Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
03363401184102020-09-15103.224.182.207Chrome
tierdomaincountregistrarname_serversorg
0tier_1puracandelatv.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
1tier_1codanova.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
2tier_1dudroid.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
3tier_1secondnaturecd.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
4tier_1vvvgrace.net1GoDaddy.com, LLCNS1.ABOVE.COMNone
5tier_103calls.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
6tier_1ddiziizle.net1GoDaddy.com, LLCNS1.ABOVE.COMNone
7tier_1articlemarketingautomation.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
8tier_1benstreaming.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
9tier_1fantasitrade.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
10tier_2bidr.trellian.com166ABOVE.COM PTY LTD.NS1.TRELLIAN.COMREDACTED FOR PRIVACY
11tier_2srchassist.com134GoDaddy.com, LLCNS01.DOMAINCONTROL.COMDomains By Proxy, LLC
12tier_2park.above.com78ABOVE.COM PTY LTD.NS1.TRELLIAN.COMREDACTED FOR PRIVACY
13tier_2clk.rtpdn11.com31NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMWhoisGuard, Inc.
14tier_2infopicked.com28NAMECHEAP INCNS0.DNSMADEEASY.COMWhoisGuard, Inc.
15tier_2rqhere.com26NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMWhoisGuard, Inc.
16tier_2seemlast.monster16NoneNoneNone
17tier_223.trackints.com16NAMECHEAP INCNS0.DNSMADEEASY.COMWhoisGuard, Inc.
18tier_2revjet.lendingtree.com16MarkMonitor, Inc.NS-1223.AWSDNS-24.ORGLENDINGTREE, LLC
19tier_2splitter.lendingtree.com16NoneNoneNone
20tier_3researchsavior.com134GoDaddy.com, LLCNS63.DOMAINCONTROL.COMNone
21tier_3prioresteem.xyz26GoDaddy.com, LLCMOLLY.NS.CLOUDFLARE.COMNone
22tier_3macpaw.com16GANDI SASNS-1492.AWSDNS-58.ORGMacPaw Family Ltd.
23tier_3lendingtree.com_LOOP_116NoneNoneNone
24tier_3gua20.proasdf.com12GoDaddy.com, LLCNS61.DOMAINCONTROL.COMDomains By Proxy, LLC
25tier_3match.com9MarkMonitor, Inc.DNS1.P01.NSONE.NETMatch.com, L.L.C.
26tier_3theconnectvpn.com6DonDominio (SCIP)ARNOLD.NS.CLOUDFLARE.COMSoluciones Corporativas IP, c/o Whois Proxy
27tier_3amazon.com4NoneNoneNone
28tier_3autoblog.com3NoneNoneNone
29tier_3mytears.restasis.com3NoneNoneNone
iphostnamecityregionorgpostalcountry_nametiercount
0103.224.182.207lb-182-207.above.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_1249
1103.224.182.206bidr.trellian.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_2166
2165.22.38.5nanCliftonNew JerseyAS14061 DigitalOcean, LLC07014United Statestier_2134
3103.224.212.241lb-212-241.above.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_278
4173.192.101.2418.65.c0ad.ip4.static.sl-reverse.comDallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_247
5173.239.53.32nanNew York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_231
6167.99.3.175nanNorth BergenNew JerseyAS14061 DigitalOcean, LLC07047United Statestier_226
7100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_318
8104.19.147.29nanAtlantic CityNew JerseyAS13335 Cloudflare, Inc.08404United Statestier_222
9108.168.193.185b9.c1.a86c.ip4.static.sl-reverse.comDallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_216
10209.132.243.15nanLos AngelesCaliforniaAS7296 Alchemy Communications, Inc.90009United Statestier_211
11167.172.238.242nanCliftonNew JerseyAS14061 DigitalOcean, LLC07014United Statestier_3134
12100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_318
1335.224.231.200200.231.224.35.bc.googleusercontent.comCouncil BluffsIowaAS15169 Google LLC51502United Statestier_316
14162.243.10.151nanNew York CityNew YorkAS14061 DigitalOcean, LLC10011United Statestier_312
15172.67.168.59nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_311
16208.83.242.49nanDallasTexasAS19071 Match Group, LLC75225United Statestier_39
17104.31.64.209nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_38
18104.31.65.209nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_37
1935.227.233.104104.233.227.35.bc.googleusercontent.comKansas CityMissouriAS15169 Google LLC64121United Statestier_33
2013.225.224.25server-13-225-224-25.jfk51.r.cloudfront.netAtlantic CityNew JerseyAS16509 Amazon.com, Inc.08404United Statestier_33

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website