Daily Threat Intelligence Report

This report contains following information. All tables and graphs are auto-generated.

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain

Content Warning: The following domain names and screenshots contain material that may be harmful or traumatizing to some audiences.

num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
066601200172021-09-1564.32.8.68Chrome
tierdomaincountregistrarname_serversorg
0tier_124bitvinyl.com1White Alligator Domains, LLCNS1.DNSNUTS.COMNone
1tier_1copytoon67.com1Best Drop Names LLCNS1.DNSNUTS.COMNone
2tier_1bont4.com1SNAPNAMES 95, LLCNS1.DNSNUTS.COMNone
3tier_1cool-tricks.net1NamePal.com #8013, LLCNS1.DNSNUTS.COMNone
4tier_1cookinggamestown.com1Adriatic Domains LLCNS1.DNSNUTS.COMNone
5tier_1aviation-arab.net1Domainsofvalue.com LLCNS1.DNSNUTS.COMNone
6tier_145ga.com1SNAPNAMES 42, LLCNS1.DNSNUTS.COMNone
7tier_10gtx.com1Domainarmada.com LLCNS1.DNSNUTS.COMNone
8tier_1caesarmovies.com1New Order Domains, LLCNS1.DNSNUTS.COMNone
9tier_1baztab.net1Belmontdomains.com LLCNS1.DNSNUTS.COMNone
10tier_2track.vcdc.com10Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
11tier_2adalgard-wol.com7Amazon Registrar, Inc.NS-1490.AWSDNS-58.ORGWhois Privacy Service
12tier_2api.apptap.com6Amazon Registrar, Inc.NS-1256.AWSDNS-29.ORGWhois Privacy Service
13tier_2redirect.viglink.com6Amazon Registrar, Inc.NS1.VIGLINK.COMWhois Privacy Service
14tier_2link.sylikes.com6MarkMonitor, Inc.NS-1063.AWSDNS-04.ORGConnexity, Inc.
15tier_2search.aushd.info5Sea Wasp, LLCNS1.FABULOUS.COMJewella Privacy LLC
16tier_2clk.rtpdn14.com5NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMPrivacy service provided by Withheld for Privacy ehf
17tier_2rd.bizrate.com4NoneNoneNone
18tier_2rd.connexity.net4NoneNoneNone
19tier_2v4.s.arclk.net2PSI-USA, Inc. dba Domain RobotA.NS14.NETNone
20tier_2click.junmediadirect.com1NAMECHEAP INCNS1.LINODE.COMPrivacy service provided by Withheld for Privacy ehf
21tier_2topsolutions.rdtk.io1GoDaddy.com, LLCNS-239.AWSDNS-29.COMNone
22tier_2track.wg-aff.com1CSC CORPORATE DOMAINS, INC.NS1.WARGAMING.NETWargaming Group Limited
23tier_2rdr.wargaming.net1GoDaddy.com, LLCNS1.WARGAMING.NETWargaming.net Limited
24tier_2auxentios-sev.com1Amazon Registrar, Inc.NS-1388.AWSDNS-45.ORGWhois Privacy Service
25tier_2mignished-sility.com1Amazon Registrar, Inc.NS-1225.AWSDNS-25.ORGWhois Privacy Service
26tier_2directnavbt.com11API GmbHNS1.DNSIMPLE.COMRegistrant of directnavbt.com
27tier_2query.pureleads.com1New Frontier, Inc.NS1.P05.DYNECT.NETDomain Protection Services, Inc.
28tier_2queryclick.pureleads.com1New Frontier, Inc.NS1.P05.DYNECT.NETDomain Protection Services, Inc.
29tier_2clickserve.dartsearch.net1MarkMonitor, Inc.NS1.GOOGLE.COMGoogle LLC
30tier_3searchoffers.info5Moniker Online Services LLCNS1.MONIKERDNS.NETMoniker Privacy Services
31tier_3roamans.com4CSC CORPORATE DOMAINS, INC.PDNS1.ULTRADNS.NETFullBeauty Brands Operations, LLC
32tier_3rd.bizrate.com2MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
33tier_3top.digitaltrendsradar.com1PDR Ltd. d/b/a PublicDomainRegistry.comGWEN.NS.CLOUDFLARE.COMPrivacy Protect, LLC (PrivacyProtect.org)
34tier_3promo.worldofwarships.com1CSC CORPORATE DOMAINS, INC.NS1.WARGAMING.NETWargaming.net Limited
35tier_3greenadblocker.com1Moniker Online Services LLCCHERYL.NS.CLOUDFLARE.COMMoniker Privacy Services
36tier_3hp.com1NoneNoneNone
37tier_3bing.com1NoneNoneNone
38tier_3coolmambo.com1NoneNoneNone
39tier_3volume.com1DYNADOT LLCA.NS.VOLUME.COMNone
40tier_3music.apple.com1CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0185.107.56.60RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_14nannan
1185.107.56.58RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_14nannan
264.32.8.69Los AngelesCaliforniaAS46844 Sharktech90009United Statestier_13customer.sharktech.netnan
3185.107.56.59RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_12nannan
464.32.8.67Los AngelesCaliforniaAS46844 Sharktech90009United Statestier_12customer.sharktech.netnan
5185.107.56.57RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_12nannan
664.32.8.68Los AngelesCaliforniaAS46844 Sharktech90009United Statestier_11customer.sharktech.netnan
764.32.8.70Los AngelesCaliforniaAS46844 Sharktech90009United Statestier_11customer.sharktech.netnan
8167.233.8.197GunzenhausenBavariaAS24940 Hetzner Online GmbH91710Germanytier_210static.197.8.233.167.clients.your-server.denan
9192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_32rd.bizrate.comnan
10173.239.53.32New York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_29nannan
1152.73.147.241AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_26ec2-52-73-147-241.compute-1.amazonaws.comnan
123.223.13.191AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_24ec2-3-223-13-191.compute-1.amazonaws.comnan
13192.138.218.139SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_24rd.connexity.netnan
1444.240.39.36BoardmanOregonAS16509 Amazon.com, Inc.97818United Statestier_23ec2-44-240-39-36.us-west-2.compute.amazonaws.comnan
1544.196.82.117AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_23ec2-44-196-82-117.compute-1.amazonaws.comnan
163.94.243.95AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_23ec2-3-94-243-95.compute-1.amazonaws.comnan
1734.195.129.193AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_22ec2-34-195-129-193.compute-1.amazonaws.comnan
1834.195.100.186AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_22ec2-34-195-100-186.compute-1.amazonaws.comnan
19100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_31pool-100-37-135-2.nycmny.fios.verizon.netnan
2035.162.82.92BoardmanOregonAS16509 Amazon.com, Inc.97818United Statestier_22ec2-35-162-82-92.us-west-2.compute.amazonaws.comnan
21209.132.243.15Los AngelesCaliforniaAS7296 Alchemy Communications, Inc.90009United Statestier_22nannan
22198.134.116.18New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_21nannan
2323.105.36.164WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_21nannan
24212.32.254.138AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_21nannan
2592.223.27.99LuxembourgLuxembourgAS199524 G-Core Labs S.A.L-1882Luxembourgtier_21nannan
2654.205.10.190AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_21ec2-54-205-10-190.compute-1.amazonaws.comnan
273.225.140.174AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_21ec2-3-225-140-174.compute-1.amazonaws.comnan
2818.190.1.57HilliardOhioAS16509 Amazon.com, Inc.43026United Statestier_35ec2-18-190-1-57.us-east-2.compute.amazonaws.comnan
29204.141.89.197AshburnVirginiaAS393259 Yottaa, Inc20149United Statestier_32nannan
30192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_32rd.bizrate.comnan
3166.81.205.246AustinTexasAS40034 Confluence Networks Inc78701United Statestier_31nannan
32162.216.230.38AshburnVirginiaAS199524 G-Core Labs S.A.20147United Statestier_31nannan
33204.2.133.112San JoseCaliforniaAS393259 Yottaa, Inc95103United Statestier_31nannan
34172.67.216.205San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_31nanTrue
3523.223.151.24New York CityNew YorkAS20940 Akamai International B.V.10004United Statestier_31a23-223-151-24.deploy.static.akamaitechnologies.comnan
36131.253.33.200RedmondWashingtonAS8068 Microsoft Corporation98052United Statestier_31a-0001.dc-msedge.netTrue
3764.91.232.212LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_31host.encontext.comnan
38172.66.40.173ViennaViennaAS13335 Cloudflare, Inc.1060Austriatier_31nannan
39204.141.89.198AshburnVirginiaAS393259 Yottaa, Inc20149United Statestier_31nannan
40100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_31pool-100-37-135-2.nycmny.fios.verizon.netnan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website