Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 195 207 757 0 0 2020-12-15 37.48.65.149 Android
tier domain count registrar name_servers org
0 tier_1 avg4.us 1 UdomainName.com LLC ns1.dnsnuts.com None
1 tier_1 playrusthq.com 1 Bounce Pass Domains LLC NS1.DNSNUTS.COM The Management Group II
2 tier_1 mysocaledlife.com 1 Magnolia Domains, LLC NS1.DNSNUTS.COM None
3 tier_1 templatesuplex.com 1 Skykomishdomains.com LLC NS1.DNSNUTS.COM None
4 tier_1 somedecor.com 1 Biglizarddomains.com LLC NS1.DNSNUTS.COM None
5 tier_1 garciniacambogiasideeffects4u.com 1 Rally Cry Domains, LLC NS1.DNSNUTS.COM None
6 tier_1 ausujet.com 1 Domain Name Root, LLC NS1.DNSNUTS.COM The Management Group II
7 tier_1 dakmm.com 1 Private Domains, Incorporated NS1.DNSNUTS.COM None
8 tier_1 banalitech.com 1 DropWeek.com, Inc. NS1.DNSNUTS.COM None
9 tier_1 poisonx.us 1 UdomainName.com LLC ns2.dnsnuts.com None
10 tier_2 track.vcdc.com 76 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
11 tier_2 euphe-gun.com 62 Amazon Registrar, Inc. NS-1325.AWSDNS-37.ORG Whois Privacy Service
12 tier_2 mnason-hec.com 41 Amazon Registrar, Inc. NS-1205.AWSDNS-22.ORG Whois Privacy Service
13 tier_2 get.popplunder.com 41 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
14 tier_2 trustedpush.com 39 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
15 tier_2 win1.trustedpush.com 35 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
16 tier_2 win2.trustedpush.com 32 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
17 tier_2 atnpx.com 27 GoDaddy.com, LLC BECKY.NS.CLOUDFLARE.COM Domains By Proxy, LLC
18 tier_2 ad.doubleclick.net 25 MarkMonitor, Inc. NS1.GOOGLE.COM Google Inc.
19 tier_2 win3.trustedpush.com 21 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
20 tier_3 kbb.com 24 CSC CORPORATE DOMAINS, INC. PDNS164.ULTRADNS.BIZ Autotrader.com
21 tier_3 track.vcdc.com 17 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
22 tier_3 win4.trustedpush.com 13 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
23 tier_3 win3.trustedpush.com 11 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
24 tier_3 blog.sfgate.com 11 CSC CORPORATE DOMAINS, INC. NS1.HEARSTNP.COM Hearst Communications, Inc.
25 tier_3 blog.chron.com 11 CSC CORPORATE DOMAINS, INC. NS1.HEARSTNP.COM Hearst Newspapers, LLC
26 tier_3 win5.trustedpush.com 7 NameCheap, Inc. NS-1142.AWSDNS-14.ORG None
27 tier_3 wayfair.com 4 MarkMonitor, Inc. A1-100.AKAM.NET Wayfair, LLC
28 tier_3 win1.trustedpush.com 4 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
29 tier_3 blog.mysanantonio.com 3 CSC CORPORATE DOMAINS, INC. NS1.HEARSTNP.COM The Hearst Corporation
ip city region org postal country_name tier count hostname anycast
0 207.244.67.214 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 34 nan nan
1 207.244.67.218 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 24 nan nan
2 207.244.67.215 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 22 nan nan
3 207.244.67.216 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 22 nan nan
4 37.48.65.150 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 6 nan nan
5 37.48.65.148 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 3 nan nan
6 185.107.56.58 Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 3 nan nan
7 64.32.8.69 Los Angeles California AS46844 Sharktech 90009 United States tier_1 2 customer.sharktech.net nan
8 37.48.65.149 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 2 nan nan
9 185.107.56.59 Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 2 nan nan
10 13.225.229.73 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 7 server-13-225-229-73.jfk51.r.cloudfront.net nan
11 34.199.180.187 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 41 ec2-34-199-180-187.compute-1.amazonaws.com nan
12 3.221.180.161 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 40 ec2-3-221-180-161.compute-1.amazonaws.com nan
13 204.44.79.214 Los Angeles California AS8100 QuadraNet Enterprises LLC 90014 United States tier_2 27 204.44.79.214.static.quadranet.com nan
14 52.73.170.217 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 22 ec2-52-73-170-217.compute-1.amazonaws.com nan
15 144.76.1.130 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 22 static.130.1.76.144.clients.your-server.de nan
16 34.202.98.117 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 22 ec2-34-202-98-117.compute-1.amazonaws.com nan
17 34.226.113.11 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 19 ec2-34-226-113-11.compute-1.amazonaws.com nan
18 94.130.186.231 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 19 static.231.186.130.94.clients.your-server.de nan
19 172.217.10.6 Mountain View California AS15169 Google LLC 94043 United States tier_2 19 lga34s12-in-f6.1e100.net nan
20 151.101.0.200 San Francisco California AS54113 Fastly 94107 United States tier_3 27 nan True
21 100.37.135.2 New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 26 pool-100-37-135-2.nycmny.fios.verizon.net nan
22 195.201.92.254 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_3 15 static.254.92.201.195.clients.your-server.de nan
23 23.66.194.233 New York City New York AS16625 Akamai Technologies, Inc. 10004 United States tier_3 10 a23-66-194-233.deploy.static.akamaitechnologies.com nan
24 23.33.130.92 New York City New York AS16625 Akamai Technologies, Inc. 10004 United States tier_3 8 a23-33-130-92.deploy.static.akamaitechnologies.com nan
25 13.225.229.73 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 7 server-13-225-229-73.jfk51.r.cloudfront.net nan
26 104.105.89.43 New York City New York AS16625 Akamai Technologies, Inc. 10004 United States tier_3 6 a104-105-89-43.deploy.static.akamaitechnologies.com nan
27 13.225.190.56 Montréal Quebec AS16509 Amazon.com, Inc. H2W Canada tier_3 2 server-13-225-190-56.yul62.r.cloudfront.net nan
28 23.41.189.99 Newark New Jersey AS16625 Akamai Technologies, Inc. 07175 United States tier_3 2 a23-41-189-99.deploy.static.akamaitechnologies.com nan
29 144.76.0.242 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_3 2 static.242.0.76.144.clients.your-server.de nan

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website