Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 146 153 530 0 13 2021-04-16 64.32.8.68 Android
tier domain count registrar name_servers org
0 tier_1 emhdf.com 1 EastEndDomains, LLC NS1.DNSNUTS.COM None
1 tier_1 brasilonline.tv 1 Sterling Domains LLC NS1.DNSNUTS.COM None
2 tier_1 constitutionalsummitusa.com 1 Domainsofvalue.com LLC NS1.DNSNUTS.COM None
3 tier_1 fnanon.com 1 SNAPNAMES 76, LLC NS1.DNSNUTS.COM None
4 tier_1 gamespottingnetworks.com 1 SNAPNAMES 50, LLC NS1.DNSNUTS.COM None
5 tier_1 deresute-japan.com 1 SNAPNAMES 47, LLC NS1.DNSNUTS.COM None
6 tier_1 colrut.com 1 SNAPNAMES 65, LLC NS1.DNSNUTS.COM None
7 tier_1 dl4warez.com 1 NamePal.com #8013, LLC NS1.DNSNUTS.COM None
8 tier_1 123kingcash.com 1 YouDamain.com LLC NS1.DNSNUTS.COM None
9 tier_1 flippaper.net 1 SNAPNAMES 22, LLC NS1.DNSNUTS.COM None
10 tier_2 track.vcdc.com 37 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
11 tier_2 api.apptap.com 36 Amazon Registrar, Inc. NS-1256.AWSDNS-29.ORG Whois Privacy Service
12 tier_2 aristo-hag.com 35 Amazon Registrar, Inc. NS-1226.AWSDNS-25.ORG Whois Privacy Service
13 tier_2 redirect.viglink.com 29 Amazon Registrar, Inc. NS1.VIGLINK.COM Whois Privacy Service
14 tier_2 link.sylikes.com 28 MarkMonitor, Inc. NS-1063.AWSDNS-04.ORG Connexity, Inc.
15 tier_2 api.mplayit.com 23 Amazon Registrar, Inc. NS-1236.AWSDNS-26.ORG Whois Privacy Service
16 tier_2 rd.bizrate.com 21 None None None
17 tier_2 rd.connexity.net 21 None None None
18 tier_2 click.expmediadirect.com 17 NAMECHEAP INC NS1.LINODE.COM Privacy service provided by Withheld for Privacy ehf
19 tier_2 clk.rtpdn12.com 10 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM Privacy service provided by Withheld for Privacy ehf
20 tier_2 btpnative.com 10 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnative.com
21 tier_2 infopicked.com 10 NAMECHEAP INC NS0.DNSMADEEASY.COM Privacy service provided by Withheld for Privacy ehf
22 tier_2 btpnav.com 10 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnav.com
23 tier_2 click.junmediadirect.com 9 NAMECHEAP INC NS1.LINODE.COM Privacy service provided by Withheld for Privacy ehf
24 tier_2 nizephoros-pom.com 7 Amazon Registrar, Inc. NS-1192.AWSDNS-21.ORG None
25 tier_2 get.popplunder.com 7 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM Privacy service provided by Withheld for Privacy ehf
26 tier_2 trustedpush.com 7 NAMECHEAP INC NS-1142.AWSDNS-14.ORG Privacy service provided by Withheld for Privacy ehf
27 tier_2 win1.trustedpush.com 7 NAMECHEAP INC NS-1142.AWSDNS-14.ORG Privacy service provided by Withheld for Privacy ehf
28 tier_2 win2.trustedpush.com 5 NAMECHEAP INC NS-1142.AWSDNS-14.ORG Privacy service provided by Withheld for Privacy ehf
29 tier_2 lg.provenpixel.com 4 1&1 IONOS SE NS01.PROVENPIXEL.NET 1&1 Internet Inc
30 tier_3 irl.com 17 GoDaddy.com, LLC NS-106.AWSDNS-13.COM Domains By Proxy, LLC
31 tier_3 storystudio.sfgate.com 14 CSC CORPORATE DOMAINS, INC. NS1.HEARSTNP.COM Hearst Communications, Inc.
32 tier_3 frontgate.com 9 Network Solutions, LLC NS1.HSN.NET None
33 tier_3 rd.bizrate.com 8 MarkMonitor, Inc. NS-1189.AWSDNS-20.ORG Meredith Corporation
34 tier_3 michaelkors.com 7 NOM-IQ Ltd dba Com Laude A1-111.AKAM.NET Michael Kors, L.L.C.
35 tier_3 win3.trustedpush.com 4 NAMECHEAP INC NS-1142.AWSDNS-14.ORG Privacy service provided by Withheld for Privacy ehf
36 tier_3 sandcloud.com 2 1&1 IONOS SE NS1051.UI-DNS.ORG Sand Cloud Holdings LLC
37 tier_3 fanatics.com 2 MarkMonitor, Inc. A1-147.AKAM.NET Fanatics Inc.
38 tier_3 win2.trustedpush.com 2 NameCheap, Inc. NS-1142.AWSDNS-14.ORG None
39 tier_3 ads.midwayusa.com 1 GoDaddy.com, LLC NS-1486.AWSDNS-57.ORG MidwayUSA
40 tier_3 ram21.proasdf.com 1 GoDaddy.com, LLC NS61.DOMAINCONTROL.COM Domains By Proxy, LLC
41 tier_3 shopnsave.world_LOOP_1 1 None None None
42 tier_3 62887.click.validclick.net 1 Safenames Ltd NS1.FULLMAILBOX.COM None
43 tier_3 m.fastmapc.xyz 1 Sav.comLLC HUGH.NS.CLOUDFLARE.COM Privacy Protection
44 tier_3 win5.trustedpush.com 1 NAMECHEAP INC NS-1142.AWSDNS-14.ORG Privacy service provided by Withheld for Privacy ehf
45 tier_3 fanatics.com_LOOP_1 1 None None None
46 tier_3 famous-smoke.com 1 GoDaddy.com, LLC IGOR.NS.CLOUDFLARE.COM Famous Smoke Shop-PA Inc
47 tier_3 catherines.com 1 CSC CORPORATE DOMAINS, INC. PDNS1.ULTRADNS.NET FullBeauty Brands Operations, LLC
48 tier_3 harryanddavid.com_LOOP_1 1 None None None
49 tier_3 chewy.com 1 Moniker Online Services LLC NS1.P02.DYNECT.NET Chewy, Inc.
50 tier_3 google.com_LOOP_1 1 None None None
51 tier_3 venacbd.com_LOOP_1 1 None None None
52 tier_3 m.gladplacespin.xyz 1 Epik LLC MARJORY.NS.CLOUDFLARE.COM Anonymize, Inc.
53 tier_3 uniqlo.com 1 1API GmbH NS-1415.AWSDNS-48.ORG None
ip hostname city region org postal country_name tier count anycast
0 64.32.8.70 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 15 nan
1 64.32.8.67 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 13 nan
2 64.32.8.68 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 13 nan
3 185.107.56.58 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 13 nan
4 185.107.56.60 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 8 nan
5 185.107.56.59 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 6 nan
6 185.107.56.57 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 6 nan
7 64.32.8.69 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 6 nan
8 192.138.218.207 rd.bizrate.com Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_3 8 nan
9 167.233.8.197 static.197.8.233.167.clients.your-server.de N├╝rnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 37 nan
10 54.84.4.127 ec2-54-84-4-127.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 29 nan
11 192.138.218.139 rd.connexity.net Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_2 21 nan
12 209.15.13.136 nan Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 21 nan
13 198.134.116.30 nan New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 17 nan
14 3.222.66.193 ec2-3-222-66-193.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 16 nan
15 3.224.109.140 ec2-3-224-109-140.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 16 nan
16 204.44.79.214 204.44.79.214.static.quadranet.com Los Angeles California AS8100 QuadraNet Enterprises LLC 90014 United States tier_2 14 nan
17 54.197.172.17 ec2-54-197-172-17.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 14 nan
18 54.208.107.202 ec2-54-208-107-202.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 13 nan
19 34.197.176.2 ec2-34-197-176-2.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 13 nan
20 52.21.176.105 ec2-52-21-176-105.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 13 nan
21 99.84.114.98 server-99-84-114-98.ewr52.r.cloudfront.net Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 2 nan
22 173.239.53.32 nan New York City New York AS27257 Webair Internet Development Company Inc. 10004 United States tier_2 11 nan
23 173.192.101.24 18.65.c0ad.ip4.static.sl-reverse.com Dallas Texas AS36351 SoftLayer Technologies Inc. 75270 United States tier_2 10 nan
24 52.72.29.7 ec2-52-72-29-7.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 10 nan
25 198.134.116.18 nan New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 9 nan
26 18.235.67.128 ec2-18-235-67-128.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 9 nan
27 34.199.180.187 ec2-34-199-180-187.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 7 nan
28 151.101.0.200 nan San Francisco California AS54113 Fastly 94107 United States tier_3 14 True
29 100.37.135.2 pool-100-37-135-2.nycmny.fios.verizon.net New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 10 nan
30 192.138.218.207 rd.bizrate.com Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_3 8 nan
31 23.73.245.89 a23-73-245-89.deploy.static.akamaitechnologies.com Edison New Jersey AS16625 Akamai Technologies, Inc. 08817 United States tier_3 7 nan
32 67.207.80.24 nan North Bergen New Jersey AS14061 DigitalOcean, LLC 07047 United States tier_3 5 nan
33 23.51.164.169 a23-51-164-169.deploy.static.akamaitechnologies.com Philadelphia Pennsylvania AS16625 Akamai Technologies, Inc. 19099 United States tier_3 5 nan
34 100.37.135.2 pool-100-37-135-2.nycmny.fios.verizon.net New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 4 nan
35 52.73.153.209 ec2-52-73-153-209.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 4 nan
36 67.207.81.229 nan North Bergen New Jersey AS14061 DigitalOcean, LLC 07047 United States tier_3 3 nan
37 99.84.114.98 server-99-84-114-98.ewr52.r.cloudfront.net Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 2 nan
38 23.51.191.213 a23-51-191-213.deploy.static.akamaitechnologies.com Philadelphia Pennsylvania AS16625 Akamai Technologies, Inc. 19099 United States tier_3 1 nan
39 54.166.113.21 ec2-54-166-113-21.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 nan
40 23.51.160.222 a23-51-160-222.deploy.static.akamaitechnologies.com Philadelphia Pennsylvania AS16625 Akamai Technologies, Inc. 19099 United States tier_3 1 nan
41 162.243.10.151 nan New York City New York AS14061 DigitalOcean, LLC 10011 United States tier_3 1 nan
42 104.18.79.149 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 True
43 52.203.36.44 ec2-52-203-36-44.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 nan
44 104.18.64.79 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 True
45 167.172.136.193 nan North Bergen New Jersey AS14061 DigitalOcean, LLC 07047 United States tier_3 1 nan
46 204.2.133.113 nan San Jose California AS393259 Yottaa, Inc 95103 United States tier_3 1 nan
47 184.87.65.240 a184-87-65-240.deploy.static.akamaitechnologies.com Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 1 nan
48 99.84.114.35 server-99-84-114-35.ewr52.r.cloudfront.net Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 1 nan
49 54.205.240.192 ec2-54-205-240-192.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 nan
50 23.51.170.9 a23-51-170-9.deploy.static.akamaitechnologies.com Philadelphia Pennsylvania AS16625 Akamai Technologies, Inc. 19099 United States tier_3 1 nan
51 104.18.80.149 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 True
52 23.201.25.61 a23-201-25-61.deploy.static.akamaitechnologies.com Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 1 nan
53 64.227.12.111 nan North Bergen New Jersey AS14061 DigitalOcean, LLC 07047 United States tier_3 1 nan
54 52.73.87.228 ec2-52-73-87-228.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 nan
55 34.74.48.250 250.48.74.34.bc.googleusercontent.com North Charleston South Carolina AS15169 Google LLC 29415 United States tier_3 1 nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website