Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 113 113 217 2 0 2020-12-14 103.224.182.207 Chrome
tier domain count registrar name_servers org
0 tier_1 bellsoutj.net 1 GoDaddy.com, LLC NS1.ABOVE.COM None
1 tier_1 benstreaming.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
2 tier_1 allvids.net 1 GoDaddy.com, LLC NS1.ABOVE.COM None
3 tier_1 bestlibraryspot.net 1 GoDaddy.com, LLC NS1.ABOVE.COM None
4 tier_1 examfeedback.net 1 GoDaddy.com, LLC NS1.ABOVE.COM None
5 tier_1 best-free-book.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
6 tier_1 appsgun.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
7 tier_1 appsforipads.net 1 GoDaddy.com, LLC NS1.ABOVE.COM None
8 tier_1 fashionmazia.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
9 tier_1 bitcofree.com 1 GoDaddy.com, LLC NS1.ABOVE.COM None
10 tier_2 bidr.trellian.com 22 ABOVE.COM PTY LTD. NS1.TRELLIAN.COM REDACTED FOR PRIVACY
11 tier_2 xml.sedodna.com 11 PSI-USA, Inc. dba Domain Robot NS-1222.AWSDNS-24.ORG None
12 tier_2 srchassist.com 10 GoDaddy.com, LLC NS01.DOMAINCONTROL.COM Domains By Proxy, LLC
13 tier_2 track.traffic.name 9 None None None
14 tier_2 api.quotes.com 7 Internet Domain Service BS Corp. NS-CANADA.TOPDNS.COM Whois Privacy Corp.
15 tier_2 0redirb.com 7 ABOVE.COM PTY LTD. NS1.ABOVE.COM REDACTED FOR PRIVACY
16 tier_2 dprtb.com 6 GoDaddy.com, LLC NS1.DNSIMPLE.COM Domains By Proxy, LLC
17 tier_2 1496.wcitianka.com 6 GoDaddy Online Services Cayman Islands LTD NS-1096.AWSDNS-09.ORG None
18 tier_2 americanlisted.com 5 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
19 tier_2 click.expmediadirect.com 4 NAMECHEAP INC NS1.LINODE.COM WhoisGuard, Inc.
20 tier_3 stewsearch.com 10 GoDaddy.com, LLC NS65.DOMAINCONTROL.COM Adsurplus SA
21 tier_3 suggestive.com 9 GoDaddy.com, LLC JEAN.NS.CLOUDFLARE.COM Domains By Proxy, LLC
22 tier_3 turbo-pdf.com 2 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
23 tier_3 us.tideri.com 2 united domains AG NS.UDAG.DE None
24 tier_3 sweetwater.com_LOOP_1 1 None None None
25 tier_3 americanlisted.com 1 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
26 tier_3 us.sercanto.com 1 OVH, SAS DNS20.OVH.NET Wickedin s.r.l.
27 tier_3 samsung.com 1 None None None
28 tier_3 searchfrequently.com 1 GoDaddy.com, LLC NEIL.NS.CLOUDFLARE.COM Domains By Proxy, LLC
29 tier_3 boot-upintensely-thesophisticatedfile.best 1 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
ip hostname city region org postal country_name tier count anycast
0 103.224.182.207 lb-182-207.above.com Caulfield South Victoria AS133618 Trellian Pty. Limited 3193 Australia tier_1 40 nan
1 103.224.182.206 bidr.trellian.com Caulfield South Victoria AS133618 Trellian Pty. Limited 3193 Australia tier_2 22 nan
2 173.239.53.32 nan New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 12 nan
3 91.195.240.136 nan Munich Bavaria AS47846 SEDO GmbH 80331 Germany tier_2 11 nan
4 165.22.38.5 nan Clifton New Jersey AS14061 DigitalOcean, LLC 07014 United States tier_2 10 nan
5 34.207.32.33 ec2-34-207-32-33.compute-1.amazonaws.com Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 10 nan
6 5.79.68.236 nan Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_2 7 nan
7 198.54.112.216 nan San Jose California AS22612 Namecheap, Inc. 95103 United States tier_2 7 nan
8 103.224.212.247 lb-212-247.above.com Caulfield South Victoria AS133618 Trellian Pty. Limited 3193 Australia tier_2 7 nan
9 209.15.13.136 nan Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 6 nan
10 35.209.61.240 240.61.209.35.bc.googleusercontent.com Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_3 1 nan
11 104.131.162.119 nan Clifton New Jersey AS14061 DigitalOcean, LLC 07014 United States tier_3 10 nan
12 104.18.52.225 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 5 True
13 172.67.166.78 nan San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 4 True
14 75.101.207.6 ec2-75-101-207-6.compute-1.amazonaws.com Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_3 3 nan
15 178.128.246.195 nan Amsterdam North Holland AS14061 DigitalOcean, LLC 1012 Netherlands tier_3 2 nan
16 35.246.171.123 123.171.246.35.bc.googleusercontent.com Frankfurt am Main Hesse AS15169 Google LLC 60311 Germany tier_3 2 nan
17 100.37.135.2 pool-100-37-135-2.nycmny.fios.verizon.net New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 1 nan
18 35.209.61.240 240.61.209.35.bc.googleusercontent.com Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_3 1 nan
19 34.90.160.43 43.160.90.34.bc.googleusercontent.com Groningen Groningen AS15169 Google LLC 9711 Netherlands tier_3 1 nan
20 23.33.132.38 a23-33-132-38.deploy.static.akamaitechnologies.com New York City New York AS16625 Akamai Technologies, Inc. 10004 United States tier_3 1 nan

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website