Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
03303531253202020-10-25103.224.182.207Android
tierdomaincountregistrarname_serversorg
0tier_1secondnaturecd.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
1tier_103calls.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
2tier_1benstreaming.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
3tier_1a-doctor-in-the-house.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
4tier_1ptidico.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
5tier_1yemekdol.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
6tier_1123gmail.com1TLD Registrar Solutions Ltd.NS1.ABOVE.COMWhois Privacy Corp.
7tier_1facebook-sex.com1Internet Domain Service BS Corp.NS1.ABOVE.COMWhois Privacy Corp.
8tier_1naruto-mx.net1GoDaddy.com, LLCNS1.ABOVE.COMNone
9tier_11-18-08.com1GoDaddy.com, LLCNS1.ABOVE.COMNone
10tier_2bidr.trellian.com131ABOVE.COM PTY LTD.NS1.TRELLIAN.COMREDACTED FOR PRIVACY
11tier_2us.redirectbuzz.club110Gandi SASns-2.awsdns-00.comPPCBUZZ
12tier_2recode.pw40Gandi SASNS-1611.AWSDNS-09.CO.UKNone
13tier_2portablemusic.mobi40GoDaddy.com, LLCNoneNone
14tier_2admoustache.go2affise.com37GoDaddy.com, LLCNS-1529.AWSDNS-63.ORGDomains By Proxy, LLC
15tier_20redira.com35ABOVE.COM PTY LTD.NS1.ABOVE.COMREDACTED FOR PRIVACY
16tier_2paid.outbrain.com27Network Solutions, LLCDNS1.P07.NSONE.NETNone
17tier_2rdr.ad-score.com26GoDaddy.com, LLCNS53.DOMAINCONTROL.COMProtected Media
18tier_2tendertouching.com25GANDI SASNS-1127.AWSDNS-12.ORGPPCBUZZ
19tier_2technoblogs.net23GANDI SASNS-1196.AWSDNS-21.ORGPPCBUZZ
20tier_3promotionsonlineus.com19GoDaddy.com, LLCALEXIS.NS.CLOUDFLARE.COMNone
21tier_3brainberries.co16GoDaddy.com, LLCchuck.ns.cloudflare.comBedigital Corporation
22tier_3healthgrades.com15Amazon Registrar, Inc.NS-1102.AWSDNS-09.ORGWhois Privacy Service
23tier_3clk.news-headlines.co13NAMECHEAP INCns-1428.awsdns-50.orgWhoisGuard, Inc.
24tier_3playgames-win.com9Arsys Internet, S.L. dba NICLINE.COMNS23.PIENSASOLUTIONS.COMluis martinez agullo
25tier_3play.leadzuaf.com9ENOM, INC.NS10.DNSMADEEASY.COMREDACTED FOR PRIVACY
26tier_3encryptalert.com8NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMWhoisGuard, Inc.
27tier_3trustedpush.com7NoneNoneNone
28tier_3win1.trustedpush.com5NAMECHEAP INCNS-1142.AWSDNS-14.ORGWhoisGuard, Inc.
29tier_3aarp.org4MarkMonitor, Inc.PDNS83.ULTRADNS.ORGAARP
iphostnamecityregionorgpostalcountry_nametiercount
0103.224.182.207lb-182-207.above.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_1175
1103.224.182.206bidr.trellian.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_2131
2103.224.212.241lb-212-241.above.comCaulfield SouthVictoriaAS133618 Trellian Pty. Limited3193Australiatier_235
334.199.180.187ec2-34-199-180-187.compute-1.amazonaws.comVirginia BeachVirginiaAS14618 Amazon.com, Inc.23471United Statestier_234
4130.211.115.44.115.211.130.bc.googleusercontent.comCouncil BluffsIowaAS15169 Google LLC51502United Statestier_226
5151.101.2.132nanSan FranciscoCaliforniaAS54113 Fastly94107United Statestier_225
666.232.112.7666-232-112-76.static.hvvc.usTampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_224
7209.132.243.15nanLos AngelesCaliforniaAS7296 Alchemy Communications, Inc.90009United Statestier_224
8213.227.134.196nanAmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_221
9157.230.125.44offerz4.meFrankfurt am MainHesseAS14061 DigitalOcean, LLC60311Germanytier_221
1034.199.107.160ec2-34-199-107-160.compute-1.amazonaws.comVirginia BeachVirginiaAS14618 Amazon.com, Inc.23471United Statestier_220
11100.37.135.2pool-100-37-135-2.nycmny.fios.verizon.netNew York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_314
12172.64.204.25nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_312
1366.228.63.84nb-66-228-63-84.atlanta.nodebalancer.linode.comAtlantaGeorgiaAS63949 Linode, LLC30302United Statestier_39
14104.26.4.153nanWashingtonWashington, D.C.AS13335 Cloudflare, Inc.20045United Statestier_38
15144.202.107.3144.202.107.3.vultr.comLive OakCaliforniaAS20473 Choopa, LLC95953United Statestier_38
16172.64.205.25nanNew York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_37
17104.26.5.153nanSan FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_37
1854.172.16.98ec2-54-172-16-98.compute-1.amazonaws.comVirginia BeachVirginiaAS14618 Amazon.com, Inc.23471United Statestier_37
1913.226.36.24server-13-226-36-24.ewr53.r.cloudfront.netNewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_36
2013.225.65.6server-13-225-65-6.ewr53.r.cloudfront.netNewarkNew JerseyAS16509 Amazon.com, Inc.07175United Statestier_35

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website