Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 165 168 662 1 22 2021-04-08 64.32.8.68 Safari
tier domain count registrar name_servers org
0 tier_1 gaitametore.com 1 Blisternet, Incorporated NS1.DNSNUTS.COM None
1 tier_1 cupidonx.com 1 eNom375, Incorporated NS1.DNSNUTS.COM None
2 tier_1 brickerenterprise.com 1 NamePal.com #8011 Inc. NS1.DNSNUTS.COM None
3 tier_1 fuge.it 1 Munpe Invest SL n None
4 tier_1 antiilluminati.net 1 Hawthornedomains.com LLC NS1.DNSNUTS.COM None
5 tier_1 beritatrendz.com 1 Nameselite, LLC NS1.DNSNUTS.COM None
6 tier_1 bagustekno.net 1 Zone of Domains LLC NS1.DNSNUTS.COM None
7 tier_1 cilipu.com 1 eNomSky, Inc. NS1.DNSNUTS.COM None
8 tier_1 aptrk10.com 1 One Putt, Inc. (formerly:Z-Core, Inc.) NS1.DNSNUTS.COM None
9 tier_1 dconvert.net 1 eNomFor, Inc. NS1.DNSNUTS.COM None
10 tier_2 btpnav.com 56 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnav.com
11 tier_2 1496.rawlexi.com 35 GoDaddy Online Services Cayman Islands LTD NS-128.AWSDNS-16.COM None
12 tier_2 americanlisted.com 34 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
13 tier_2 9nl.es 34 None None None
14 tier_2 newre-conversions.clickmeter.com 34 REGISTER S.P.A. NS-1498.AWSDNS-59.ORG REDACTED FOR PRIVACY
15 tier_2 trk.jometer.com 34 Amazon Registrar, Inc. NS-129.AWSDNS-16.COM Whois Privacy Service
16 tier_2 api.l5srv.net 34 GoDaddy.com, LLC NS53.DOMAINCONTROL.COM Domains By Proxy, LLC
17 tier_2 nizephoros-pom.com 28 Amazon Registrar, Inc. NS-1192.AWSDNS-21.ORG Whois Privacy Service
18 tier_2 click.expmediadirect.com 18 None None None
19 tier_2 managerformula.com 12 None None None
20 tier_2 track.vcdc.com 10 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
21 tier_2 asufij.xyz 10 None None None
22 tier_2 hureseyd.top 9 NameSilo, LLC ns1.selectel.org See PrivacyGuardian.org
23 tier_2 clk.rtpdn12.com 7 None None None
24 tier_2 btpnative.com 7 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnative.com
25 tier_2 infopicked.com 6 None None None
26 tier_2 api.apptap.com 6 Amazon Registrar, Inc. NS-1256.AWSDNS-29.ORG Whois Privacy Service
27 tier_2 api.mplayit.com 6 Amazon Registrar, Inc. NS-1236.AWSDNS-26.ORG Whois Privacy Service
28 tier_2 redirect.viglink.com 6 Amazon Registrar, Inc. NS1.VIGLINK.COM Whois Privacy Service
29 tier_2 link.sylikes.com 6 MarkMonitor, Inc. NS-1063.AWSDNS-04.ORG Connexity, Inc.
30 tier_3 upward.careers 34 GoDaddy.com, LLC ns21.domaincontrol.com Domains By Proxy, LLC
31 tier_3 managerformula.com 15 None None None
32 tier_3 s3.amazonaws.com 13 MarkMonitor, Inc. R1.AMAZONAWS.COM Amazon.com, Inc.
33 tier_3 xzb.subeamy.pw 10 None None None
34 tier_3 blockchain-com.email 4 NameSilo, LLC ns1.selectel.org See PrivacyGuardian.org
35 tier_3 reebok.com 4 CSC CORPORATE DOMAINS, INC. NS1.NETNAMES.NET Reebok International, Ltd.
36 tier_3 play.google.com 3 MarkMonitor, Inc. NS1.GOOGLE.COM Google LLC
37 tier_3 bing.com 3 None None None
38 tier_3 check-your-profitzone.life 2 None None None
39 tier_3 rd.bizrate.com 2 None None None
40 tier_3 runnewest-bestextremelyfile.best 2 None None None
41 tier_3 americanlisted.com 1 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
42 tier_3 lastminute.com 1 MarkMonitor, Inc. NS-1042.AWSDNS-02.ORG Bravonext S.A.
43 tier_3 apple.global-info.space 1 None None None
44 tier_3 booking.com 1 None None None
45 tier_3 wayfair.com 1 None None None
ip hostname city region org postal country_name tier count anycast
0 64.32.8.70 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 21 nan
1 64.32.8.67 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 16 nan
2 185.107.56.60 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 14 nan
3 64.32.8.69 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 11 nan
4 64.32.8.68 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 10 nan
5 185.107.56.58 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 10 nan
6 185.107.56.59 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 8 nan
7 185.107.56.57 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 7 nan
8 209.15.13.136 nan Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 67 nan
9 198.54.112.216 nan San Jose California AS22612 Namecheap, Inc. 95103 United States tier_2 36 nan
10 35.209.61.240 240.61.209.35.bc.googleusercontent.com Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_3 1 nan
11 67.227.173.37 nan Lansing Michigan AS32244 Liquid Web, L.L.C 48901 United States tier_2 34 nan
12 23.21.53.13 ec2-23-21-53-13.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 21 nan
13 23.21.166.230 ec2-23-21-166-230.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 18 nan
14 198.134.116.30 nan New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 18 nan
15 54.197.247.190 ec2-54-197-247-190.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 16 nan
16 54.235.205.204 ec2-54-235-205-204.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 13 nan
17 192.138.218.207 rd.bizrate.com Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_3 2 nan
18 99.84.114.17 server-99-84-114-17.ewr52.r.cloudfront.net Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 10 nan
19 167.233.8.197 static.197.8.233.167.clients.your-server.de N├╝rnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 10 nan
20 99.84.114.25 server-99-84-114-25.ewr52.r.cloudfront.net Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 10 nan
21 34.197.176.2 ec2-34-197-176-2.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 9 nan
22 34.207.43.7 ec2-34-207-43-7.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 9 nan
23 185.233.2.13 nan Saint Petersburg St.-Petersburg AS48096 Enterprise Cloud Ltd. 190000 Russia tier_2 9 nan
24 99.84.114.65 server-99-84-114-65.ewr52.r.cloudfront.net Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 8 nan
25 173.239.53.32 nan New York City New York AS27257 Webair Internet Development Company Inc. 10004 United States tier_2 8 nan
26 173.192.101.24 18.65.c0ad.ip4.static.sl-reverse.com Dallas Texas AS36351 SoftLayer Technologies Inc. 75270 United States tier_2 7 nan
27 52.206.141.190 ec2-52-206-141-190.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 7 nan
28 67.227.172.40 nan Lansing Michigan AS32244 Liquid Web, L.L.C 48901 United States tier_3 34 nan
29 23.38.167.202 a23-38-167-202.deploy.static.akamaitechnologies.com Philadelphia Pennsylvania AS20940 Akamai International B.V. 19099 United States tier_3 8 nan
30 35.165.21.241 ec2-35-165-21-241.us-west-2.compute.amazonaws.com Boardman Oregon AS16509 Amazon.com, Inc. 97818 United States tier_3 7 nan
31 23.38.167.227 a23-38-167-227.deploy.static.akamaitechnologies.com Philadelphia Pennsylvania AS20940 Akamai International B.V. 19099 United States tier_3 4 nan
32 23.44.210.223 a23-44-210-223.deploy.static.akamaitechnologies.com Edison New Jersey AS16625 Akamai Technologies, Inc. 08817 United States tier_3 4 nan
33 23.38.167.192 a23-38-167-192.deploy.static.akamaitechnologies.com Philadelphia Pennsylvania AS20940 Akamai International B.V. 19099 United States tier_3 3 nan
34 52.88.215.122 ec2-52-88-215-122.us-west-2.compute.amazonaws.com Boardman Oregon AS16509 Amazon.com, Inc. 97818 United States tier_3 3 nan
35 172.217.165.142 lax30s03-in-f14.1e100.net Los Angeles California AS15169 Google LLC 90009 United States tier_3 2 nan
36 52.217.88.230 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 2 nan
37 5.8.47.52 nan Haarlem North Holland AS209813 Fast Content Delivery LTD 2031 Netherlands tier_3 2 nan
38 13.107.21.200 nan Redmond Washington AS8068 Microsoft Corporation 98052 United States tier_3 2 True
39 31.184.202.191 nan Haarlem North Holland AS209813 Fast Content Delivery LTD 2031 Netherlands tier_3 2 nan
40 192.138.218.207 rd.bizrate.com Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_3 2 nan
41 100.37.135.2 pool-100-37-135-2.nycmny.fios.verizon.net New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 2 nan
42 52.217.110.190 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 2 nan
43 52.20.53.118 ec2-52-20-53-118.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 2 nan
44 204.79.197.200 a-0001.a-msedge.net Redmond Washington AS8068 Microsoft Corporation 98052 United States tier_3 1 True
45 52.217.89.198 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
46 52.216.147.150 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
47 52.216.99.61 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
48 142.250.80.14 lga34s33-in-f14.1e100.net New York City New York AS15169 Google LLC 10004 United States tier_3 1 nan
49 52.216.100.245 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
50 52.217.79.126 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
51 35.209.61.240 240.61.209.35.bc.googleusercontent.com Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_3 1 nan
52 52.217.169.16 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
53 52.217.13.166 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
54 104.18.142.27 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 True
55 52.216.16.155 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
56 52.217.102.62 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
57 104.21.78.145 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 True

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website