Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
0123121362002020-09-30207.244.67.215Iphone
tierdomaincountregistrarname_serversorg
0tier_1heroes-strategie.com1One Putt, LLCNS1.DNSNUTS.COMNone
1tier_1we-are-gamers.com1The Domains LLCNS1.DNSNUTS.COMNone
2tier_1albumkings.net1Snoqulamiedomains.com LLCNS1.DNSNUTS.COMNone
3tier_1zoegerlach.com1CloudNineDomain, LLCNS1.DNSNUTS.COMNone
4tier_1nexstage-solution.com1The Domains LLCNS1.DNSNUTS.COMNone
5tier_1kurtkulturu.com1Slow Putt Domains LLCNS1.DNSNUTS.COMNone
6tier_1digitalapeel.com1Namesource LLCNS1.DNSNUTS.COMNone
7tier_1qqyoutube.com1Domainer Names LLCNS1.DNSNUTS.COMNone
8tier_1apkzan.com1SNAPNAMES 55, LLCNS1.DNSNUTS.COMNone
9tier_1imnmarketer.com1SNAPNAMES 56, LLCNS1.DNSNUTS.COMNone
10tier_2click.expmediadirect.com21NAMECHEAP INCNS1.LINODE.COMWhoisGuard, Inc.
11tier_2changeslots.com18Instra Corporation Pty Ltd.CLEO.NS.CLOUDFLARE.COMREDACTED FOR PRIVACY
12tier_2infopicked.com16NAMECHEAP INCNS0.DNSMADEEASY.COMWhoisGuard, Inc.
13tier_2btpnative.com15GoDaddy.com, LLCNS1.DNSIMPLE.COMDomains By Proxy, LLC
14tier_2p274639.infopicked.com15NAMECHEAP INCNS0.DNSMADEEASY.COMWhoisGuard, Inc.
15tier_2dprtb.com11GoDaddy.com, LLCNS1.DNSIMPLE.COMDomains By Proxy, LLC
16tier_2rockymountaintrack.com10Registrar of domain names REG.RU LLCNS1.REG.RUPrivate Person
17tier_2rd.bizrate.com10MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
18tier_2myfirsttab.com10GoDaddy.com, LLCNS1.LINODE.COMDomains By Proxy, LLC
19tier_2r.ealeo.com9DYNADOT LLCNS-1186.AWSDNS-20.ORGNone
20tier_3theconnectvpn.com18DonDominio (SCIP)ARNOLD.NS.CLOUDFLARE.COMSoluciones Corporativas IP, c/o Whois Proxy
21tier_3vpnhub.com10Eurodns S.A.DNS1.P03.NSONE.NETWhois Privacy (enumDNS dba)
22tier_3everydayconsumers.com9GoDaddy.com, LLCJANET.NS.CLOUDFLARE.COMDomains By Proxy, LLC
23tier_3wayfair.com7MarkMonitor, Inc.A1-100.AKAM.NETWayfair, LLC
24tier_3ad.monetizer.co4NAMECHEAP INCdns2.registrar-servers.comWhoisGuard, Inc.
25tier_3music.apple.com3CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
26tier_3minecraft.net3TUCOWS, INC.NS-1395.AWSDNS-46.ORGContact Privacy Inc. Customer 0120735043
27tier_3apple.com2CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
28tier_3topdefence-formob.com2NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMWhoisGuard, Inc.
29tier_3allbestsecureus.com1NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMWhoisGuard, Inc.
ipcityregionorgpostalcountry_nametiercounthostname
0207.244.67.218ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_117nan
1207.244.67.216ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_115nan
2207.244.67.215ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_113nan
3207.244.67.214ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_111nan
482.192.82.225SoestUtrechtAS60781 LeaseWeb Netherlands B.V.3765Netherlandstier_13nan
582.192.82.227SoestUtrechtAS60781 LeaseWeb Netherlands B.V.3765Netherlandstier_12nan
646.166.182.114AmsterdamNorth HollandAS43350 NForce Entertainment B.V.1012Netherlandstier_12nan
764.32.8.67Los AngelesCaliforniaAS46844 Sharktech90009United Statestier_12customer.sharktech.net
882.192.82.228SoestUtrechtAS60781 LeaseWeb Netherlands B.V.3765Netherlandstier_12nan
982.192.82.226SoestUtrechtAS60781 LeaseWeb Netherlands B.V.3765Netherlandstier_11nan
10173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_23218.65.c0ad.ip4.static.sl-reverse.com
11209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_226nan
12198.134.116.30New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_221nan
1334.226.252.28Virginia BeachVirginiaAS14618 Amazon.com, Inc.23457United Statestier_218ec2-34-226-252-28.compute-1.amazonaws.com
14209.132.243.15Los AngelesCaliforniaAS7296 Alchemy Communications, Inc.90009United Statestier_214nan
15167.114.103.223TorontoOntarioAS16276 OVH SASM5NCanadatier_210ns511363.ip-167-114-103.net
16192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_210rd.bizrate.com
17172.104.144.44Frankfurt am MainHesseAS63949 Linode, LLC60311Germanytier_210li1660-44.members.linode.com
1866.165.243.151TampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_2966-165-243-151.static.hvvc.us
1934.206.173.18Virginia BeachVirginiaAS14618 Amazon.com, Inc.23457United Statestier_29ec2-34-206-173-18.compute-1.amazonaws.com
20104.27.186.165Atlantic CityNew JerseyAS13335 Cloudflare, Inc.08404United Statestier_312nan
2166.254.114.123Los AngelesCaliforniaAS29789 Reflected Networks, Inc.90009United Statestier_310reflectededge.reflected.net
22100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_35pool-100-37-135-2.nycmny.fios.verizon.net
23172.67.181.234New York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_35nan
2423.39.32.237NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_35a23-39-32-237.deploy.static.akamaitechnologies.com
25104.24.119.18Atlantic CityNew JerseyAS13335 Cloudflare, Inc.08404United Statestier_34nan
26108.163.203.125Franklin ParkIllinoisAS32475 SingleHop LLC60131United Statestier_34server04.com-2.mobi
27172.67.219.253New York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_33nan
28152.195.19.97Los AngelesCaliforniaAS15133 MCI Communications Services, Inc. d/b/a Verizon Business90009United Statestier_33nan
29104.24.118.18Atlantic CityNew JerseyAS13335 Cloudflare, Inc.08404United Statestier_32nan

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website