Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 132 137 458 0 14 2021-04-19 64.32.8.68 Android
tier domain count registrar name_servers org
0 tier_1 bugpoint.net 1 eNom413, Incorporated NS1.DNSNUTS.COM None
1 tier_1 garden-variety.net 1 EUNameFlood.com LLC NS1.DNSNUTS.COM None
2 tier_1 ciliguai.com 1 eNom437, Incorporated NS1.DNSNUTS.COM The Management Group II
3 tier_1 aharonic.net 1 Gradeadomainnames.com LLC NS1.DNSNUTS.COM None
4 tier_1 albumkings.net 1 Snoqulamiedomains.com LLC NS1.DNSNUTS.COM The Management Group II
5 tier_1 fudgebananaswirl.com 1 Name Connection Spot LLC NS1.DNSNUTS.COM The Management Group II
6 tier_1 bagustekno.net 1 Zone of Domains LLC NS1.DNSNUTS.COM None
7 tier_1 aiss.cc 1 Top Shelf Domains LLC NS1.DNSNUTS.COM None
8 tier_1 dashitz.com 1 Name Nelly, LLC NS1.DNSNUTS.COM None
9 tier_1 guias-trucos-juegos.com 1 SNAPNAMES 24, LLC NS1.DNSNUTS.COM None
10 tier_2 aristo-hag.com 58 Amazon Registrar, Inc. NS-1226.AWSDNS-25.ORG Whois Privacy Service
11 tier_2 track.vcdc.com 56 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
12 tier_2 atnpx.com 47 GoDaddy.com, LLC BECKY.NS.CLOUDFLARE.COM Domains By Proxy, LLC
13 tier_2 api.apptap.com 15 Amazon Registrar, Inc. NS-1256.AWSDNS-29.ORG Whois Privacy Service
14 tier_2 redirect.viglink.com 15 Amazon Registrar, Inc. NS1.VIGLINK.COM Whois Privacy Service
15 tier_2 link.sylikes.com 15 MarkMonitor, Inc. NS-1063.AWSDNS-04.ORG Connexity, Inc.
16 tier_2 btpnav.com 13 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnav.com
17 tier_2 clk.rtpdn12.com 11 None None None
18 tier_2 rd.bizrate.com 10 MarkMonitor, Inc. NS-1189.AWSDNS-20.ORG Meredith Corporation
19 tier_2 rd.connexity.net 9 None None None
20 tier_2 api.mplayit.com 6 Amazon Registrar, Inc. NS-1236.AWSDNS-26.ORG Whois Privacy Service
21 tier_2 rd.connexity.net_LOOP_1 4 None None None
22 tier_2 overstock.com 3 None None None
23 tier_2 63084.click.validclick.net 3 Safenames Ltd NS1.FULLMAILBOX.COM None
24 tier_2 click.junmediadirect.com 3 None None None
25 tier_2 click.expmediadirect.com 2 NAMECHEAP INC NS1.LINODE.COM Privacy service provided by Withheld for Privacy ehf
26 tier_2 tq.adventurefeeds.com 2 GoDaddy.com, LLC NS75.DOMAINCONTROL.COM Domains By Proxy, LLC
27 tier_2 clk.rtpdn12.com_LOOP_1 2 None None None
28 tier_2 62887.click.validclick.net 2 Safenames Ltd NS1.FULLMAILBOX.COM None
29 tier_2 62992.click.validclick.net 2 Safenames Ltd NS1.FULLMAILBOX.COM None
30 tier_3 kbb.com 30 CSC CORPORATE DOMAINS, INC. PDNS164.ULTRADNS.BIZ Autotrader.com
31 tier_3 robogarden.io 17 GoDaddy.com, LLC BECKY.NS.CLOUDFLARE.COM None
32 tier_3 storystudio.sfgate.com 10 CSC CORPORATE DOMAINS, INC. NS1.HEARSTNP.COM Hearst Communications, Inc.
33 tier_3 rd.bizrate.com 5 MarkMonitor, Inc. NS-1189.AWSDNS-20.ORG Meredith Corporation
34 tier_3 overstock.com 4 None None None
35 tier_3 overstock.com_LOOP_1 3 None None None
36 tier_3 fanatics.com 2 None None None
37 tier_3 a.dollarsurvey365.online 1 URL Solutions Inc. CRYSTAL.NS.CLOUDFLARE.COM None
38 tier_3 amazon.com 1 None None None
39 tier_3 filter.onwardclick.com 1 NAMECHEAP INC NS1.ENCONTEXT.COM Privacy service provided by Withheld for Privacy ehf
40 tier_3 win3.trustedpush.com 1 NAMECHEAP INC NS-1142.AWSDNS-14.ORG Privacy service provided by Withheld for Privacy ehf
41 tier_3 ram21.proasdf.com 1 GoDaddy.com, LLC NS61.DOMAINCONTROL.COM Domains By Proxy, LLC
42 tier_3 beyourxfriend.com 1 GoDaddy.com, LLC NS0.DNSMADEEASY.COM None
43 tier_3 track.vcdc.com 1 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
44 tier_3 fanatics.com_LOOP_1 1 None None None
ip hostname city region org postal country_name tier count anycast
0 64.32.8.68 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 19 nan
1 64.32.8.70 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 18 nan
2 185.107.56.60 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 10 nan
3 185.107.56.57 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 9 nan
4 64.32.8.67 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 7 nan
5 64.32.8.69 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 7 nan
6 185.107.56.58 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 6 nan
7 185.107.56.59 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 3 nan
8 167.233.8.197 static.197.8.233.167.clients.your-server.de Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_3 1 nan
9 192.138.218.207 rd.bizrate.com Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_3 5 nan
10 172.67.74.77 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_2 18 True
11 54.208.107.202 ec2-54-208-107-202.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 17 nan
12 18.235.67.128 ec2-18-235-67-128.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 16 nan
13 209.15.13.136 nan Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 15 nan
14 52.72.29.7 ec2-52-72-29-7.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 15 nan
15 104.26.10.53 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_2 15 True
16 104.26.11.53 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_2 14 True
17 173.239.53.32 nan New York City New York AS27257 Webair Internet Development Company Inc. 10004 United States tier_3 1 nan
18 3.224.109.140 ec2-3-224-109-140.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 12 nan
19 34.197.176.2 ec2-34-197-176-2.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 11 nan
20 204.44.79.214 204.44.79.214.static.quadranet.com Los Angeles California AS8100 QuadraNet Enterprises LLC 90014 United States tier_2 10 nan
21 34.195.100.186 ec2-34-195-100-186.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 9 nan
22 192.138.218.139 rd.connexity.net Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_2 9 nan
23 100.37.135.2 pool-100-37-135-2.nycmny.fios.verizon.net New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 5 nan
24 3.223.13.191 ec2-3-223-13-191.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 6 nan
25 54.84.4.127 ec2-54-84-4-127.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 5 nan
26 54.197.172.17 ec2-54-197-172-17.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 4 nan
27 23.195.109.38 a23-195-109-38.deploy.static.akamaitechnologies.com Edison New Jersey AS16625 Akamai Technologies, Inc. 08817 United States tier_3 2 nan
28 23.36.197.209 a23-36-197-209.deploy.static.akamaitechnologies.com Philadelphia Pennsylvania AS16625 Akamai Technologies, Inc. 19099 United States tier_3 26 nan
29 104.21.80.8 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 11 True
30 151.101.0.200 nan San Francisco California AS54113 Fastly 94107 United States tier_3 10 True
31 172.67.172.143 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 6 True
32 100.37.135.2 pool-100-37-135-2.nycmny.fios.verizon.net New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 5 nan
33 192.138.218.207 rd.bizrate.com Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_3 5 nan
34 23.1.205.179 a23-1-205-179.deploy.static.akamaitechnologies.com Edison New Jersey AS16625 Akamai Technologies, Inc. 08817 United States tier_3 4 nan
35 23.208.217.38 a23-208-217-38.deploy.static.akamaitechnologies.com Edison New Jersey AS16625 Akamai Technologies, Inc. 08817 United States tier_3 2 nan
36 23.195.109.38 a23-195-109-38.deploy.static.akamaitechnologies.com Edison New Jersey AS16625 Akamai Technologies, Inc. 08817 United States tier_3 2 nan
37 23.51.160.222 a23-51-160-222.deploy.static.akamaitechnologies.com Philadelphia Pennsylvania AS16625 Akamai Technologies, Inc. 19099 United States tier_3 2 nan
38 104.26.15.226 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 True
39 99.84.37.174 server-99-84-37-174.ewr52.r.cloudfront.net Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 1 nan
40 173.239.53.32 nan New York City New York AS27257 Webair Internet Development Company Inc. 10004 United States tier_3 1 nan
41 162.243.10.151 nan New York City New York AS14061 DigitalOcean, LLC 10011 United States tier_3 1 nan
42 45.33.8.244 li962-244.members.linode.com Richardson Texas AS63949 Linode, LLC 75080 United States tier_3 1 nan
43 167.233.8.197 static.197.8.233.167.clients.your-server.de Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_3 1 nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website