Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 137 146 483 0 17 2021-04-09 64.32.8.68 Chrome
tier domain count registrar name_servers org
0 tier_1 ciliguai.com 1 eNom437, Incorporated NS1.DNSNUTS.COM The Management Group II
1 tier_1 9ref.com 1 Lionshare Domains, LLC NS1.DNSNUTS.COM The Management Group II
2 tier_1 9novels.net 1 ! #1 Host Japan, Inc. NS1.DNSNUTS.COM The Management Group II
3 tier_1 chastnoevideo.net 1 eNomEU, Inc. NS1.DNSNUTS.COM None
4 tier_1 cuocsong365.net 1 Flancrestdomains.com LLC NS1.DNSNUTS.COM None
5 tier_1 elektrononline.net 1 Blue Angel Domains LLC NS1.DNSNUTS.COM None
6 tier_1 aayaamlabs.com 1 enom666, Inc. NS1.DNSNUTS.COM None
7 tier_1 cheapvba.com 1 Adomainofyourown.com LLC NS1.DNSNUTS.COM None
8 tier_1 aptrk10.com 1 One Putt, Inc. (formerly:Z-Core, Inc.) NS1.DNSNUTS.COM None
9 tier_1 divxgay.net 1 eNom427, Incorporated NS1.DNSNUTS.COM None
10 tier_2 api.apptap.com 22 Amazon Registrar, Inc. NS-1256.AWSDNS-29.ORG Whois Privacy Service
11 tier_2 redirect.viglink.com 22 Amazon Registrar, Inc. NS1.VIGLINK.COM Whois Privacy Service
12 tier_2 link.sylikes.com 22 MarkMonitor, Inc. NS-1063.AWSDNS-04.ORG Connexity, Inc.
13 tier_2 aristo-hag.com 20 Amazon Registrar, Inc. NS-1226.AWSDNS-25.ORG Whois Privacy Service
14 tier_2 rd.bizrate.com 19 None None None
15 tier_2 track.vcdc.com 17 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
16 tier_2 rd.connexity.net 17 None None None
17 tier_2 click.expmediadirect.com 13 None None None
18 tier_2 api.mplayit.com 12 Amazon Registrar, Inc. NS-1236.AWSDNS-26.ORG Whois Privacy Service
19 tier_2 clk.rtpdn12.com 11 None None None
20 tier_2 ads35.adtelligent.com 11 DANESCO TRADING LTD NS.ANYCASTNS1.ORG Vertamedia,LLC
21 tier_2 dsp35.adtelligent.com 11 DANESCO TRADING LTD NS.ANYCASTNS1.ORG Vertamedia,LLC
22 tier_2 externals-1953518744.us-east-1.elb.amazonaws.com 11 MarkMonitor, Inc. R1.AMAZONAWS.COM Amazon.com, Inc.
23 tier_2 search.snjsearch.com 11 GoDaddy.com, LLC NS73.DOMAINCONTROL.COM Domains By Proxy, LLC
24 tier_2 lulus.com 10 GoDaddy.com, LLC NS-1116.AWSDNS-11.ORG Domains By Proxy, LLC
25 tier_2 btpnav.com 10 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnav.com
26 tier_2 infopicked.com 9 None None None
27 tier_2 aldb1.mysearch.space 9 None None None
28 tier_2 btpnative.com 8 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnative.com
29 tier_2 nizephoros-pom.com 6 Amazon Registrar, Inc. NS-1192.AWSDNS-21.ORG None
30 tier_3 lulus.com_LOOP_1 10 None None None
31 tier_3 bing.com 10 MarkMonitor, Inc. DNS1.P09.NSONE.NET Microsoft Corporation
32 tier_3 rd.bizrate.com 8 None None None
33 tier_3 cehappear.fun 5 Dynadot LLC AIDEN.NS.CLOUDFLARE.COM None
34 tier_3 loyality-program.com 4 Amazon Registrar, Inc. NS-108.AWSDNS-13.COM None
35 tier_3 toryburch.com 3 CSC CORPORATE DOMAINS, INC. DNS1.CSCDNS.NET River Light V, L.P.
36 tier_3 aeropostale.com 2 Network Solutions, LLC NS1.P17.DYNECT.NET None
37 tier_3 2.mediagate.casa 2 None None None
38 tier_3 chrismoneymaker.com 2 GoDaddy.com, LLC NS65.DOMAINCONTROL.COM Amaya Services Limited
39 tier_3 aliexpress.com_LOOP_1 2 None None None
40 tier_3 google.com_LOOP_1 1 None None None
41 tier_3 google.com 1 MarkMonitor, Inc. NS1.GOOGLE.COM Google LLC
42 tier_3 nissanusa.com 1 None None None
43 tier_3 ram21.proasdf.com 1 GoDaddy.com, LLC NS61.DOMAINCONTROL.COM Domains By Proxy, LLC
44 tier_3 appliancesconnection.com 1 GoDaddy.com, LLC NS67.DOMAINCONTROL.COM Domains By Proxy, LLC
45 tier_3 wayfair.com 1 None None None
46 tier_3 3.mediagate.casa 1 None None None
47 tier_3 venus.com 1 GoDaddy.com, LLC NS0.DNSMADEEASY.COM Venus Fashion, Inc.
48 tier_3 lulus.com 1 GoDaddy.com, LLC NS-1116.AWSDNS-11.ORG Domains By Proxy, LLC
49 tier_3 0.mediagate.casa 1 None None None
50 tier_3 bestsecretflirt.com 1 GoDaddy.com, LLC NS0.DNSMADEEASY.COM None
51 tier_3 volume.com 1 DYNADOT, LLC A.NS.VOLUME.COM None
52 tier_3 mergerinvesting.com 1 None None None
53 tier_3 slotocash.im 1 None dane.ns.cloudflare.com. None
ip hostname city region org postal country_name tier count anycast
0 64.32.8.70 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 16 nan
1 185.107.56.58 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 10 nan
2 64.32.8.68 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 9 nan
3 185.107.56.60 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 7 nan
4 64.32.8.69 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 6 nan
5 64.32.8.67 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 5 nan
6 185.107.56.57 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 5 nan
7 185.107.56.59 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 4 nan
8 192.138.218.207 nan Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_3 8 nan
9 178.62.225.201 nan Amsterdam North Holland AS14061 DigitalOcean, LLC 1012 Netherlands tier_3 4 nan
10 209.15.13.136 nan Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 18 nan
11 167.233.8.197 static.197.8.233.167.clients.your-server.de N├╝rnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 17 nan
12 192.138.218.139 rd.connexity.net Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_2 17 nan
13 52.206.141.190 ec2-52-206-141-190.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 13 nan
14 198.134.116.30 nan New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 13 nan
15 173.239.53.32 nan New York City New York AS27257 Webair Internet Development Company Inc. 10004 United States tier_2 12 nan
16 3.226.37.31 ec2-3-226-37-31.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 12 nan
17 52.205.177.114 ec2-52-205-177-114.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 12 nan
18 52.72.29.7 ec2-52-72-29-7.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 11 nan
19 209.205.202.42 static-42-202-205-209.24shells.net New York City New York AS55081 24 SHELLS 10004 United States tier_2 11 nan
20 209.205.202.43 static-43-202-205-209.24shells.net New York City New York AS55081 24 SHELLS 10004 United States tier_2 11 nan
21 35.162.164.74 ec2-35-162-164-74.us-west-2.compute.amazonaws.com Boardman Oregon AS16509 Amazon.com, Inc. 97818 United States tier_2 11 nan
22 151.101.1.151 nan San Francisco California AS54113 Fastly 94107 United States tier_3 1 True
23 52.29.135.45 ec2-52-29-135-45.eu-central-1.compute.amazonaws.com Frankfurt am Main Hesse AS16509 Amazon.com, Inc. 60311 Germany tier_2 10 nan
24 34.225.128.119 ec2-34-225-128-119.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 10 nan
25 173.192.101.24 18.65.c0ad.ip4.static.sl-reverse.com Dallas Texas AS36351 SoftLayer Technologies Inc. 75270 United States tier_2 9 nan
26 34.197.67.232 ec2-34-197-67-232.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 9 nan
27 88.99.101.106 static.106.101.99.88.clients.your-server.de Hohen Neuendorf Brandenburg AS24940 Hetzner Online GmbH 16540 Germany tier_2 8 nan
28 100.37.135.2 pool-100-37-135-2.nycmny.fios.verizon.net New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 13 nan
29 204.79.197.200 a-0001.a-msedge.net Redmond Washington AS8068 Microsoft Corporation 98052 United States tier_3 8 True
30 192.138.218.207 nan Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_3 8 nan
31 178.62.225.201 nan Amsterdam North Holland AS14061 DigitalOcean, LLC 1012 Netherlands tier_3 4 nan
32 34.192.40.54 ec2-34-192-40-54.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 4 nan
33 52.85.132.55 server-52-85-132-55.iad50.r.cloudfront.net Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 3 nan
34 104.17.224.18 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 2 True
35 92.205.4.117 ip-92-205-4-117.ip.secureserver.net Strasbourg Grand Est AS21499 Host Europe GmbH 67000 France tier_3 2 nan
36 13.107.21.200 nan Redmond Washington AS8068 Microsoft Corporation 98052 United States tier_3 2 True
37 23.59.250.74 a23-59-250-74.deploy.static.akamaitechnologies.com Newark New Jersey AS20940 Akamai International B.V. 07175 United States tier_3 2 nan
38 172.217.12.196 lga25s63-in-f4.1e100.net Clifton New Jersey AS15169 Google LLC 07015 United States tier_3 1 nan
39 23.51.162.53 a23-51-162-53.deploy.static.akamaitechnologies.com Philadelphia Pennsylvania AS16625 Akamai Technologies, Inc. 19099 United States tier_3 1 nan
40 162.243.10.151 nan New York City New York AS14061 DigitalOcean, LLC 10011 United States tier_3 1 nan
41 24.157.42.211 189d2ad3.cst.lightpath.net New York City New York AS6128 Cablevision Systems Corp. 10004 United States tier_3 1 nan
42 96.16.29.13 a96-16-29-13.deploy.static.akamaitechnologies.com New York City New York AS16625 Akamai Technologies, Inc. 10004 United States tier_3 1 nan
43 99.84.176.94 server-99-84-176-94.iad89.r.cloudfront.net Washington Washington, D.C. AS16509 Amazon.com, Inc. 20045 United States tier_3 1 nan
44 23.33.138.137 a23-33-138-137.deploy.static.akamaitechnologies.com New York City New York AS16625 Akamai Technologies, Inc. 10004 United States tier_3 1 nan
45 151.101.1.151 nan San Francisco California AS54113 Fastly 94107 United States tier_3 1 True
46 88.80.185.92 li678-92.members.linode.com London England AS63949 Linode, LLC EC1A United Kingdom tier_3 1 nan
47 23.59.250.96 a23-59-250-96.deploy.static.akamaitechnologies.com Newark New Jersey AS20940 Akamai International B.V. 07175 United States tier_3 1 nan
48 104.22.71.250 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 True
49 45.55.189.248 nan Clifton New Jersey AS14061 DigitalOcean, LLC 07014 United States tier_3 1 nan
50 52.85.132.46 server-52-85-132-46.iad50.r.cloudfront.net Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
51 172.67.75.151 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 True

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website