Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
0142144429102020-11-1537.48.65.149Safari
tierdomaincountregistrarname_serversorg
0tier_1kamibbs.biz1UdomainName.com LLCns2.dnsnuts.comNone
1tier_1localdates31.com1Targeted Drop Catch LLCNS1.DNSNUTS.COMNone
2tier_1love-in-air.net1Freefall Domains LLCNS1.DNSNUTS.COMNone
3tier_1atgames-boo.com1SicherRegister, IncorporatedNS1.DNSNUTS.COMThe Management Group II
4tier_1torrentbuzz.net1Hang Ten Domains, LLCNS1.DNSNUTS.COMNone
5tier_1bulasderemedios.com1Baronofdomains.com LLCNS1.DNSNUTS.COMNone
6tier_1downtoearthlinux.com1Big Dipper Domains, LLCNS1.DNSNUTS.COMNone
7tier_1krovatka.org1UDomainName.com LLCNS1.DNSNUTS.COM['The Management Group II', 'Statutory Masking Enabled']
8tier_1peopleinpizzaslicecostumesbecomingpizzas.com1Domainsurgeon.com LLCNS1.DNSNUTS.COMThe Management Group II
9tier_1sankakucomplex.org1AtlanticFriendNames.com LLCNS1.DNSNUTS.COM['The Management Group II', 'Statutory Masking Enabled']
10tier_3futmillionaire.com20NAMECHEAP INCFRED.NS.CLOUDFLARE.COMWhoisGuard, Inc.
11tier_3toovolution.club13NoneNoneNone
12tier_3newsoftready.getstablesystemupgrades.work5NoneNoneNone
13tier_3kbb.com5CSC CORPORATE DOMAINS, INC.PDNS164.ULTRADNS.BIZAutotrader.com
14tier_3inappropriate.top3URL Solutions Inc.ns3.p06.dynect.netGLOBAL DOMAIN PRIVACY SERVICES INC
15tier_3track.vcdc.com2Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
16tier_3getupdate.getstablesystemupgrades.work2NoneNoneNone
17tier_3us.search.yahoo.com2MarkMonitor, Inc.NS1.YAHOO.COMOath Inc.
18tier_3nowgetsoft.findperfectplaces4download.work2NoneNoneNone
19tier_3soft4update.findperfectplaces4download.work2NoneNoneNone
20tier_2dprtb.com40GoDaddy.com, LLCNS1.DNSIMPLE.COMDomains By Proxy, LLC
21tier_25339.wcitianka.com36GoDaddy Online Services Cayman Islands LTDNS-1096.AWSDNS-09.ORGNone
22tier_2tr.trackingsys.tech36DonDominio (SCIP)NS1.DONDOMINIO.COMSoluciones Corporativas IP, c/o Whois Proxy
23tier_275f749rpbc1xjr5a8g-g-6vg2f.hop.clickbank.net20Amazon Registrar, Inc.NS-1390.AWSDNS-45.ORGWhois Privacy Service
24tier_2track.vcdc.com17Key-Systems GmbHGUY.NS.CLOUDFLARE.COMc/o whoisproxy.com
25tier_2get36.admedit.net16NoneNoneNone
26tier_2btpnative.com11GoDaddy.com, LLCNS1.DNSIMPLE.COMDomains By Proxy, LLC
27tier_2infopicked.com11NAMECHEAP INCNS0.DNSMADEEASY.COMWhoisGuard, Inc.
28tier_2usd.alexa-cam.com9Amazon Registrar, Inc.NS-1493.AWSDNS-58.ORGWhois Privacy Service
29tier_2usd.mnason-hec.com7Amazon Registrar, Inc.NS-1205.AWSDNS-22.ORGWhois Privacy Service
ipcityregionorgpostalcountry_nametiercounthostname
0207.244.67.216ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_122nan
1207.244.67.215ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_119nan
2207.244.67.218ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_113nan
3207.244.67.214ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_113nan
4185.107.56.59RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_15nan
537.48.65.149AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_12nan
6185.107.56.58RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_11nan
7185.107.56.60RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_11nan
837.48.65.148AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_11nan
9185.107.56.57RotterdamSouth HollandAS43350 NForce Entertainment B.V.3012Netherlandstier_11nan
1062.210.11.149ParisÎle-de-FranceAS12876 ONLINE S.A.S.75004Francetier_31062-210-11-149.rev.poneytelecom.eu
11172.67.208.25San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_310nan
12104.18.42.69San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_36nan
13195.154.40.107ParisÎle-de-FranceAS12876 ONLINE S.A.S.75000Francetier_36195-154-40-107.rev.poneytelecom.eu
1423.44.217.143NewarkNew JerseyAS16625 Akamai Technologies, Inc.07175United Statestier_35a23-44-217-143.deploy.static.akamaitechnologies.com
15104.18.43.69San FranciscoCaliforniaAS13335 Cloudflare, Inc.94107United Statestier_34nan
1613.32.179.27WashingtonWashington, D.C.AS16509 Amazon.com, Inc.20045United Statestier_33server-13-32-179-27.iad66.r.cloudfront.net
17138.201.252.161GeldernNorth Rhine-WestphaliaAS24940 Hetzner Online GmbH47608Germanytier_32proxy.traffic.club
1866.218.84.137Atlantic CityNew JerseyAS26101 Oath Holdings Inc.08404United Statestier_32ats1.l7.search.vip.bf1.yahoo.com
1913.226.94.28SeattleWashingtonAS16509 Amazon.com, Inc.98101United Statestier_32server-13-226-94-28.atl52.r.cloudfront.net
20209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_251nan
21198.54.112.216San JoseCaliforniaAS22612 Namecheap, Inc.95103United Statestier_236nan
2234.231.10.22Virginia BeachVirginiaAS14618 Amazon.com, Inc.23450United Statestier_236ec2-34-231-10-22.compute-1.amazonaws.com
2354.225.132.253Virginia BeachVirginiaAS14618 Amazon.com, Inc.23450United Statestier_217ec2-54-225-132-253.compute-1.amazonaws.com
24137.74.180.226AmsterdamNorth HollandAS16276 OVH SAS1012Netherlandstier_216ip226.ip-137-74-180.eu
2552.205.210.89Virginia BeachVirginiaAS14618 Amazon.com, Inc.23450United Statestier_215ec2-52-205-210-89.compute-1.amazonaws.com
2635.155.121.25PortlandOregonAS16509 Amazon.com, Inc.97214United Statestier_212ec2-35-155-121-25.us-west-2.compute.amazonaws.com
27173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_21218.65.c0ad.ip4.static.sl-reverse.com
2844.238.254.101PortlandOregonAS16509 Amazon.com, Inc.97214United Statestier_28ec2-44-238-254-101.us-west-2.compute.amazonaws.com
2994.130.185.237NürnbergBavariaAS24940 Hetzner Online GmbH90402Germanytier_26static.237.185.130.94.clients.your-server.de

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website