Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 76 73 105 0 0 2020-11-28 103.224.182.207 Safari
tier domain count registrar name_servers org
0 tier_1 animewapers.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
1 tier_1 blacherreport.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
2 tier_1 asdfsadf.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
3 tier_1 arphanetbr.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
4 tier_1 boardsgalore.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
5 tier_1 appsclaro.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
6 tier_1 babyshower-decorations.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
7 tier_1 apmazon.com 1 TLD Registrar Solutions Ltd. NS1.ABOVE.COM Whois Privacy Corp.
8 tier_1 animekiller.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
9 tier_1 92dresses.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
10 tier_2 xml.sedodna.com 8 PSI-USA, Inc. dba Domain Robot NS-1222.AWSDNS-24.ORG None
11 tier_2 bidr.trellian.com 6 ABOVE.COM PTY LTD. NS1.TRELLIAN.COM REDACTED FOR PRIVACY
12 tier_2 build.mediapicker.com 3 GoDaddy.com, LLC RAQUEL.NS.CLOUDFLARE.COM Domains By Proxy, LLC
13 tier_2 seemlast.monster 3 None None None
14 tier_2 ww2.siteplug.com 3 None None None
15 tier_2 sopho-kat.com 2 Amazon Registrar, Inc. NS-1009.AWSDNS-62.NET Whois Privacy Service
16 tier_2 amzn.to 2 None None None
17 tier_2 rd.bizrate.com 2 MarkMonitor, Inc. NS-1189.AWSDNS-20.ORG Meredith Corporation
18 tier_2 rd.connexity.net 2 None None None
19 tier_2 bodybuilding.sjv.io 2 GANDI SAS NS-545.AWSDNS-04.NET None
20 tier_3 macpaw.com 3 GANDI SAS NS-1492.AWSDNS-58.ORG MacPaw Family Ltd.
21 tier_3 irl.com 2 GoDaddy.com, LLC NS-106.AWSDNS-13.COM Domains By Proxy, LLC
22 tier_3 amazon.com 2 MarkMonitor, Inc. NS1.P31.DYNECT.NET Amazon Technologies, Inc.
23 tier_3 bodybuilding.com 2 None None None
24 tier_3 boot-upcompletely-therefinedfile.best 1 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
25 tier_3 boot-upintensely-thesophisticatedfile.best 1 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
26 tier_3 samsclub.com_LOOP_1 1 None None None
27 tier_3 macys.com 1 Network Solutions, LLC A1-135.AKAM.NET None
28 tier_3 boot-upprecise-theintenselyfile.best 1 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
29 tier_3 theconnectvpn.com 1 DonDominio (SCIP) ARNOLD.NS.CLOUDFLARE.COM Soluciones Corporativas IP, c/o Whois Proxy
ip hostname city region org postal country_name tier count
0 103.224.182.207 lb-182-207.above.com Caulfield South Victoria AS133618 Trellian Pty. Limited 3193 Australia tier_1 19
1 91.195.240.136 nan Munich Bavaria AS47846 SEDO GmbH 80331 Germany tier_2 9
2 173.239.53.32 nan New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 8
3 103.224.182.206 bidr.trellian.com Caulfield South Victoria AS133618 Trellian Pty. Limited 3193 Australia tier_2 6
4 18.210.49.168 ec2-18-210-49-168.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 3
5 192.138.218.207 rd.bizrate.com Seattle Washington AS14332 Connexity, Inc. 98111 United States tier_2 3
6 199.59.242.153 nan Tampa Florida AS395082 Bodis, LLC 33609 United States tier_2 3
7 216.139.248.127 216-139-248-127.aus.us.siteprotect.com Austin Texas AS32400 Hostway Services, Inc. 73301 United States tier_2 3
8 67.199.248.13 cname.bitly.com New York City New York AS396982 Google LLC 10010 United States tier_2 2
9 95.211.26.199 nan Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_2 2
10 54.225.132.253 ec2-54-225-132-253.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 2
11 75.101.207.6 ec2-75-101-207-6.compute-1.amazonaws.com Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_3 3
12 35.224.231.200 200.231.224.35.bc.googleusercontent.com Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_3 3
13 100.37.135.2 pool-100-37-135-2.nycmny.fios.verizon.net New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 2
14 23.44.211.112 a23-44-211-112.deploy.static.akamaitechnologies.com Edison New Jersey AS20940 Akamai International B.V. 08817 United States tier_3 2
15 192.81.212.192 nan North Bergen New Jersey AS14061 DigitalOcean, LLC 07047 United States tier_3 1
16 13.225.224.25 server-13-225-224-25.jfk51.r.cloudfront.net New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 1
17 104.248.50.87 nan North Bergen New Jersey AS14061 DigitalOcean, LLC 07047 United States tier_3 1
18 23.33.97.165 a23-33-97-165.deploy.static.akamaitechnologies.com New York City New York AS16625 Akamai Technologies, Inc. 10004 United States tier_3 1
19 104.77.220.218 a104-77-220-218.deploy.static.akamaitechnologies.com New York City New York AS16625 Akamai Technologies, Inc. 10004 United States tier_3 1
20 104.27.186.165 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 1

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website