Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 34 34 56 0 1 2021-04-16 185.53.177.73 Safari
tier domain count registrar name_servers org
0 tier_1 aevangelism.org 1 GoDaddy.com, LLC NS1.PARKINGCREW.NET None
1 tier_1 elitetrader.org 1 1API GmbH NS1.PARKINGCREW.NET ['adaspect media UG haftungsbeschraenkt', 'REDACTED FOR PRIVACY']
2 tier_1 420rx.org 1 GoDaddy.com, LLC NS1.PARKINGCREW.NET CTI Holdings Inc.
3 tier_1 canadatrips.org 1 Epik Inc. NS1.PARKINGCREW.NET Hunley Media Group LLC
4 tier_1 cellphones.org 1 Moniker Online Services LLC NS1.FASTPARK.NET Moniker Privacy Services
5 tier_1 beingme.org 1 Domain.com, LLC NS1.PARKINGCREW.NET ['Glocal Commerce Limited', 'REDACTED FOR PRIVACY']
6 tier_1 booking-flights.org 1 INWX GmbH & Co. KG NS1.PARKINGCREW.NET -
7 tier_1 bihar.org 1 Dynadot, LLC NS1.PARKINGCREW.NET None
8 tier_2 katie.v4.omgtnc.com 8 PSI-USA, Inc. dba Domain Robot NS-1133.AWSDNS-13.ORG None
9 tier_2 rd.bizrate.com 4 MarkMonitor, Inc. NS-1189.AWSDNS-20.ORG Meredith Corporation
10 tier_2 rd.connexity.net 4 None None None
11 tier_2 aristo-hag.com 3 Amazon Registrar, Inc. NS-1226.AWSDNS-25.ORG Whois Privacy Service
12 tier_2 api.apptap.com 2 Amazon Registrar, Inc. NS-1256.AWSDNS-29.ORG Whois Privacy Service
13 tier_2 r.lnk8j7.com 2 1&1 IONOS SE NS-1314.AWSDNS-36.ORG 1&1 Internet Limited
14 tier_2 v6ur9n22r9.execute-api.us-east-1.amazonaws.com 2 None None None
15 tier_2 link.sylikes.com 2 None None None
16 tier_2 noclick.connexity.com 2 None None None
17 tier_2 trak.today-trip.com 1 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM Privacy service provided by Withheld for Privacy ehf
18 tier_2 wirtgage-proxing.icu 1 Key-Systems GmbH NS-1046.AWSDNS-02.ORG c/o whoisproxy.com
19 tier_2 secureconv-ec.com 1 Key-Systems GmbH NS-1437.AWSDNS-51.ORG c/o whoisproxy.com
20 tier_2 patpat.sjv.io 1 GANDI SAS NS-545.AWSDNS-04.NET None
21 tier_2 patpat.com 1 ENOM, INC. GINA.NS.CLOUDFLARE.COM Whois Privacy Protection Service, Inc.
22 tier_2 tr.trackingsys.tech 1 DonDominio (SCIP) NS1.DONDOMINIO.COM Soluciones Corporativas IP, c/o Whois Proxy
23 tier_2 zen.affiliateland.io 1 NAMECHEAP INC ALINA.NS.CLOUDFLARE.COM None
24 tier_2 bridge.lga1.ap01.net 1 MarkMonitor, Inc. A1-230.AKAM.NET DNStination Inc.
25 tier_2 298126900.lga1.ampverified.com 1 None None None
26 tier_2 clixtrac.com 1 NAMECHEAP INC NS1.CLIXTRAC.COM WhoisGuard, Inc.
27 tier_2 secure.adnxs.com 1 MarkMonitor Inc. NS1.GSLB.COM None
28 tier_3 blair.com 2 CSC CORPORATE DOMAINS, INC. NS-1237.AWSDNS-26.ORG Bluestem Brands, Inc.
29 tier_3 wayfair.com 2 MarkMonitor, Inc. A1-100.AKAM.NET Wayfair, LLC
30 tier_3 us.patpat.com 1 ENOM, INC. GINA.NS.CLOUDFLARE.COM Whois Privacy Protection Service, Inc.
31 tier_3 loadfree-bestheavilyfile.best 1 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM Privacy service provided by Withheld for Privacy ehf
32 tier_3 ram21.proasdf.com 1 GoDaddy.com, LLC NS61.DOMAINCONTROL.COM Domains By Proxy, LLC
33 tier_3 visitmusiccity.com 1 GoDaddy.com, LLC NS-1504.AWSDNS-60.ORG Nashville Convention & Visitors Corp.
ip city region org postal country_name tier count hostname anycast
0 104.247.81.73 Wyandotte Michigan AS206834 Team Internet AG 48192 United States tier_1 8 nan nan
1 192.138.218.207 Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_2 6 rd.bizrate.com nan
2 3.220.46.255 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 5 ec2-3-220-46-255.compute-1.amazonaws.com nan
3 192.138.218.139 Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_2 4 rd.connexity.net nan
4 34.231.10.22 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 3 ec2-34-231-10-22.compute-1.amazonaws.com nan
5 52.45.77.217 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 2 ec2-52-45-77-217.compute-1.amazonaws.com nan
6 13.226.38.110 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 2 server-13-226-38-110.ewr53.r.cloudfront.net nan
7 18.235.67.128 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 2 ec2-18-235-67-128.compute-1.amazonaws.com nan
8 192.138.218.215 Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_2 2 noclick.connexity.com nan
9 104.218.72.13 New York City New York AS63190 adMarketplace, Inc. 10016 United States tier_2 2 nan nan
10 54.197.172.17 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 1 ec2-54-197-172-17.compute-1.amazonaws.com nan
11 35.172.107.150 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 1 ec2-35-172-107-150.compute-1.amazonaws.com nan
12 52.72.29.7 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 1 ec2-52-72-29-7.compute-1.amazonaws.com nan
13 54.162.253.78 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 1 ec2-54-162-253-78.compute-1.amazonaws.com nan
14 35.227.211.136 Kansas City Missouri AS15169 Google LLC 64121 United States tier_2 1 136.211.227.35.bc.googleusercontent.com True
15 104.18.107.83 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 nan True
16 107.20.106.95 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 1 ec2-107-20-106-95.compute-1.amazonaws.com nan
17 52.22.6.66 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 1 ec2-52-22-6-66.compute-1.amazonaws.com nan
18 208.100.38.218 Chicago Illinois AS32748 Steadfast 60607 United States tier_2 1 clixtrac.com nan
19 68.67.161.206 New York City New York AS29990 AppNexus, Inc 10004 United States tier_2 1 798.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net nan
20 54.84.4.127 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 1 ec2-54-84-4-127.compute-1.amazonaws.com nan
21 23.73.247.49 Edison New Jersey AS16625 Akamai Technologies, Inc. 08817 United States tier_3 2 a23-73-247-49.deploy.static.akamaitechnologies.com nan
22 23.39.32.237 Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 2 a23-39-32-237.deploy.static.akamaitechnologies.com nan
23 104.18.107.83 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 nan True
24 52.20.53.118 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 ec2-52-20-53-118.compute-1.amazonaws.com nan
25 162.243.10.151 New York City New York AS14061 DigitalOcean, LLC 10011 United States tier_3 1 nan nan
26 54.164.213.169 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 1 ec2-54-164-213-169.compute-1.amazonaws.com nan

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website