Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
0166167669102020-11-29207.244.67.215Android
tierdomaincountregistrarname_serversorg
0tier_1biguzz.com1NamePal.com #8001, LLCNS1.DNSNUTS.COMNone
1tier_1burnafterreadingpress.com1Biglizarddomains.com LLCNS1.DNSNUTS.COMNone
2tier_1avanovsolutions.com1SNAPNAMES 77, LLCNS1.DNSNUTS.COMNone
3tier_1barbiehry.com1Sea Wasp, LLCNS1.DNSNUTS.COMSavvy Investments, LLC Privacy ID# 760174
4tier_1balconesdelxanaes.com1SNAPNAMES 67, LLCNS1.DNSNUTS.COMNone
5tier_1aro-aandv.com1DropFall.com, LLCNS1.DNSNUTS.COMNone
6tier_1buysql.com1Long Drive Domains LLCNS1.DNSNUTS.COMNone
7tier_1akyaravm.com1Chipshot Domains LLCNS1.DNSNUTS.COMNone
8tier_1builtv.com1SNAPNAMES 10, LLCNS1.DNSNUTS.COMNone
9tier_1almalahnews.com1SearchNResQ, LLCNS1.DNSNUTS.COMNone
10tier_2track.vcdc.com78Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
11tier_2mnason-hec.com46Amazon Registrar, Inc.NS-1205.AWSDNS-22.ORGWhois Privacy Service
12tier_2get.popplunder.com46NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMWhoisGuard, Inc.
13tier_2trustedpush.com43NAMECHEAP INCNS-1142.AWSDNS-14.ORGWhoisGuard, Inc.
14tier_2win1.trustedpush.com40NAMECHEAP INCNS-1142.AWSDNS-14.ORGWhoisGuard, Inc.
15tier_2win2.trustedpush.com27NAMECHEAP INCNS-1142.AWSDNS-14.ORGWhoisGuard, Inc.
16tier_2technoblogs.net25GANDI SASNS-1196.AWSDNS-21.ORGPPCBUZZ
17tier_2sopho-kat.com17Amazon Registrar, Inc.NS-1009.AWSDNS-62.NETWhois Privacy Service
18tier_2win3.trustedpush.com16NAMECHEAP INCNS-1142.AWSDNS-14.ORGWhoisGuard, Inc.
19tier_2rdr.ad-score.com16GoDaddy.com, LLCNS53.DOMAINCONTROL.COMProtected Media
20tier_3track.vcdc.com18Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
21tier_3win2.trustedpush.com13NAMECHEAP INCNS-1142.AWSDNS-14.ORGWhoisGuard, Inc.
22tier_3win3.trustedpush.com11NAMECHEAP INCNS-1142.AWSDNS-14.ORGWhoisGuard, Inc.
23tier_3brainberries.co10GoDaddy.com, LLCchuck.ns.cloudflare.comBedigital Corporation
24tier_3kbb.com9CSC CORPORATE DOMAINS, INC.PDNS164.ULTRADNS.BIZAutotrader.com
25tier_3win5.trustedpush.com8NAMECHEAP INCNS-1142.AWSDNS-14.ORGWhoisGuard, Inc.
26tier_3keepinfit.net8GANDI SASNS-1190.AWSDNS-20.ORGGlobalSource OU
27tier_3win4.trustedpush.com7NAMECHEAP INCNS-1142.AWSDNS-14.ORGWhoisGuard, Inc.
28tier_3mystory.tommychongshemp.com3NAMECHEAP INCJERRY.NS.CLOUDFLARE.COMWhoisGuard, Inc.
29tier_3mgid.com3GoDaddy.com, LLCFIONA.NS.CLOUDFLARE.COMMGID Inc
ipcityregionorgpostalcountry_nametiercounthostname
0207.244.67.214ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_129nan
1207.244.67.215ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_127nan
2207.244.67.216ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_124nan
3207.244.67.218ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_117nan
464.32.8.69Los AngelesCaliforniaAS46844 Sharktech90009United Statestier_13customer.sharktech.net
537.48.65.150AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_12nan
6185.107.56.57RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_12nan
7185.107.56.58RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_12nan
837.48.65.151AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_12nan
937.48.65.149AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_11nan
1034.199.180.187AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_246ec2-34-199-180-187.compute-1.amazonaws.com
1152.205.210.89AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_239ec2-52-205-210-89.compute-1.amazonaws.com
1213.225.229.61New York CityNew YorkAS16509 Amazon.com, Inc.10004United Statestier_238server-13-225-229-61.jfk51.r.cloudfront.net
1313.225.229.73New York CityNew YorkAS16509 Amazon.com, Inc.10004United Statestier_34server-13-225-229-73.jfk51.r.cloudfront.net
1413.225.229.113New York CityNew YorkAS16509 Amazon.com, Inc.10004United Statestier_37server-13-225-229-113.jfk51.r.cloudfront.net
1513.225.229.12New York CityNew YorkAS16509 Amazon.com, Inc.10004United Statestier_34server-13-225-229-12.jfk51.r.cloudfront.net
1654.225.132.253AshburnVirginiaAS14618 Amazon.com, Inc.20149United Statestier_224ec2-54-225-132-253.compute-1.amazonaws.com
1794.130.186.231NürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_223static.231.186.130.94.clients.your-server.de
1894.130.185.237NürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_221static.237.185.130.94.clients.your-server.de
19144.76.1.130NürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_218static.130.1.76.144.clients.your-server.de
20100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_331pool-100-37-135-2.nycmny.fios.verizon.net
21138.201.252.161GeldernNorth Rhine-WestphaliaAS24940 Hetzner Online GmbH47608Germanytier_317proxy.traffic.club
2223.44.217.143NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_39a23-44-217-143.deploy.static.akamaitechnologies.com
2313.225.229.113New York CityNew YorkAS16509 Amazon.com, Inc.10004United Statestier_37server-13-225-229-113.jfk51.r.cloudfront.net
24104.26.5.153San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_36nan
2513.225.229.73New York CityNew YorkAS16509 Amazon.com, Inc.10004United Statestier_34server-13-225-229-73.jfk51.r.cloudfront.net
26172.67.69.22San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_34nan
2713.225.229.12New York CityNew YorkAS16509 Amazon.com, Inc.10004United Statestier_34server-13-225-229-12.jfk51.r.cloudfront.net
28104.26.14.64San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_33nan
29104.19.133.78San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_33nan

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website