Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
027629210920182021-04-1074.63.241.23Iphone
tierdomaincountregistrarname_serversorg
0tier_1gqf282.com1Communigal Communication LtdNS1.COMMONMX.COMNone
1tier_1storyowl.co1Communigal Communication Ltdns2.commonmx.comNone
2tier_1telexfree.co1Communigal Communication Ltdns2.commonmx.comNone
3tier_1global-logistics.co1Communigal Communication Ltdns2.commonmx.comNone
4tier_1evanzhang.me1GoDaddy.com, LLCNoneNone
5tier_1bemember.me1GoDaddy.com, LLCNoneNone
6tier_1voyeurcam.co1Communigal Communication Ltdns2.commonmx.comNone
7tier_1yowahada.com1! #1 Host Korea, LLCNS1.COMMONMX.COMNone
8tier_1lintel.info1DYNADOT LLCNS1.COMMONMX.COMNone
9tier_1iphone3g.info1Dynadot, LLCNS1.COMMONMX.COMNone
10tier_2click.expmediadirect.com83NAMECHEAP INCNS1.LINODE.COMPrivacy service provided by Withheld for Privacy ehf
11tier_2changeslots.com54Instra Corporation Pty Ltd.CLEO.NS.CLOUDFLARE.COMREDACTED FOR PRIVACY
12tier_2api.apptap.com46Amazon Registrar, Inc.NS-1256.AWSDNS-29.ORGWhois Privacy Service
13tier_2redirect.viglink.com44Amazon Registrar, Inc.NS1.VIGLINK.COMWhois Privacy Service
14tier_2link.sylikes.com44MarkMonitor, Inc.NS-1063.AWSDNS-04.ORGConnexity, Inc.
15tier_2aristo-hag.com41Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGWhois Privacy Service
16tier_2rd.bizrate.com36NoneNoneNone
17tier_2api.mplayit.com35Amazon Registrar, Inc.NS-1236.AWSDNS-26.ORGWhois Privacy Service
18tier_2btpnav.com341API GmbHNS1.DNSIMPLE.COMRegistrant of btpnav.com
19tier_2btpnative.com331API GmbHNS1.DNSIMPLE.COMRegistrant of btpnative.com
20tier_2rd.connexity.net33NoneNoneNone
21tier_2atnpx.com32GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMDomains By Proxy, LLC
22tier_2infopicked.com29NAMECHEAP INCNS0.DNSMADEEASY.COMPrivacy service provided by Withheld for Privacy ehf
23tier_2wayfair.com29NoneNoneNone
24tier_2p274639.infopicked.com24NAMECHEAP INCNS0.DNSMADEEASY.COMPrivacy service provided by Withheld for Privacy ehf
25tier_2api.quotes.com24Internet Domain Service BS Corp.NS-CANADA.TOPDNS.COMWhois Privacy Corp.
26tier_2track.vcdc.com8Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
27tier_2beta.infopicked.com6NAMECHEAP INCNS0.DNSMADEEASY.COMPrivacy service provided by Withheld for Privacy ehf
28tier_2c.clickprotects.com4GoDaddy.com, LLCNS63.DOMAINCONTROL.COMDomains By Proxy, LLC
29tier_211165151.addotnet.com4GoDaddy.com, LLCNS75.DOMAINCONTROL.COMDomains By Proxy, LLC
30tier_3theconnectvpn.com54DonDominio (SCIP)ARNOLD.NS.CLOUDFLARE.COMSoluciones Corporativas IP, c/o Whois Proxy
31tier_3bestappland.me37NAMECHEAP INCNoneNone
32tier_3wayfair.com_LOOP_126NoneNoneNone
33tier_3kbb.com22CSC CORPORATE DOMAINS, INC.PDNS164.ULTRADNS.BIZAutotrader.com
34tier_3robogarden.io11GoDaddy.com, LLCBECKY.NS.CLOUDFLARE.COMNone
35tier_3rd.bizrate.com10MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
36tier_3storystudio.sfgate.com5CSC CORPORATE DOMAINS, INC.NS1.HEARSTNP.COMHearst Communications, Inc.
37tier_3music.apple.com4CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
38tier_3wayfair.com_LOOP_23NoneNoneNone
39tier_3socalhondadealers.com2DREAMHOSTNS1.DREAMHOST.COMProxy Protection LLC
40tier_3ram21.proasdf.com2GoDaddy.com, LLCNS61.DOMAINCONTROL.COMDomains By Proxy, LLC
41tier_3beyourxfriend.com1GoDaddy.com, LLCNS0.DNSMADEEASY.COMNone
42tier_3lampsplus.com_LOOP_11NoneNoneNone
43tier_3careerbliss.com1GoDaddy.com, LLCNS10.DNSMADEEASY.COMDomains By Proxy, LLC
44tier_3m.albeebaby.com1Network Solutions, LLCYNS1.YAHOO.COMNone
45tier_3filter.onwardclick.com1NAMECHEAP INCNS1.ENCONTEXT.COMPrivacy service provided by Withheld for Privacy ehf
46tier_3forlearningminds.com1NAMECHEAP INCNS1.ENCONTEXT.COMPrivacy service provided by Withheld for Privacy ehf
47tier_3wayfair.com1MarkMonitor, Inc.A1-100.AKAM.NETWayfair, LLC
48tier_3bostonproper.com1Amazon Registrar, Inc.NS-117.AWSDNS-14.COMNone
49tier_3aristo-hag.com1Amazon Registrar, Inc.NS-1226.AWSDNS-25.ORGNone
50tier_3uniqlo.com11API GmbHNS-1415.AWSDNS-48.ORGNone
51tier_3thelastpicture.show_LOOP_11NoneNoneNone
52tier_3equinoxadvertising.com_LOOP_11NoneNoneNone
53tier_3ballarddesigns.com_LOOP_11NoneNoneNone
54tier_3maurices.com_LOOP_11NoneNoneNone
55tier_3birkenstock.com1PSI-USA, Inc. dba Domain RobotA.NS14.NETBIRKENSTOCK SALES GMBH
ipcityregionorgpostalcountry_nametiercounthostnameanycast
0207.244.67.214WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_126nannan
1207.244.67.218WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_125nannan
2207.244.67.216WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_124nannan
3207.244.67.215WashingtonWashington, D.C.AS30633 Leaseweb USA, Inc.20045United Statestier_120nannan
4104.243.45.179New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_117nannan
5104.243.45.190New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_115nannan
6206.221.176.184NewarkNew JerseyAS23470 ReliableSite.Net LLC07175United Statestier_115nannan
7104.243.45.178New York CityNew YorkAS23470 ReliableSite.Net LLC10004United Statestier_113nannan
882.192.82.226AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_17nannan
982.192.82.225AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_14nannan
10198.134.116.30New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_284nannan
11192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_310nannan
12209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_270nannan
13173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_26018.65.c0ad.ip4.static.sl-reverse.comnan
1434.207.32.33AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_254ec2-34-207-32-33.compute-1.amazonaws.comnan
1534.197.67.232AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_235ec2-34-197-67-232.compute-1.amazonaws.comnan
16192.138.218.139SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_233rd.connexity.netnan
175.79.68.236AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_224nannan
1852.205.177.114AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_223ec2-52-205-177-114.compute-1.amazonaws.comnan
1952.206.141.190AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_223ec2-52-206-141-190.compute-1.amazonaws.comnan
20172.67.74.77San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_223nanTrue
2134.225.128.119AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_222ec2-34-225-128-119.compute-1.amazonaws.comnan
223.226.37.31AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_222ec2-3-226-37-31.compute-1.amazonaws.comnan
2323.41.189.99NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31a23-41-189-99.deploy.static.akamaitechnologies.comnan
2452.72.29.7AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_214ec2-52-72-29-7.compute-1.amazonaws.comnan
2554.208.107.202AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_29ec2-54-208-107-202.compute-1.amazonaws.comnan
26173.239.53.32New York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_31nannan
27167.233.8.197NürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_28static.197.8.233.167.clients.your-server.denan
28209.132.243.15Los AngelesCaliforniaAS7296 Alchemy Communications, Inc.90009United Statestier_28nannan
29100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_338pool-100-37-135-2.nycmny.fios.verizon.netnan
30100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_338pool-100-37-135-2.nycmny.fios.verizon.netnan
31142.93.4.215North BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_337nannan
32104.21.91.236San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_327nanTrue
33172.67.181.234San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_327nanTrue
3423.44.217.143NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_322a23-44-217-143.deploy.static.akamaitechnologies.comnan
35192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_310nannan
36104.21.80.8San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_39nanTrue
3798.129.228.57DallasTexasAS33070 Rackspace Hosting75270United Statestier_35nannan
3835.174.35.73AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_32ec2-35-174-35-73.compute-1.amazonaws.comnan
39162.243.10.151New York CityNew YorkAS14061 DigitalOcean, LLC10011United Statestier_32nannan
40172.67.172.143San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_32nanTrue
4145.33.8.244RichardsonTexasAS63949 Linode, LLC75080United Statestier_31li962-244.members.linode.comnan
42207.38.44.116Los AngelesCaliforniaAS5693 Latisys-Irvine, LLC90009United Statestier_31cbsmtp1.careerbliss.comnan
43185.246.209.7ChicagoIllinoisAS60068 Datacamp Limited60666United Statestier_31nannan
44173.239.53.32New York CityNew YorkAS27257 Webair Internet Development Company Inc.10004United Statestier_31nannan
4564.91.232.212LansingMichiganAS32244 Liquid Web, L.L.C48901United Statestier_31host.encontext.comnan
4623.41.189.99NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31a23-41-189-99.deploy.static.akamaitechnologies.comnan
4713.33.46.107NewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_31server-13-33-46-107.ewr52.r.cloudfront.netnan
4852.206.108.38AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_31ec2-52-206-108-38.compute-1.amazonaws.comnan
4923.38.173.248NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_31a23-38-173-248.deploy.static.akamaitechnologies.comnan
5023.38.170.120NewarkNew JerseyAS20940 Akamai International B.V.07175United Statestier_31a23-38-170-120.deploy.static.akamaitechnologies.comnan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website