_1 24 nan nan
2 104.243.45.178 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 23 nan nan
3 207.244.67.218 Washington Washington, D.C. AS30633 Leaseweb USA, Inc. 20045 United States tier_1 22 nan nan
4 207.244.67.216 Washington Washington, D.C. AS30633 Leaseweb USA, Inc. 20045 United States tier_1 17 nan nan
5 206.221.176.184 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 12 nan nan
6 104.243.45.190 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 8 nan nan
7 104.243.45.179 New York City New York AS23470 ReliableSite.Net LLC 10004 United States tier_1 7 nan nan
8 82.192.82.225 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 4 nan nan
9 74.63.241.21 Dallas Texas AS46475 Limestone Networks, Inc. 75270 United States tier_1 4 21-241-63-74.static.reverse.lstn.net nan
10 209.15.13.136 Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 147 nan nan
11 172.67.74.77 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_2 49 nan True
12 34.197.176.2 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 2 ec2-34-197-176-2.compute-1.amazonaws.com nan
13 104.26.11.53 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 nan True
14 52.72.29.7 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 40 ec2-52-72-29-7.compute-1.amazonaws.com nan
15 54.208.107.202 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 37 ec2-54-208-107-202.compute-1.amazonaws.com nan
16 18.235.67.128 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 ec2-18-235-67-128.compute-1.amazonaws.com nan
17 192.138.218.207 Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_3 4 rd.bizrate.com nan
18 204.44.79.214 Los Angeles California AS8100 QuadraNet Enterprises LLC 90014 United States tier_2 18 204.44.79.214.static.quadranet.com nan
19 198.134.116.30 New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 15 nan nan
20 104.26.10.53 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_2 13 nan True
21 3.224.109.140 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 12 ec2-3-224-109-140.compute-1.amazonaws.com nan
22 192.138.218.139 Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_2 12 rd.connexity.net nan
23 13.225.62.7 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 2 server-13-225-62-7.ewr53.r.cloudfront.net nan
24 13.225.62.54 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 2 server-13-225-62-54.ewr53.r.cloudfront.net nan
25 34.199.180.187 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 10 ec2-34-199-180-187.compute-1.amazonaws.com nan
26 13.225.62.107 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 2 server-13-225-62-107.ewr53.r.cloudfront.net nan
27 54.197.172.17 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 8 ec2-54-197-172-17.compute-1.amazonaws.com nan
28 23.41.189.99 Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 1 a23-41-189-99.deploy.static.akamaitechnologies.com nan
29 52.21.176.105 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 7 ec2-52-21-176-105.compute-1.amazonaws.com nan
30 23.44.217.143 Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 80 a23-44-217-143.deploy.static.akamaitechnologies.com nan
31 172.67.172.143 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 19 nan True
32 151.101.0.200 San Francisco California AS54113 Fastly 94107 United States tier_3 17 nan True
33 100.37.135.2 New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 13 pool-100-37-135-2.nycmny.fios.verizon.net nan
34 104.21.80.8 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 8 nan True
35 192.138.218.207 Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_3 4 rd.bizrate.com nan
36 35.174.35.73 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 3 ec2-35-174-35-73.compute-1.amazonaws.com nan
37 34.197.176.2 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 2 ec2-34-197-176-2.compute-1.amazonaws.com nan
38 162.243.10.151 New York City New York AS14061 DigitalOcean, LLC 10011 United States tier_3 2 nan nan
39 184.85.9.119 Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 2 a184-85-9-119.deploy.static.akamaitechnologies.com nan
40 104.21.95.173 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 2 nan True
41 104.18.78.149 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 2 nan True
42 104.18.80.149 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 2 nan True
43 13.225.62.107 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 2 server-13-225-62-107.ewr53.r.cloudfront.net nan
44 13.225.62.7 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 2 server-13-225-62-7.ewr53.r.cloudfront.net nan
45 13.225.62.54 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 2 server-13-225-62-54.ewr53.r.cloudfront.net nan
46 104.18.81.149 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 2 nan True
47 34.207.4.240 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 ec2-34-207-4-240.compute-1.amazonaws.com nan
48 24.157.42.211 New York City New York AS6128 Cablevision Systems Corp. 10004 United States tier_3 1 189d2ad3.cst.lightpath.net nan
49 104.18.82.149 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 nan True
50 54.192.100.33 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 1 server-54-192-100-33.ewr53.r.cloudfront.net nan
51 23.73.233.19 Edison New Jersey AS16625 Akamai Technologies, Inc. 08817 United States tier_3 1 a23-73-233-19.deploy.static.akamaitechnologies.com nan
52 151.101.64.200 San Francisco California AS54113 Fastly 94107 United States tier_3 1 nan True
53 172.217.10.102 Clifton New Jersey AS15169 Google LLC 07015 United States tier_3 1 lga34s15-in-f6.1e100.net nan
54 172.217.165.132 Los Angeles California AS15169 Google LLC 90009 United States tier_3 1 lax30s03-in-f4.1e100.net nan
55 45.33.8.244 Richardson Texas AS63949 Linode, LLC 75080 United States tier_3 1 li962-244.members.linode.com nan
56 18.235.67.128 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 ec2-18-235-67-128.compute-1.amazonaws.com nan
57 104.26.11.53 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 nan True
58 172.217.6.198 Westbury New York AS15169 Google LLC 11590 United States tier_3 1 lga25s54-in-f198.1e100.net nan
59 23.41.189.99 Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 1 a23-41-189-99.deploy.static.akamaitechnologies.com nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website