Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 159 157 381 0 0 2020-12-21 37.48.65.151 Chrome
tier domain count registrar name_servers org
0 tier_1 freemoneysystem.net 1 Interlakenames.com LLC NS1.DNSNUTS.COM None
1 tier_1 animehentaitube.net 1 Heavydomains.net LLC NS1.DNSNUTS.COM None
2 tier_1 jrpgreview.com 1 SNAPNAMES 42, LLC NS1.DNSNUTS.COM None
3 tier_1 deadlysinx.net 1 Domains of Origin, LLC NS1.DNSNUTS.COM None
4 tier_1 lordntaylor.com 1 Sea Wasp, LLC NS1.DNSNUTS.COM Savvy Investments, LLC Privacy ID# 937761
5 tier_1 juggler-peka.net 1 Domaincomesaround.com LLC NS1.DNSNUTS.COM None
6 tier_1 crafthd.net 1 SNAPNAMES 42, LLC NS1.DNSNUTS.COM None
7 tier_1 spimy.us 1 UdomainName.com LLC ns2.dnsnuts.com None
8 tier_1 itiraku.net 1 Free Drop Zone LLC NS1.DNSNUTS.COM None
9 tier_1 dakmm.com 1 Private Domains, LLC NS1.DNSNUTS.COM None
10 tier_2 track.vcdc.com 33 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
11 tier_2 click.expmediadirect.com 29 NAMECHEAP INC NS1.LINODE.COM WhoisGuard, Inc.
12 tier_2 clk.rtpdn12.com 23 None None None
13 tier_2 euphe-gun.com 18 Amazon Registrar, Inc. NS-1325.AWSDNS-37.ORG Whois Privacy Service
14 tier_2 media-px.com 13 GoDaddy.com, LLC BECKY.NS.CLOUDFLARE.COM Domains By Proxy, LLC
15 tier_2 servedby.flashtalking.com 13 MESH DIGITAL LIMITED NS1.P09.DYNECT.NET Flashtalking, Inc.
16 tier_2 build.mediapicker.com 10 GoDaddy.com, LLC RAQUEL.NS.CLOUDFLARE.COM Domains By Proxy, LLC
17 tier_2 click.junmediadirect.com 7 NAMECHEAP INC NS1.LINODE.COM WhoisGuard, Inc.
18 tier_2 btpnative.com 5 1API GmbH NS1.DNSIMPLE.COM Registrant of btpnative.com
19 tier_2 infopicked.com 5 NAMECHEAP INC NS0.DNSMADEEASY.COM WhoisGuard, Inc.
20 tier_3 fortunerain.info 18 GoDaddy.com, LLC MOLLY.NS.CLOUDFLARE.COM None
21 tier_3 socalhondadealers.com 13 DREAMHOST NS1.DREAMHOST.COM Proxy Protection LLC
22 tier_3 turbo-pdf.com 13 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
23 tier_3 casinoentity.info 9 GoDaddy.com, LLC MOLLY.NS.CLOUDFLARE.COM None
24 tier_3 track.vcdc.com 8 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
25 tier_3 worldoftanks.ru 3 RU-CENTER-RU ns1.wargaming.net. Wargaming.net Limited
26 tier_3 squirt.org 2 NAMECHEAP INC NS5.DNSMADEEASY.COM WhoisGuard, Inc.
27 tier_3 boot-upquick-theintenselyfile.best 2 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
28 tier_3 streamswiftcompletelypro.best 2 Namecheap DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
29 tier_3 boot-uprefined-thecompletelyfile.best 2 None None None
ip city region org postal country_name tier count hostname anycast
0 207.244.67.216 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 20 nan nan
1 207.244.67.218 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 19 nan nan
2 207.244.67.214 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 17 nan nan
3 207.244.67.215 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 11 nan nan
4 185.107.56.58 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 6 nan nan
5 37.48.65.151 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 4 nan nan
6 185.107.56.60 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 3 nan nan
7 185.107.56.57 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 3 nan nan
8 37.48.65.150 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 2 nan nan
9 37.48.65.149 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 1 nan nan
10 198.134.116.30 New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 29 nan nan
11 173.239.53.32 New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 26 nan nan
12 205.185.216.10 Dallas Texas AS20446 Highwinds Network Group, Inc. 75201 United States tier_2 12 map2.hwcdn.net True
13 144.76.1.130 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 11 static.130.1.76.144.clients.your-server.de nan
14 94.130.186.231 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 10 static.231.186.130.94.clients.your-server.de nan
15 18.210.49.168 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 10 ec2-18-210-49-168.compute-1.amazonaws.com nan
16 209.15.13.136 Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 9 nan nan
17 94.130.185.237 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 8 static.237.185.130.94.clients.your-server.de nan
18 172.67.134.220 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_2 7 nan True
19 34.226.113.11 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 7 ec2-34-226-113-11.compute-1.amazonaws.com nan
20 178.128.246.195 Amsterdam North Holland AS14061 DigitalOcean, LLC 1012 Netherlands tier_3 13 nan nan
21 172.67.185.52 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 10 nan True
22 75.101.207.6 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_3 10 ec2-75-101-207-6.compute-1.amazonaws.com nan
23 195.201.92.254 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_3 8 static.254.92.201.195.clients.your-server.de nan
24 34.207.4.240 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_3 7 ec2-34-207-4-240.compute-1.amazonaws.com nan
25 104.31.95.162 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 7 nan True
26 104.24.120.9 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 7 nan True
27 35.174.35.73 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_3 6 ec2-35-174-35-73.compute-1.amazonaws.com nan
28 92.223.21.73 Luxembourg Luxembourg AS199524 G-Core Labs S.A. L-1882 Luxembourg tier_3 3 ed-sl-b73.fe.core.pw nan
29 158.106.84.60 Toronto Ontario AS23498 COGECODATA M5N Canada tier_3 2 www.squirtmail.com nan

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website