Daily Threat Intelligence Report

This report contains following information. All tables and graphs are auto-generated.

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain

Content Warning: The following domain names and screenshots contain material that may be harmful or traumatizing to some audiences.

num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 70 66 117 0 16 2021-09-06 64.32.8.68 Chrome
tier domain count registrar name_servers org
0 tier_1 282hook.com 1 Namecatch Zone LLC NS1.DNSNUTS.COM The Management Group II
1 tier_1 ahngun.com 1 Namecroc.com LLC NS1.DNSNUTS.COM None
2 tier_1 aj01.net 1 Atomicdomainnames.com LLC NS1.DNSNUTS.COM The Management Group II
3 tier_1 abdato.com 1 Dropcatching Names LLC NS1.DNSNUTS.COM The Management Group II
4 tier_1 7peliculas.com 1 SNAPNAMES 4, LLC NS1.DNSNUTS.COM The Management Group II
5 tier_1 129zy.com 1 SNAPNAMES 10, LLC NS1.DNSNUTS.COM None
6 tier_1 34only.net 1 Atomicdomainnames.com LLC NS1.DNSNUTS.COM None
7 tier_1 aamorris.net 1 BullRunDomains.com LLC NS1.DNSNUTS.COM None
8 tier_1 24hoursforanna.com 1 NamePal.com #8010 Inc. NS1.DNSNUTS.COM None
9 tier_1 animalkun.org 1 AtlanticFriendNames.com LLC NS1.DNSNUTS.COM Statutory Masking Enabled
10 tier_2 acrvclk.com 9 NAMECHEAP INC JEROME.NS.CLOUDFLARE.COM Privacy service provided by Withheld for Privacy ehf
11 tier_2 clk.rtpdn14.com 9 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM Privacy service provided by Withheld for Privacy ehf
12 tier_2 click.expmediadirect1.com 9 NAMECHEAP INC NS1.LINODE.COM Privacy service provided by Withheld for Privacy ehf
13 tier_2 go.dmzjmp.com 7 NAMECHEAP INC AMY.NS.CLOUDFLARE.COM Privacy service provided by Withheld for Privacy ehf
14 tier_2 antig-hra.com 5 Amazon Registrar, Inc. NS-1005.AWSDNS-61.NET Whois Privacy Service
15 tier_2 v4.s.arclk.net 4 PSI-USA, Inc. dba Domain Robot A.NS14.NET None
16 tier_2 xml.sedodna.com 2 PSI-USA, Inc. dba Domain Robot NS-1222.AWSDNS-24.ORG None
17 tier_2 trafficgate.cc 2 NAMECHEAP INC HANS.NS.CLOUDFLARE.COM Privacy service provided by Withheld for Privacy ehf
18 tier_2 api.apptap.com 2 Amazon Registrar, Inc. NS-1256.AWSDNS-29.ORG Whois Privacy Service
19 tier_2 ww1.ahngun.com 1 Namecroc.com LLC NS1.DNSNUTS.COM None
20 tier_2 ww1.abdato.com 1 Dropcatching Names LLC NS1.DNSNUTS.COM The Management Group II
21 tier_2 juicydataair.ru 1 FE-RU dave.ns.cloudflare.com. None
22 tier_2 0.juicydataair.ru 1 FE-RU dave.ns.cloudflare.com. None
23 tier_2 1.juicydataair.ru 1 FE-RU dave.ns.cloudflare.com. None
24 tier_2 2.juicydataair.ru 1 FE-RU dave.ns.cloudflare.com. None
25 tier_2 track.vcdc.com 1 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
26 tier_2 xml.onwardclick.com 1 NAMECHEAP INC NS1.ENCONTEXT.COM Privacy service provided by Withheld for Privacy ehf
27 tier_2 adserver.encontextadvertising.com 1 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM Privacy service provided by Withheld for Privacy ehf
28 tier_2 adserver.shopnsave.world 1 None None None
29 tier_2 rtbstream.com 1 1API GmbH NS1.DNSIMPLE.COM Registrant of rtbstream.com
30 tier_3 stripchat.com 7 NAMECHEAP INC AMY.NS.CLOUDFLARE.COM Privacy service provided by Withheld for Privacy ehf
31 tier_3 top.faqtoids.com 1 None None None
32 tier_3 juicydataair.ru 1 FE-RU dave.ns.cloudflare.com. None
33 tier_3 3.juicydataair.ru 1 FE-RU dave.ns.cloudflare.com. None
34 tier_3 top.digitaltrendsradar.com 1 PDR Ltd. d/b/a PublicDomainRegistry.com GWEN.NS.CLOUDFLARE.COM Privacy Protect, LLC (PrivacyProtect.org)
35 tier_3 top.allresultsweb.com 1 None None None
36 tier_3 shopnsave.world 1 None None None
37 tier_3 betterhelp.com 1 GoDaddy.com, LLC NS-103.AWSDNS-12.COM BetterHelp
38 tier_3 volume.com 1 DYNADOT LLC A.NS.VOLUME.COM None
39 tier_3 amazon.com 1 None None None
40 tier_3 apple.com 1 CSC CORPORATE DOMAINS, INC. A.NS.APPLE.COM Apple Inc.
41 tier_3 bongacams.com 1 Safenames Ltd NS1.BNG-NS.COM None
42 tier_3 seek.theweb.com 1 None None None
43 tier_3 surveystarz.com 1 GoDaddy.com, LLC NS13.DOMAINCONTROL.COM Domains By Proxy, LLC
44 tier_3 worldoftanks.eu 1 None n None
45 tier_3 gua21.proasdf.com 1 GoDaddy.com, LLC NS61.DOMAINCONTROL.COM Domains By Proxy, LLC
ip city region org postal country_name tier count hostname anycast
0 185.107.56.60 Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 4 nan nan
1 185.107.56.57 Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 3 nan nan
2 64.32.8.69 Los Angeles California AS46844 Sharktech 90009 United States tier_1 3 customer.sharktech.net nan
3 185.107.56.58 Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 3 nan nan
4 64.32.8.68 Los Angeles California AS46844 Sharktech 90009 United States tier_1 3 customer.sharktech.net nan
5 185.107.56.59 Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 3 nan nan
6 64.32.8.67 Los Angeles California AS46844 Sharktech 90009 United States tier_1 2 customer.sharktech.net nan
7 64.32.8.70 Los Angeles California AS46844 Sharktech 90009 United States tier_1 1 customer.sharktech.net nan
8 173.239.53.32 New York City New York AS27257 Webair Internet Development Company Inc. 10004 United States tier_2 12 nan nan
9 213.174.155.140 Washington Washington, D.C. AS39572 DataWeb Global Group B.V. 20045 United States tier_2 9 nan nan
10 198.134.116.30 New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 9 nan nan
11 172.67.218.230 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_2 5 nan True
12 178.62.225.201 Amsterdam North Holland AS14061 DigitalOcean, LLC 1012 Netherlands tier_3 2 nan nan
13 52.73.147.241 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 3 ec2-52-73-147-241.compute-1.amazonaws.com nan
14 44.196.216.26 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 3 ec2-44-196-216-26.compute-1.amazonaws.com nan
15 34.195.15.110 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 3 ec2-34-195-15-110.compute-1.amazonaws.com nan
16 64.190.63.136 Frankfurt am Main Hesse AS47846 SEDO GmbH 60311 Germany tier_2 2 nan nan
17 88.99.101.106 Hohen Neuendorf Brandenburg AS24940 Hetzner Online GmbH 16540 Germany tier_2 2 static.106.101.99.88.clients.your-server.de nan
18 34.195.129.193 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 2 ec2-34-195-129-193.compute-1.amazonaws.com nan
19 104.21.35.112 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_2 2 nan True
20 209.132.243.15 Los Angeles California AS7296 Alchemy Communications, Inc. 90009 United States tier_2 2 nan nan
21 167.233.8.197 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 1 static.197.8.233.167.clients.your-server.de nan
22 67.227.155.96 Lansing Michigan AS32244 Liquid Web, L.L.C 48901 United States tier_2 1 nan nan
23 67.227.241.125 Lansing Michigan AS32244 Liquid Web, L.L.C 48901 United States tier_3 1 host.encontext.com nan
24 209.15.13.136 Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 1 nan nan
25 143.204.151.83 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 1 server-143-204-151-83.ewr52.r.cloudfront.net nan
26 3.234.3.235 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 1 ec2-3-234-3-235.compute-1.amazonaws.com nan
27 17.56.48.13 Ashland Oregon AS714 Apple Inc. 97520 United States tier_2 1 foundationdb.com nan
28 104.19.182.41 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 7 nan True
29 51.91.200.241 Roubaix Hauts-de-France AS16276 OVH SAS 59051 CEDEX 1 France tier_3 2 ip241.ip-51-91-200.eu nan
30 178.62.225.201 Amsterdam North Holland AS14061 DigitalOcean, LLC 1012 Netherlands tier_3 2 nan nan
31 66.81.205.246 Austin Texas AS40034 Confluence Networks Inc 78701 United States tier_3 1 nan nan
32 67.227.241.125 Lansing Michigan AS32244 Liquid Web, L.L.C 48901 United States tier_3 1 host.encontext.com nan
33 52.2.75.57 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 ec2-52-2-75-57.compute-1.amazonaws.com nan
34 172.67.26.187 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 nan True
35 143.204.142.6 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 1 server-143-204-142-6.ewr52.r.cloudfront.net nan
36 23.54.68.207 Piscataway New Jersey AS16625 Akamai Technologies, Inc. 08854 United States tier_3 1 a23-54-68-207.deploy.static.akamaitechnologies.com nan
37 195.85.23.89 Karlín South Moravian AS209242 Cloudflare London, LLC 186 00 Czech Republic tier_3 1 net-89-23-conversasro.com True
38 158.69.125.9 Montréal Quebec AS16276 OVH SAS H2W Canada tier_3 1 ns521759.ip-158-69-125.net nan
39 165.227.96.45 Clifton New Jersey AS14061 DigitalOcean, LLC 07014 United States tier_3 1 109327.cloudwaysapps.com nan
40 92.223.20.123 Luxembourg Luxembourg AS199524 G-Core Labs S.A. L-1882 Luxembourg tier_3 1 ed-sl-a123.fe.core.pw nan
41 162.243.10.151 New York City New York AS14061 DigitalOcean, LLC 10011 United States tier_3 1 nan nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website