Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 32 33 55 0 0 2021-04-19 185.53.177.73 Safari
tier domain count registrar name_servers org
0 tier_1 1link.in 1 TLD Registrar Solutions Ltd. ns1.parkingcrew.net None
1 tier_1 achannelnews.ca 1 dot-ca-registry.ca (Burmac Business Systems Ltd) None None
2 tier_1 forexplace.net 1 Sea Wasp, LLC NS1.BIDOPARKING.COM Savvy Investments, LLC Privacy ID# 858086
3 tier_1 abram.ca 1 dot-ca-registry.ca (Burmac Business Systems Ltd) None None
4 tier_1 vasileios.gr 1 None None None
5 tier_1 ad-aware.ca 1 dot-ca-registry.ca (Burmac Business Systems Ltd) None None
6 tier_1 a-l.ca 1 dot-ca-registry.ca (Burmac Business Systems Ltd) None None
7 tier_1 a1signs.ca 1 None None None
8 tier_1 1844.ca 1 None None None
9 tier_1 3500.ca 1 dot-ca-registry.ca (Burmac Business Systems Ltd) None None
10 tier_2 katie.v4.omgtnc.com 9 PSI-USA, Inc. dba Domain Robot NS-1133.AWSDNS-13.ORG None
11 tier_2 recode.pw 4 GANDI SAS NS-1611.AWSDNS-09.CO.UK PPCBUZZ
12 tier_2 us.redirectbuzz.club 4 Gandi SAS ns-2.awsdns-00.com PPCBUZZ
13 tier_2 paid.outbrain.com 4 Network Solutions, LLC DNS1.P07.NSONE.NET None
14 tier_2 api.apptap.com 2 Amazon Registrar, Inc. NS-1256.AWSDNS-29.ORG Whois Privacy Service
15 tier_2 gamers-net.com 2 GANDI SAS NS-1298.AWSDNS-34.ORG PPCBUZZ
16 tier_2 carsnspeed.net 1 GANDI SAS NS-1120.AWSDNS-12.ORG PPCBUZZ
17 tier_2 click.clkepd.com 1 None None None
18 tier_2 redirect.viglink.com 1 Amazon Registrar, Inc. NS1.VIGLINK.COM Whois Privacy Service
19 tier_2 link.sylikes.com 1 None None None
20 tier_2 rd.bizrate.com 1 None None None
21 tier_2 rd.connexity.net 1 None None None
22 tier_2 api.kelkoogroup.net 1 None None None
23 tier_2 us-go.kelkoogroup.net 1 None None None
24 tier_2 click.linksynergy.com 1 CSC CORPORATE DOMAINS, INC. DNS1.P09.NSONE.NET Rakuten Marketing
25 tier_2 newsinformer.net 1 GANDI SAS NS-1092.AWSDNS-08.ORG PPCBUZZ
26 tier_3 healthgrades.com 4 Amazon Registrar, Inc. NS-1102.AWSDNS-09.ORG Whois Privacy Service
27 tier_3 ram21.proasdf.com 2 GoDaddy.com, LLC NS61.DOMAINCONTROL.COM Domains By Proxy, LLC
28 tier_3 searchingmagnified.com 1 PDR Ltd. d/b/a PublicDomainRegistry.com NS1004.ZTOMY.COM Privacy Protect, LLC (PrivacyProtect.org)
29 tier_3 bostonproper.com 1 Amazon Registrar, Inc. NS-117.AWSDNS-14.COM Whois Privacy Service
30 tier_3 hypable.com 1 GoDaddy.com, LLC LILY.NS.CLOUDFLARE.COM Domains By Proxy, LLC
31 tier_3 splendid.com 1 GoDaddy.com, LLC NS19.DOMAINCONTROL.COM Domains By Proxy, LLC
ip city region org postal country_name tier count hostname anycast
0 104.247.81.73 Wyandotte Michigan AS206834 Team Internet AG 48192 United States tier_1 9 nan nan
1 141.8.224.130 Dallas Texas AS40034 Confluence Networks Inc 75270 United States tier_1 1 nan nan
2 3.220.46.255 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 8 ec2-3-220-46-255.compute-1.amazonaws.com nan
3 66.232.112.79 Tampa Florida AS29802 HIVELOCITY, Inc. 33606 United States tier_2 4 66-232-112-79.static.hvvc.us nan
4 151.101.202.132 Washington Washington, D.C. AS54113 Fastly 20045 United States tier_2 3 nan nan
5 66.232.112.74 Tampa Florida AS29802 HIVELOCITY, Inc. 33606 United States tier_2 2 66-232-112-74.static.hvvc.us nan
6 54.197.172.17 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 2 ec2-54-197-172-17.compute-1.amazonaws.com nan
7 192.138.218.207 Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_2 2 rd.bizrate.com nan
8 66.232.112.85 Tampa Florida AS29802 HIVELOCITY, Inc. 33606 United States tier_2 2 66-232-112-85.static.hvvc.us nan
9 66.232.112.82 Tampa Florida AS29802 HIVELOCITY, Inc. 33606 United States tier_2 2 66-232-112-82.static.hvvc.us nan
10 66.232.112.90 Tampa Florida AS29802 HIVELOCITY, Inc. 33606 United States tier_2 1 66-232-112-90.static.hvvc.us nan
11 198.134.116.30 New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 1 nan nan
12 34.195.100.186 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 1 ec2-34-195-100-186.compute-1.amazonaws.com nan
13 192.138.218.139 Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_2 1 rd.connexity.net nan
14 52.45.77.217 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 1 ec2-52-45-77-217.compute-1.amazonaws.com nan
15 99.84.114.64 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 1 server-99-84-114-64.ewr52.r.cloudfront.net nan
16 95.211.116.27 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_2 1 dc1-ecs-pub-go-vip.kelkoo.com nan
17 35.212.119.88 Washington Washington, D.C. AS15169 Google LLC 20045 United States tier_2 1 88.119.212.35.bc.googleusercontent.com nan
18 66.232.112.86 Tampa Florida AS29802 HIVELOCITY, Inc. 33606 United States tier_2 1 66-232-112-86.static.hvvc.us nan
19 151.101.250.132 Ashburn Virginia AS54113 Fastly 20149 United States tier_2 1 nan nan
20 143.204.148.2 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 4 server-143-204-148-2.ewr52.r.cloudfront.net nan
21 162.243.10.151 New York City New York AS14061 DigitalOcean, LLC 10011 United States tier_3 2 nan nan
22 208.91.196.4 Dallas Texas AS40034 Confluence Networks Inc 75270 United States tier_3 1 nan nan
23 13.33.46.107 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 1 server-13-33-46-107.ewr52.r.cloudfront.net nan
24 172.67.74.218 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1 nan True
25 151.101.1.124 San Francisco California AS54113 Fastly 94107 United States tier_3 1 nan True

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website