Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 166 167 669 1 0 2020-11-29 207.244.67.215 Android
tier domain count registrar name_servers org
0 tier_1 biguzz.com 1 NamePal.com #8001, LLC NS1.DNSNUTS.COM None
1 tier_1 burnafterreadingpress.com 1 Biglizarddomains.com LLC NS1.DNSNUTS.COM None
2 tier_1 avanovsolutions.com 1 SNAPNAMES 77, LLC NS1.DNSNUTS.COM None
3 tier_1 barbiehry.com 1 Sea Wasp, LLC NS1.DNSNUTS.COM Savvy Investments, LLC Privacy ID# 760174
4 tier_1 balconesdelxanaes.com 1 SNAPNAMES 67, LLC NS1.DNSNUTS.COM None
5 tier_1 aro-aandv.com 1 DropFall.com, LLC NS1.DNSNUTS.COM None
6 tier_1 buysql.com 1 Long Drive Domains LLC NS1.DNSNUTS.COM None
7 tier_1 akyaravm.com 1 Chipshot Domains LLC NS1.DNSNUTS.COM None
8 tier_1 builtv.com 1 SNAPNAMES 10, LLC NS1.DNSNUTS.COM None
9 tier_1 almalahnews.com 1 SearchNResQ, LLC NS1.DNSNUTS.COM None
10 tier_2 track.vcdc.com 78 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
11 tier_2 mnason-hec.com 46 Amazon Registrar, Inc. NS-1205.AWSDNS-22.ORG Whois Privacy Service
12 tier_2 get.popplunder.com 46 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
13 tier_2 trustedpush.com 43 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
14 tier_2 win1.trustedpush.com 40 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
15 tier_2 win2.trustedpush.com 27 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
16 tier_2 technoblogs.net 25 GANDI SAS NS-1196.AWSDNS-21.ORG PPCBUZZ
17 tier_2 sopho-kat.com 17 Amazon Registrar, Inc. NS-1009.AWSDNS-62.NET Whois Privacy Service
18 tier_2 win3.trustedpush.com 16 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
19 tier_2 rdr.ad-score.com 16 GoDaddy.com, LLC NS53.DOMAINCONTROL.COM Protected Media
20 tier_3 track.vcdc.com 18 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
21 tier_3 win2.trustedpush.com 13 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
22 tier_3 win3.trustedpush.com 11 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
23 tier_3 brainberries.co 10 GoDaddy.com, LLC chuck.ns.cloudflare.com Bedigital Corporation
24 tier_3 kbb.com 9 CSC CORPORATE DOMAINS, INC. PDNS164.ULTRADNS.BIZ Autotrader.com
25 tier_3 win5.trustedpush.com 8 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
26 tier_3 keepinfit.net 8 GANDI SAS NS-1190.AWSDNS-20.ORG GlobalSource OU
27 tier_3 win4.trustedpush.com 7 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
28 tier_3 mystory.tommychongshemp.com 3 NAMECHEAP INC JERRY.NS.CLOUDFLARE.COM WhoisGuard, Inc.
29 tier_3 mgid.com 3 GoDaddy.com, LLC FIONA.NS.CLOUDFLARE.COM MGID Inc
ip city region org postal country_name tier count hostname
0 207.244.67.214 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 29 nan
1 207.244.67.215 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 27 nan
2 207.244.67.216 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 24 nan
3 207.244.67.218 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 17 nan
4 64.32.8.69 Los Angeles California AS46844 Sharktech 90009 United States tier_1 3 customer.sharktech.net
5 37.48.65.150 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 2 nan
6 185.107.56.57 Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 2 nan
7 185.107.56.58 Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 2 nan
8 37.48.65.151 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 2 nan
9 37.48.65.149 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 1 nan
10 34.199.180.187 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 46 ec2-34-199-180-187.compute-1.amazonaws.com
11 52.205.210.89 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 39 ec2-52-205-210-89.compute-1.amazonaws.com
12 13.225.229.61 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_2 38 server-13-225-229-61.jfk51.r.cloudfront.net
13 13.225.229.73 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 4 server-13-225-229-73.jfk51.r.cloudfront.net
14 13.225.229.113 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 7 server-13-225-229-113.jfk51.r.cloudfront.net
15 13.225.229.12 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 4 server-13-225-229-12.jfk51.r.cloudfront.net
16 54.225.132.253 Ashburn Virginia AS14618 Amazon.com, Inc. 20149 United States tier_2 24 ec2-54-225-132-253.compute-1.amazonaws.com
17 94.130.186.231 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 23 static.231.186.130.94.clients.your-server.de
18 94.130.185.237 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 21 static.237.185.130.94.clients.your-server.de
19 144.76.1.130 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 18 static.130.1.76.144.clients.your-server.de
20 100.37.135.2 New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 31 pool-100-37-135-2.nycmny.fios.verizon.net
21 138.201.252.161 Geldern North Rhine-Westphalia AS24940 Hetzner Online GmbH 47608 Germany tier_3 17 proxy.traffic.club
22 23.44.217.143 Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 9 a23-44-217-143.deploy.static.akamaitechnologies.com
23 13.225.229.113 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 7 server-13-225-229-113.jfk51.r.cloudfront.net
24 104.26.5.153 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 6 nan
25 13.225.229.73 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 4 server-13-225-229-73.jfk51.r.cloudfront.net
26 172.67.69.22 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 4 nan
27 13.225.229.12 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 4 server-13-225-229-12.jfk51.r.cloudfront.net
28 104.26.14.64 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 3 nan
29 104.19.133.78 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 3 nan

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website