Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
02702709700242021-04-19185.107.56.199Iphone
tierdomaincountregistrarname_serversorg
0tier_1ehacker.co1Dynadot LLCns2.commonmx.comNone
1tier_1bitmatngu.net1GoDaddy.com, LLCNS1.COMMONMX.COMNone
2tier_1alredha.net1GoDaddy.com, LLCNS1.COMMONMX.COMNone
3tier_1cartasdeamorparaminovio.net1TUCOWS, INC.NS1.COMMONMX.COMContact Privacy Inc. Customer 0158496835
4tier_1facetime4pc.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
5tier_1filmapik.tv1Domain Landing Zone LLCNS1.COMMONMX.COMNone
6tier_1cavallord.com1TUCOWS, INC.NS1.COMMONMX.COMContact Privacy Inc. Customer 0159513995
7tier_1docbao.mobi1GoDaddy.com, LLCNoneNone
8tier_1deadchicksarecoolmodels.com1Communigal Communication LtdNS1.COMMONMX.COMNone
9tier_1aweldaw.com1GoDaddy.com, LLCNS1.COMMONMX.COMNone
10tier_2aristo-hag.com94Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGWhois Privacy Service
11tier_2btpnav.com791API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
12tier_2atnpx.com70GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMDomains By Proxy, LLC
13tier_2click.expmediadirect.com48NoneNoneNone
14tier_2api.quotes.com30Internet Domain Service BS Corp.NS-CANADA.TOPDNS.COMWhois Privacy Corp.
15tier_2changeslots.com30Instra Corporation Pty Ltd.CLEO.NS.CLOUDFLARE.COMREDACTED FOR PRIVACY
16tier_2rtbstream.com131API GmbHNS1.DNSIMPLE.COMRegistrant of rtbstream.com
17tier_2api.apptap.com13Amazon Registrar, Inc.NS-1256.AWSDNS-29.ORGWhois Privacy Service
18tier_2api.mplayit.com13Amazon Registrar, Inc.NS-1236.AWSDNS-26.ORGWhois Privacy Service
19tier_2redirect.viglink.com13Amazon Registrar, Inc.NS1.VIGLINK.COMWhois Privacy Service
20tier_2link.sylikes.com13MarkMonitor, Inc.NS-1063.AWSDNS-04.ORGConnexity, Inc.
21tier_2rd.bizrate.com13NoneNoneNone
22tier_2wayfair.com12NoneNoneNone
23tier_2ad.doubleclick.net12NoneNoneNone
24tier_2rd.connexity.net11NoneNoneNone
25tier_2media-px.com8GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMDomains By Proxy, LLC
26tier_2c.clickprotects.com8GoDaddy.com, LLCNS63.DOMAINCONTROL.COMDomains By Proxy, LLC
27tier_211165151.addotnet.com8GoDaddy.com, LLCNS75.DOMAINCONTROL.COMDomains By Proxy, LLC
28tier_2geo.itunes.apple.com8CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
29tier_2itunes.apple.com8CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
30tier_3kbb.com49CSC CORPORATE DOMAINS, INC.PDNS164.ULTRADNS.BIZAutotrader.com
31tier_3bestappland.me30NoneNoneNone
32tier_3theconnectvpn.com30DonDominio (SCIP)ARNOLD.NS.CLOUDFLARE.COMSoluciones Corporativas IP, c/o Whois Proxy
33tier_3robogarden.io26GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMNone
34tier_3wayfair.com_LOOP_112NoneNoneNone
35tier_3storystudio.sfgate.com12CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
36tier_3music.apple.com8CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
37tier_3tackis.xyz5NoneNoneNone
38tier_3socalhondadealers.com3DREAMHOSTNS1.DREAMHOST.COMProxy Protection LLC
39tier_3java.limitedtopoffers.com21&1 IONOS SERORY.NS.CLOUDFLARE.COM1&1 Internet Inc
40tier_3venue.com2Network Solutions, LLCALBERT.NS.CLOUDFLARE.COMNone
41tier_3vpn1aprotectplus.com2Internet Domain Service BS Corp.SETH.NS.CLOUDFLARE.COMWhois Privacy Corp.
42tier_3belk.com1CSC CORPORATE DOMAINS, INC.DNS1.P08.NSONE.NETBelk Stores Services, Inc
43tier_3atnpx.com1GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMDomains By Proxy, LLC
44tier_3macys.com1Network Solutions, LLCA1-135.AKAM.NETMacy's Systems and Technology, Inc.
45tier_3click.linksynergy.com1CSC CORPORATE DOMAINS, INC.DNS1.P09.NSONE.NETRakuten Marketing
46tier_3bestbody.s3.amazonaws.com1MarkMonitor, Inc.R1.AMAZONAWS.COMAmazon.com, Inc.
47tier_3search.discoverweb.com1GoDaddy.com, LLCNINA.NS.CLOUDFLARE.COMDomains By Proxy, LLC
48tier_3careerbliss.com1GoDaddy.com, LLCNS10.DNSMADEEASY.COMDomains By Proxy, LLC
49tier_3ram21.proasdf.com1GoDaddy.com, LLCNS61.DOMAINCONTROL.COMDomains By Proxy, LLC
50tier_3rd.bizrate.com1NoneNoneNone
51tier_3filter.onwardclick.com1NoneNoneNone
ipcityregionorgpostalcountry_nametiercountanycasthostname
0104.243.45.190New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_125nannan
1206.221.176.184New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_123nannan
2104.243.45.178New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_123nannan
3104.243.45.179New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_120nannan
4207.244.67.214WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_113nannan
5207.244.67.218WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_111nannan
6207.244.67.215WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_111nannan
7207.244.67.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_19nannan
837.48.65.150AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_16nannan
9185.107.56.198RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_15nannan
10209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_2100nannan
11198.134.116.30New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_248nannan
12104.26.10.53San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_232Truenan
135.79.68.236AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_230nannan
1434.207.32.33AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_230nanec2-34-207-32-33.compute-1.amazonaws.com
1552.72.29.7AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_228nanec2-52-72-29-7.compute-1.amazonaws.com
1618.235.67.128AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_227nanec2-18-235-67-128.compute-1.amazonaws.com
17192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_31nanrd.bizrate.com
1834.197.176.2AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_225nanec2-34-197-176-2.compute-1.amazonaws.com
19104.26.11.53San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31Truenan
20209.132.243.15Los AngelesCaliforniaAS7296 Alchemy Communications, Inc.90009United Statestier_220nannan
2154.208.107.202AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_219nanec2-54-208-107-202.compute-1.amazonaws.com
22172.67.74.77San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_214Truenan
233.224.109.140AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_212nanec2-3-224-109-140.compute-1.amazonaws.com
24204.44.79.214Los AngelesCaliforniaAS8100 QuadraNet Enterprises LLC90014United Statestier_212nan204.44.79.214.static.quadranet.com
25192.138.218.139SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_211nanrd.connexity.net
26173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_29nan18.65.c0ad.ip4.static.sl-reverse.com
2754.197.172.17AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_28nanec2-54-197-172-17.compute-1.amazonaws.com
28104.102.137.83EdisonNew JerseyAS16625 Akamai Technologies, Inc.08817United Statestier_28nana104-102-137-83.deploy.static.akamaitechnologies.com
293.223.13.191AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_27nanec2-3-223-13-191.compute-1.amazonaws.com
3023.44.217.143NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_349nana23-44-217-143.deploy.static.akamaitechnologies.com
31142.93.4.215North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_330nannan
32104.21.91.236San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_327Truenan
33100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_320nanpool-100-37-135-2.nycmny.fios.verizon.net
34104.21.80.8San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_315Truenan
35151.101.0.200San FranciscoCaliforniaAS54113 Fastly94107United Statestier_312Truenan
36172.67.172.143San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_311Truenan
37172.67.181.234San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_33Truenan
38172.67.189.184San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_33Truenan
39104.21.28.174San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32Truenan
4023.227.38.65OttawaOntarioAS13335 Cloudflare, Inc.K2PCanadatier_32Truemyshopify.com
41104.21.63.48San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32Truenan
42104.21.65.93San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32Truenan
4335.174.35.73AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_32nanec2-35-174-35-73.compute-1.amazonaws.com
44151.101.1.131San FranciscoCaliforniaAS54113 Fastly94107United Statestier_31Truenan
45104.26.11.53San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31Truenan
46104.77.220.218New York CityNew YorkAS16625 Akamai Technologies, Inc.10004United Statestier_31nana104-77-220-218.deploy.static.akamaitechnologies.com
4735.212.55.51WashingtonWashington, D.C.AS15169 Google LLC20045United Statestier_31nan51.55.212.35.bc.googleusercontent.com
4852.217.106.252AshburnVirginiaAS16509 Amazon.com, Inc.20149United Statestier_31nans3-1-w.amazonaws.com
49104.21.95.133San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31Truenan
50207.38.44.116Los AngelesCaliforniaAS5693 Latisys-Irvine, LLC90009United Statestier_31nancbsmtp1.careerbliss.com
51162.243.10.151New York CityNew YorkAS14061 DigitalOcean, LLC10011United Statestier_31nannan
52192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_31nanrd.bizrate.com
5334.207.4.240AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31nanec2-34-207-4-240.compute-1.amazonaws.com
54173.239.53.32New York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_31nannan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website