Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 139 144 584 0 0 2021-01-01 37.48.65.151 Android
tier domain count registrar name_servers org
0 tier_1 lawichhoneybeeco.com 1 OldWorldAliases.com LLC NS1.DNSNUTS.COM None
1 tier_1 flearning.net 1 Wide Left Domains LLC NS1.DNSNUTS.COM None
2 tier_1 myhit.tv 1 Domain Name Root LLC NS1.DNSNUTS.COM None
3 tier_1 fudgebananaswirl.com 1 Name Connection Spot LLC NS1.DNSNUTS.COM None
4 tier_1 az-khaos.com 1 EUTurbo.com LLC NS1.DNSNUTS.COM None
5 tier_1 qsanguosha.org 1 BullRunDomains.com LLC NS1.DNSNUTS.COM The Management Group II
6 tier_1 18land.net 1 DuckbilledDomains.com LLC NS1.DNSNUTS.COM None
7 tier_1 aellaabroad.com 1 SNAPNAMES 35, LLC NS1.DNSNUTS.COM None
8 tier_1 dailymastro.com 1 Veritas Domains, LLC NS1.DNSNUTS.COM None
9 tier_1 freecric.net 1 Allworldnames.com LLC NS1.DNSNUTS.COM None
10 tier_2 track.vcdc.com 49 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
11 tier_2 bradamante-per.com 48 Amazon Registrar, Inc. NS-1026.AWSDNS-00.ORG Whois Privacy Service
12 tier_2 get.popplunder.com 48 NAMECHEAP INC DNS1.REGISTRAR-SERVERS.COM WhoisGuard, Inc.
13 tier_2 trustedpush.com 45 None None None
14 tier_2 win1.trustedpush.com 43 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
15 tier_2 win2.trustedpush.com 29 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
16 tier_2 alfik-fik.com 17 Amazon Registrar, Inc. NS-1264.AWSDNS-30.ORG Whois Privacy Service
17 tier_2 win3.trustedpush.com 16 None None None
18 tier_2 click.expmediadirect.com 14 None None None
19 tier_2 rtbstream.com 11 GoDaddy.com, LLC NS1.DNSIMPLE.COM Bidtellect, Inc
20 tier_3 win2.trustedpush.com 14 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
21 tier_3 win3.trustedpush.com 13 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
22 tier_3 win4.trustedpush.com 10 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
23 tier_3 delightcmain.xyz 8 Epik LLC MARJORY.NS.CLOUDFLARE.COM Anonymize, Inc.
24 tier_3 blog.sfgate.com 7 CSC CORPORATE DOMAINS, INC. NS1.HEARSTNP.COM Hearst Communications, Inc.
25 tier_3 track.vcdc.com 7 Key-Systems GmbH GUY.NS.CLOUDFLARE.COM c/o whoisproxy.com
26 tier_3 win5.trustedpush.com 6 NAMECHEAP INC NS-1142.AWSDNS-14.ORG WhoisGuard, Inc.
27 tier_3 searchfrequently.com 6 GoDaddy.com, LLC NEIL.NS.CLOUDFLARE.COM Domains By Proxy, LLC
28 tier_3 findoffers.co 5 Key-Systems GmbH ns4.monikerdns.net Moniker Privacy Services
29 tier_3 a.upbeatcboulevard.xyz 4 Epik LLC MARJORY.NS.CLOUDFLARE.COM Anonymize, Inc.
ip city region org postal country_name tier count hostname anycast
0 207.244.67.214 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 24 nan nan
1 207.244.67.218 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 23 nan nan
2 207.244.67.216 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 17 nan nan
3 207.244.67.215 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 10 nan nan
4 37.48.65.148 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 5 nan nan
5 185.107.56.57 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 5 nan nan
6 63.143.32.90 Dallas Texas AS46475 Limestone Networks, Inc. 75202 United States tier_1 2 90-32-143-63.static.reverse.lstn.net nan
7 185.107.56.60 Amsterdam North Holland AS43350 NForce Entertainment B.V. 1012 Netherlands tier_1 2 nan nan
8 37.48.65.150 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 2 nan nan
9 63.143.32.89 Dallas Texas AS46475 Limestone Networks, Inc. 75202 United States tier_1 1 89-32-143-63.static.reverse.lstn.net nan
10 13.225.62.7 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 8 server-13-225-62-7.ewr53.r.cloudfront.net nan
11 34.199.180.187 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 48 ec2-34-199-180-187.compute-1.amazonaws.com nan
12 34.226.113.11 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 34 ec2-34-226-113-11.compute-1.amazonaws.com nan
13 34.202.98.117 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 31 ec2-34-202-98-117.compute-1.amazonaws.com nan
14 13.225.62.54 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 4 server-13-225-62-54.ewr53.r.cloudfront.net nan
15 13.225.62.107 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 6 server-13-225-62-107.ewr53.r.cloudfront.net nan
16 13.225.62.25 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_2 22 server-13-225-62-25.ewr53.r.cloudfront.net nan
17 209.15.13.136 Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 19 nan nan
18 94.130.185.237 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_2 17 static.237.185.130.94.clients.your-server.de nan
19 198.134.116.30 New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 14 nan nan
20 100.37.135.2 New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 30 pool-100-37-135-2.nycmny.fios.verizon.net nan
21 13.225.62.7 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 8 server-13-225-62-7.ewr53.r.cloudfront.net nan
22 151.101.0.200 San Francisco California AS54113 Fastly 94107 United States tier_3 7 nan True
23 195.201.92.254 Nürnberg Bavaria AS24940 Hetzner Online GmbH 90402 Germany tier_3 6 static.254.92.201.195.clients.your-server.de nan
24 13.225.62.107 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 6 server-13-225-62-107.ewr53.r.cloudfront.net nan
25 18.190.1.57 Columbus Ohio AS16509 Amazon.com, Inc. 43221 United States tier_3 5 ec2-18-190-1-57.us-east-2.compute.amazonaws.com nan
26 104.31.81.30 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 4 nan True
27 104.18.82.149 San Francisco California AS13335 Cloudflare, Inc. 94107 United States tier_3 4 nan True
28 13.225.62.54 Newark New Jersey AS16509 Amazon.com, Inc. 07175 United States tier_3 4 server-13-225-62-54.ewr53.r.cloudfront.net nan
29 192.243.59.20 Washington Washington, D.C. AS39572 DataWeb Global Group B.V. 20045 United States tier_3 4 nan nan

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website