Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 145 149 433 0 13 2021-04-15 64.32.8.68 Safari
tier domain count registrar name_servers org
0 tier_1 forumbds.net 1 Namesource LLC NS1.DNSNUTS.COM None
1 tier_1 brasilonline.tv 1 Sterling Domains LLC NS1.DNSNUTS.COM None
2 tier_1 freeporntop.com 1 Bounce Pass Domains LLC NS1.DNSNUTS.COM None
3 tier_1 brickerenterprise.com 1 NamePal.com #8011, LLC NS1.DNSNUTS.COM None
4 tier_1 cuocsong365.net 1 Flancrestdomains.com LLC NS1.DNSNUTS.COM None
5 tier_1 gamespottingnetworks.com 1 SNAPNAMES 50, LLC NS1.DNSNUTS.COM None
6 tier_1 ausujet.com 1 Domain Name Root LLC NS1.DNSNUTS.COM None
7 tier_1 colrut.com 1 SNAPNAMES 65, LLC NS1.DNSNUTS.COM None
8 tier_1 dl4warez.com 1 NamePal.com #8013, LLC NS1.DNSNUTS.COM None
9 tier_1 dragonflyscans.org 1 AtlanticFriendNames.com LLC NS1.DNSNUTS.COM The Management Group II
10 tier_2 btpnav.com 34 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnav.com
11 tier_2 click.expmediadirect.com 29 NAMECHEAP INC NS1.LINODE.COM Privacy service provided by Withheld for Privacy ehf
12 tier_2 nizephoros-pom.com 29 Amazon Registrar, Inc. NS-1192.AWSDNS-21.ORG Whois Privacy Service
13 tier_2 aristo-hag.com 21 Amazon Registrar, Inc. NS-1226.AWSDNS-25.ORG Whois Privacy Service
14 tier_2 asufij.xyz 17 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM Privacy service provided by Withheld for Privacy ehf
15 tier_2 hureseyd.top 13 NameSilo, LLC ns1.selectel.org See PrivacyGuardian.org
16 tier_2 clk.rtpdn12.com 11 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM Privacy service provided by Withheld for Privacy ehf
17 tier_2 blockchain-com.email 9 NameSilo, LLC ns1.selectel.org See PrivacyGuardian.org
18 tier_2 managerformula.com 9 None None None
19 tier_2 track.vcdc.com 8 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
20 tier_2 api.apptap.com 5 Amazon Registrar, Inc. NS-1256.AWSDNS-29.ORG Whois Privacy Service
21 tier_2 api.mplayit.com 5 Amazon Registrar, Inc. NS-1236.AWSDNS-26.ORG Whois Privacy Service
22 tier_2 redirect.viglink.com 5 Amazon Registrar, Inc. NS1.VIGLINK.COM Whois Privacy Service
23 tier_2 link.sylikes.com 5 MarkMonitor, Inc. NS-1063.AWSDNS-04.ORG Connexity, Inc.
24 tier_2 trk.qads.io 4 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM None
25 tier_2 btpnative.com 4 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnative.com
26 tier_2 infopicked.com 4 NAMECHEAP INC NS0.DNSMADEEASY.COM Privacy service provided by Withheld for Privacy ehf
27 tier_2 rtbstream.com 4 1API GmbH NS1.DNSIMPLE.COM Registrant of rtbstream.com
28 tier_2 mega.affiliate-dash.com 4 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM Privacy service provided by Withheld for Privacy ehf
29 tier_2 storage-for-mobileapps.life 3 None None None
30 tier_3 managerformula.com 20 NameCheap, Inc. DNS1.REGISTRAR-SERVERS.COM None
31 tier_3 xzb.subeamy.pw 17 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM Privacy service provided by Withheld for Privacy ehf
32 tier_3 s3.amazonaws.com 9 MarkMonitor, Inc. R1.AMAZONAWS.COM Amazon.com, Inc.
33 tier_3 tripleprofit-zone.life 5 None None None
34 tier_3 blockchain-com.email 4 NameSilo, LLC ns1.selectel.org See PrivacyGuardian.org
35 tier_3 runnewest-bestextremelyfile.best 4 None None None
36 tier_3 play.google.com 3 None None None
37 tier_3 bing.com 3 None None None
38 tier_3 rd.bizrate.com 3 None None None
39 tier_3 app.tbbg.io 2 None None None
40 tier_3 kbb.com 2 CSC CORPORATE DOMAINS, INC. PDNS164.ULTRADNS.BIZ Autotrader.com
41 tier_3 music.apple.com 1 CSC CORPORATE DOMAINS, INC. A.NS.APPLE.COM Apple Inc.
42 tier_3 bestsecretflirt.com 1 GoDaddy.com, LLC NS0.DNSMADEEASY.COM None
43 tier_3 flyfreecostas.live 1 None None None
44 tier_3 gamebassadorslink.com 1 Google LLC NS-CLOUD-D1.GOOGLEDOMAINS.COM Contact Privacy Inc. Customer 1244656034
45 tier_3 fanatics.com 1 MarkMonitor, Inc. A1-147.AKAM.NET Fanatics Inc.
46 tier_3 volume.com 1 DYNADOT LLC A.NS.VOLUME.COM None
47 tier_3 om.forgeofempires.com 1 INWX GmbH & Co. KG NS.INWX.DE REDACTED FOR PRIVACY
48 tier_3 nizephoros-pom.com 1 Amazon Registrar, Inc. NS-1192.AWSDNS-21.ORG None
49 tier_3 thredup.com 1 GoDaddy.com, LLC MATT.NS.CLOUDFLARE.COM ThredUp Inc.
50 tier_3 mergerinvesting.com 1 None None None
ip hostname city region org postal country_name tier count anycast
0 64.32.8.70 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 18 nan
1 64.32.8.69 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 12 nan
2 185.107.56.57 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 11 nan
3 64.32.8.67 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 11 nan
4 185.107.56.60 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 9 nan
5 185.107.56.59 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 9 nan
6 64.32.8.68 customer.sharktech.net Los Angeles California AS46844 Sharktech 90009 United States tier_1 8 nan
7 185.107.56.58 nan Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 4 nan
8 209.15.13.136 nan Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 42 nan
9 198.134.116.30 nan New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 29 nan
10 34.197.176.2 ec2-34-197-176-2.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 14 nan
11 54.208.107.202 ec2-54-208-107-202.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 13 nan
12 185.233.2.13 nan Saint Petersburg St.-Petersburg AS48096 Enterprise Cloud Ltd. 190000 Russia tier_2 13 nan
13 18.235.67.128 ec2-18-235-67-128.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 12 nan
14 173.239.53.32 nan New York City New York AS27257 Webair Internet Development Company Inc. 10004 United States tier_2 12 nan
15 52.72.29.7 ec2-52-72-29-7.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 nan
16 5.8.47.52 nan Haarlem North Holland AS209813 Fast Content Delivery LTD 2031 Netherlands tier_3 4 True
17 167.233.8.197 static.197.8.233.167.clients.your-server.de N├╝rnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 8 nan
18 52.33.20.119 ec2-52-33-20-119.us-west-2.compute.amazonaws.com Boardman Oregon AS16509 Amazon.com, Inc. 97818 United States tier_2 7 nan
19 192.138.218.207 rd.bizrate.com Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_3 3 nan
20 44.241.50.49 ec2-44-241-50-49.us-west-2.compute.amazonaws.com Boardman Oregon AS16509 Amazon.com, Inc. 97818 United States tier_2 6 nan
21 34.234.217.229 ec2-34-234-217-229.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 6 nan
22 212.32.250.2 nan Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_2 4 nan
23 173.192.101.24 18.65.c0ad.ip4.static.sl-reverse.com Dallas Texas AS36351 SoftLayer Technologies Inc. 75270 United States tier_2 4 nan
24 44.239.66.208 ec2-44-239-66-208.us-west-2.compute.amazonaws.com Boardman Oregon AS16509 Amazon.com, Inc. 97818 United States tier_2 4 nan
25 52.207.48.224 ec2-52-207-48-224.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 4 nan
26 3.222.66.193 ec2-3-222-66-193.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 4 nan
27 45.77.159.202 45.77.159.202.vultr.com New York City New York AS20473 The Constant Company, LLC 10004 United States tier_2 3 nan
28 35.165.21.241 ec2-35-165-21-241.us-west-2.compute.amazonaws.com Boardman Oregon AS16509 Amazon.com, Inc. 97818 United States tier_3 10 nan
29 52.88.215.122 ec2-52-88-215-122.us-west-2.compute.amazonaws.com Boardman Oregon AS16509 Amazon.com, Inc. 97818 United States tier_3 7 nan
30 23.200.0.5 a23-200-0-5.deploy.static.akamaitechnologies.com Edison New Jersey AS20940 Akamai International B.V. 08817 United States tier_3 7 nan
31 23.200.0.41 a23-200-0-41.deploy.static.akamaitechnologies.com Edison New Jersey AS20940 Akamai International B.V. 08817 United States tier_3 5 nan
32 31.184.202.185 nan Haarlem North Holland AS209813 Fast Content Delivery LTD 2031 Netherlands tier_3 5 True
33 5.8.47.52 nan Haarlem North Holland AS209813 Fast Content Delivery LTD 2031 Netherlands tier_3 4 True
34 52.20.53.118 ec2-52-20-53-118.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 4 nan
35 23.200.0.39 a23-200-0-39.deploy.static.akamaitechnologies.com Edison New Jersey AS20940 Akamai International B.V. 08817 United States tier_3 3 nan
36 172.217.10.14 lga34s12-in-f14.1e100.net Westbury New York AS15169 Google LLC 11590 United States tier_3 3 nan
37 204.79.197.200 a-0001.a-msedge.net Redmond Washington AS8068 Microsoft Corporation 98052 United States tier_3 3 True
38 192.138.218.207 rd.bizrate.com Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_3 3 nan
39 172.232.19.200 a172-232-19-200.deploy.static.akamaitechnologies.com Newark New Jersey AS20940 Akamai International B.V. 07175 United States tier_3 3 nan
40 23.44.217.143 a23-44-217-143.deploy.static.akamaitechnologies.com Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 2 nan
41 23.200.0.13 a23-200-0-13.deploy.static.akamaitechnologies.com Edison New Jersey AS20940 Akamai International B.V. 08817 United States tier_3 2 nan
42 52.216.184.221 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 2 nan
43 52.217.16.222 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 2 nan
44 172.217.10.243 lga25s59-in-f19.1e100.net Clifton New Jersey AS15169 Google LLC 07015 United States tier_3 1 nan
45 172.217.165.147 lga25s70-in-f19.1e100.net New York City New York AS15169 Google LLC 10004 United States tier_3 1 nan
46 100.37.135.2 pool-100-37-135-2.nycmny.fios.verizon.net New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 1 nan
47 52.217.48.238 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
48 52.216.92.133 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
49 52.217.14.134 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
50 88.80.185.92 li678-92.members.linode.com London England AS63949 Linode, LLC EC1A United Kingdom tier_3 1 nan
51 5.189.217.135 nan Haarlem North Holland AS209813 Fast Content Delivery LTD 2031 Netherlands tier_3 1 nan
52 52.217.197.40 s3-1.amazonaws.com Ashburn Virginia AS16509 Amazon.com, Inc. 20149 United States tier_3 1 nan
53 35.227.255.150 150.255.227.35.bc.googleusercontent.com Kansas City Missouri AS15169 Google LLC 64121 United States tier_3 1 True
54 184.87.65.240 a184-87-65-240.deploy.static.akamaitechnologies.com Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 1 nan
55 104.22.70.250 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 True
56 212.48.98.37 nan Hamburg Hamburg AS8893 Artfiles New Media GmbH 20038 Germany tier_3 1 nan
57 52.72.29.7 ec2-52-72-29-7.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website