Daily Threat Intelligence Report¶
This report contains following information. All tables and graphs are auto-generated.
- Overall statistics
- Number of domains detected
- Number of domains detected by Google Safe Browsing
- IP address behind entry-level domains
- date of collection
- Top 10 domain statistics
- count (number of redirection paths that contain this domain)
- tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
- registar
- organization
- Top 10 IP statistics
- count
- location (city, country, region)
- hostname
- organization
- Consolidated redirection path
- green: tier one domain
- yellow: tier two domain
- red: tier three domain
Content Warning: The following domain names and screenshots contain material that may be harmful or traumatizing to some audiences.
| num_domain | num_links | num_full_url | num_safebrowsing_malicious | num_vt_malicious | date | ip | user_agent | |
|---|---|---|---|---|---|---|---|---|
| 0 | 70 | 66 | 117 | 0 | 16 | 2021-09-06 | 64.32.8.68 | Chrome |
| tier | domain | count | registrar | name_servers | org | |
|---|---|---|---|---|---|---|
| 0 | tier_1 | 282hook.com | 1 | Namecatch Zone LLC | NS1.DNSNUTS.COM | The Management Group II |
| 1 | tier_1 | ahngun.com | 1 | Namecroc.com LLC | NS1.DNSNUTS.COM | None |
| 2 | tier_1 | aj01.net | 1 | Atomicdomainnames.com LLC | NS1.DNSNUTS.COM | The Management Group II |
| 3 | tier_1 | abdato.com | 1 | Dropcatching Names LLC | NS1.DNSNUTS.COM | The Management Group II |
| 4 | tier_1 | 7peliculas.com | 1 | SNAPNAMES 4, LLC | NS1.DNSNUTS.COM | The Management Group II |
| 5 | tier_1 | 129zy.com | 1 | SNAPNAMES 10, LLC | NS1.DNSNUTS.COM | None |
| 6 | tier_1 | 34only.net | 1 | Atomicdomainnames.com LLC | NS1.DNSNUTS.COM | None |
| 7 | tier_1 | aamorris.net | 1 | BullRunDomains.com LLC | NS1.DNSNUTS.COM | None |
| 8 | tier_1 | 24hoursforanna.com | 1 | NamePal.com #8010 Inc. | NS1.DNSNUTS.COM | None |
| 9 | tier_1 | animalkun.org | 1 | AtlanticFriendNames.com LLC | NS1.DNSNUTS.COM | Statutory Masking Enabled |
| 10 | tier_2 | acrvclk.com | 9 | NAMECHEAP INC | JEROME.NS.CLOUDFLARE.COM | Privacy service provided by Withheld for Privacy ehf |
| 11 | tier_2 | clk.rtpdn14.com | 9 | NAMECHEAP INC | DNS1.REGISTRAR-SERVERS.COM | Privacy service provided by Withheld for Privacy ehf |
| 12 | tier_2 | click.expmediadirect1.com | 9 | NAMECHEAP INC | NS1.LINODE.COM | Privacy service provided by Withheld for Privacy ehf |
| 13 | tier_2 | go.dmzjmp.com | 7 | NAMECHEAP INC | AMY.NS.CLOUDFLARE.COM | Privacy service provided by Withheld for Privacy ehf |
| 14 | tier_2 | antig-hra.com | 5 | Amazon Registrar, Inc. | NS-1005.AWSDNS-61.NET | Whois Privacy Service |
| 15 | tier_2 | v4.s.arclk.net | 4 | PSI-USA, Inc. dba Domain Robot | A.NS14.NET | None |
| 16 | tier_2 | xml.sedodna.com | 2 | PSI-USA, Inc. dba Domain Robot | NS-1222.AWSDNS-24.ORG | None |
| 17 | tier_2 | trafficgate.cc | 2 | NAMECHEAP INC | HANS.NS.CLOUDFLARE.COM | Privacy service provided by Withheld for Privacy ehf |
| 18 | tier_2 | api.apptap.com | 2 | Amazon Registrar, Inc. | NS-1256.AWSDNS-29.ORG | Whois Privacy Service |
| 19 | tier_2 | ww1.ahngun.com | 1 | Namecroc.com LLC | NS1.DNSNUTS.COM | None |
| 20 | tier_2 | ww1.abdato.com | 1 | Dropcatching Names LLC | NS1.DNSNUTS.COM | The Management Group II |
| 21 | tier_2 | juicydataair.ru | 1 | FE-RU | dave.ns.cloudflare.com. | None |
| 22 | tier_2 | 0.juicydataair.ru | 1 | FE-RU | dave.ns.cloudflare.com. | None |
| 23 | tier_2 | 1.juicydataair.ru | 1 | FE-RU | dave.ns.cloudflare.com. | None |
| 24 | tier_2 | 2.juicydataair.ru | 1 | FE-RU | dave.ns.cloudflare.com. | None |
| 25 | tier_2 | track.vcdc.com | 1 | Key-Systems GmbH | GUY.NS.CLOUDFLARE.COM | c/o whoisproxy.com |
| 26 | tier_2 | xml.onwardclick.com | 1 | NAMECHEAP INC | NS1.ENCONTEXT.COM | Privacy service provided by Withheld for Privacy ehf |
| 27 | tier_2 | adserver.encontextadvertising.com | 1 | NAMECHEAP INC | DNS1.REGISTRAR-SERVERS.COM | Privacy service provided by Withheld for Privacy ehf |
| 28 | tier_2 | adserver.shopnsave.world | 1 | None | None | None |
| 29 | tier_2 | rtbstream.com | 1 | 1API GmbH | NS1.DNSIMPLE.COM | Registrant of rtbstream.com |
| 30 | tier_3 | stripchat.com | 7 | NAMECHEAP INC | AMY.NS.CLOUDFLARE.COM | Privacy service provided by Withheld for Privacy ehf |
| 31 | tier_3 | top.faqtoids.com | 1 | None | None | None |
| 32 | tier_3 | juicydataair.ru | 1 | FE-RU | dave.ns.cloudflare.com. | None |
| 33 | tier_3 | 3.juicydataair.ru | 1 | FE-RU | dave.ns.cloudflare.com. | None |
| 34 | tier_3 | top.digitaltrendsradar.com | 1 | PDR Ltd. d/b/a PublicDomainRegistry.com | GWEN.NS.CLOUDFLARE.COM | Privacy Protect, LLC (PrivacyProtect.org) |
| 35 | tier_3 | top.allresultsweb.com | 1 | None | None | None |
| 36 | tier_3 | shopnsave.world | 1 | None | None | None |
| 37 | tier_3 | betterhelp.com | 1 | GoDaddy.com, LLC | NS-103.AWSDNS-12.COM | BetterHelp |
| 38 | tier_3 | volume.com | 1 | DYNADOT LLC | A.NS.VOLUME.COM | None |
| 39 | tier_3 | amazon.com | 1 | None | None | None |
| 40 | tier_3 | apple.com | 1 | CSC CORPORATE DOMAINS, INC. | A.NS.APPLE.COM | Apple Inc. |
| 41 | tier_3 | bongacams.com | 1 | Safenames Ltd | NS1.BNG-NS.COM | None |
| 42 | tier_3 | seek.theweb.com | 1 | None | None | None |
| 43 | tier_3 | surveystarz.com | 1 | GoDaddy.com, LLC | NS13.DOMAINCONTROL.COM | Domains By Proxy, LLC |
| 44 | tier_3 | worldoftanks.eu | 1 | None | n | None |
| 45 | tier_3 | gua21.proasdf.com | 1 | GoDaddy.com, LLC | NS61.DOMAINCONTROL.COM | Domains By Proxy, LLC |
| ip | city | region | org | postal | country_name | tier | count | hostname | anycast | |
|---|---|---|---|---|---|---|---|---|---|---|
| 0 | 185.107.56.60 | Rotterdam | South Holland | AS43350 NForce Entertainment B.V. | 3012 | Netherlands | tier_1 | 4 | nan | nan |
| 1 | 185.107.56.57 | Rotterdam | South Holland | AS43350 NForce Entertainment B.V. | 3012 | Netherlands | tier_1 | 3 | nan | nan |
| 2 | 64.32.8.69 | Los Angeles | California | AS46844 Sharktech | 90009 | United States | tier_1 | 3 | customer.sharktech.net | nan |
| 3 | 185.107.56.58 | Rotterdam | South Holland | AS43350 NForce Entertainment B.V. | 3012 | Netherlands | tier_1 | 3 | nan | nan |
| 4 | 64.32.8.68 | Los Angeles | California | AS46844 Sharktech | 90009 | United States | tier_1 | 3 | customer.sharktech.net | nan |
| 5 | 185.107.56.59 | Rotterdam | South Holland | AS43350 NForce Entertainment B.V. | 3012 | Netherlands | tier_1 | 3 | nan | nan |
| 6 | 64.32.8.67 | Los Angeles | California | AS46844 Sharktech | 90009 | United States | tier_1 | 2 | customer.sharktech.net | nan |
| 7 | 64.32.8.70 | Los Angeles | California | AS46844 Sharktech | 90009 | United States | tier_1 | 1 | customer.sharktech.net | nan |
| 8 | 173.239.53.32 | New York City | New York | AS27257 Webair Internet Development Company Inc. | 10004 | United States | tier_2 | 12 | nan | nan |
| 9 | 213.174.155.140 | Washington | Washington, D.C. | AS39572 DataWeb Global Group B.V. | 20045 | United States | tier_2 | 9 | nan | nan |
| 10 | 198.134.116.30 | New York City | New York | AS27257 Webair Internet Development Company Inc. | 10013 | United States | tier_2 | 9 | nan | nan |
| 11 | 172.67.218.230 | San Francisco | California | AS13335 Cloudflare, Inc. | 94107 | United States | tier_2 | 5 | nan | True |
| 12 | 178.62.225.201 | Amsterdam | North Holland | AS14061 DigitalOcean, LLC | 1012 | Netherlands | tier_3 | 2 | nan | nan |
| 13 | 52.73.147.241 | Ashburn | Virginia | AS14618 Amazon.com, Inc. | 20149 | United States | tier_2 | 3 | ec2-52-73-147-241.compute-1.amazonaws.com | nan |
| 14 | 44.196.216.26 | Ashburn | Virginia | AS14618 Amazon.com, Inc. | 20149 | United States | tier_2 | 3 | ec2-44-196-216-26.compute-1.amazonaws.com | nan |
| 15 | 34.195.15.110 | Ashburn | Virginia | AS14618 Amazon.com, Inc. | 20149 | United States | tier_2 | 3 | ec2-34-195-15-110.compute-1.amazonaws.com | nan |
| 16 | 64.190.63.136 | Frankfurt am Main | Hesse | AS47846 SEDO GmbH | 60311 | Germany | tier_2 | 2 | nan | nan |
| 17 | 88.99.101.106 | Hohen Neuendorf | Brandenburg | AS24940 Hetzner Online GmbH | 16540 | Germany | tier_2 | 2 | static.106.101.99.88.clients.your-server.de | nan |
| 18 | 34.195.129.193 | Ashburn | Virginia | AS14618 Amazon.com, Inc. | 20149 | United States | tier_2 | 2 | ec2-34-195-129-193.compute-1.amazonaws.com | nan |
| 19 | 104.21.35.112 | San Francisco | California | AS13335 Cloudflare, Inc. | 94107 | United States | tier_2 | 2 | nan | True |
| 20 | 209.132.243.15 | Los Angeles | California | AS7296 Alchemy Communications, Inc. | 90009 | United States | tier_2 | 2 | nan | nan |
| 21 | 167.233.8.197 | Nürnberg | Bavaria | AS24940 Hetzner Online GmbH | 90402 | Germany | tier_2 | 1 | static.197.8.233.167.clients.your-server.de | nan |
| 22 | 67.227.155.96 | Lansing | Michigan | AS32244 Liquid Web, L.L.C | 48901 | United States | tier_2 | 1 | nan | nan |
| 23 | 67.227.241.125 | Lansing | Michigan | AS32244 Liquid Web, L.L.C | 48901 | United States | tier_3 | 1 | host.encontext.com | nan |
| 24 | 209.15.13.136 | Toronto | Ontario | AS13768 Aptum Technologies | M5N | Canada | tier_2 | 1 | nan | nan |
| 25 | 143.204.151.83 | Newark | New Jersey | AS16509 Amazon.com, Inc. | 07175 | United States | tier_2 | 1 | server-143-204-151-83.ewr52.r.cloudfront.net | nan |
| 26 | 3.234.3.235 | Ashburn | Virginia | AS14618 Amazon.com, Inc. | 20149 | United States | tier_2 | 1 | ec2-3-234-3-235.compute-1.amazonaws.com | nan |
| 27 | 17.56.48.13 | Ashland | Oregon | AS714 Apple Inc. | 97520 | United States | tier_2 | 1 | foundationdb.com | nan |
| 28 | 104.19.182.41 | San Francisco | California | AS13335 Cloudflare, Inc. | 94107 | United States | tier_3 | 7 | nan | True |
| 29 | 51.91.200.241 | Roubaix | Hauts-de-France | AS16276 OVH SAS | 59051 CEDEX 1 | France | tier_3 | 2 | ip241.ip-51-91-200.eu | nan |
| 30 | 178.62.225.201 | Amsterdam | North Holland | AS14061 DigitalOcean, LLC | 1012 | Netherlands | tier_3 | 2 | nan | nan |
| 31 | 66.81.205.246 | Austin | Texas | AS40034 Confluence Networks Inc | 78701 | United States | tier_3 | 1 | nan | nan |
| 32 | 67.227.241.125 | Lansing | Michigan | AS32244 Liquid Web, L.L.C | 48901 | United States | tier_3 | 1 | host.encontext.com | nan |
| 33 | 52.2.75.57 | Ashburn | Virginia | AS14618 Amazon.com, Inc. | 20149 | United States | tier_3 | 1 | ec2-52-2-75-57.compute-1.amazonaws.com | nan |
| 34 | 172.67.26.187 | San Francisco | California | AS13335 Cloudflare, Inc. | 94107 | United States | tier_3 | 1 | nan | True |
| 35 | 143.204.142.6 | Newark | New Jersey | AS16509 Amazon.com, Inc. | 07175 | United States | tier_3 | 1 | server-143-204-142-6.ewr52.r.cloudfront.net | nan |
| 36 | 23.54.68.207 | Piscataway | New Jersey | AS16625 Akamai Technologies, Inc. | 08854 | United States | tier_3 | 1 | a23-54-68-207.deploy.static.akamaitechnologies.com | nan |
| 37 | 195.85.23.89 | Karlín | South Moravian | AS209242 Cloudflare London, LLC | 186 00 | Czech Republic | tier_3 | 1 | net-89-23-conversasro.com | True |
| 38 | 158.69.125.9 | Montréal | Quebec | AS16276 OVH SAS | H2W | Canada | tier_3 | 1 | ns521759.ip-158-69-125.net | nan |
| 39 | 165.227.96.45 | Clifton | New Jersey | AS14061 DigitalOcean, LLC | 07014 | United States | tier_3 | 1 | 109327.cloudwaysapps.com | nan |
| 40 | 92.223.20.123 | Luxembourg | Luxembourg | AS199524 G-Core Labs S.A. | L-1882 | Luxembourg | tier_3 | 1 | ed-sl-a123.fe.core.pw | nan |
| 41 | 162.243.10.151 | New York City | New York | AS14061 DigitalOcean, LLC | 10011 | United States | tier_3 | 1 | nan | nan |
Aggregated redirection graph of domains located on current IP address.¶
- The redirection flows from left to right
- Leftmost domains are initial domains hosted on current IP
- Rightmost domains are final landing domains we were able to crawl
Screenshot of high-occurrence final landing domains¶
Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶
Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website