Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
0153150384002020-09-2764.32.8.67Iphone
tierdomaincountregistrarname_serversorg
0tier_1jrpgreview.com1eNom413, IncorporatedNS1.DNSNUTS.COMNone
1tier_1tmrarena.com1Lemon Shark Domains, LLCNS1.DNSNUTS.COMNone
2tier_1drmommyonline.com1DevilDogDomains.com, LLCNS1.DNSNUTS.COMThe Management Group II
3tier_1freepornretro.com1eNom463, IncorporatedNS1.DNSNUTS.COMNone
4tier_1healthylifestar.com1eNom413, IncorporatedNS1.DNSNUTS.COMThe Management Group II
5tier_1bagustekno.net1Zone of Domains LLCNS1.DNSNUTS.COMNone
6tier_1aiss.cc1Top Shelf Domains LLCNS1.DNSNUTS.COMNone
7tier_1bingolticaretkampanya.com1Wild Bunch Domains, LLCNS1.DNSNUTS.COMNone
8tier_1astucesduquotidien.com1Wide Right Domains LLCNS1.DNSNUTS.COMNone
9tier_1deresute-japan.com1SNAPNAMES 47, LLCNS1.DNSNUTS.COMNone
10tier_2click.expmediadirect.com31NAMECHEAP INCNS1.LINODE.COMWhoisGuard, Inc.
11tier_2infopicked.com18NAMECHEAP INCNS0.DNSMADEEASY.COMWhoisGuard, Inc.
12tier_2changeslots.com17Instra Corporation Pty Ltd.CLEO.NS.CLOUDFLARE.COMREDACTED FOR PRIVACY
13tier_2btpnative.com15GoDaddy.com, LLCNS1.DNSIMPLE.COMDomains By Proxy, LLC
14tier_2p274639.infopicked.com15NAMECHEAP INCNS0.DNSMADEEASY.COMWhoisGuard, Inc.
15tier_2peachtrackerus.com15NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMWhoisGuard, Inc.
16tier_2rd.bizrate.com14MarkMonitor, Inc.NS-1189.AWSDNS-20.ORGMeredith Corporation
17tier_2search.eproute.info13GoDaddy.com, LLCNS22.DOMAINCONTROL.COMDomains By Proxy, LLC
18tier_2r.ealeo.com13DYNADOT LLCNS-1186.AWSDNS-20.ORGNone
19tier_2rd.connexity.net12MarkMonitor, Inc.NS-1190.AWSDNS-20.ORGConnexity, Inc.
20tier_3theconnectvpn.com17DonDominio (SCIP)ARNOLD.NS.CLOUDFLARE.COMSoluciones Corporativas IP, c/o Whois Proxy
21tier_3allbestsecureus.com15NAMECHEAP INCDNS1.REGISTRAR-SERVERS.COMWhoisGuard, Inc.
22tier_3everydayconsumers.com12GoDaddy.com, LLCJANET.NS.CLOUDFLARE.COMDomains By Proxy, LLC
23tier_3wine.com2Network Solutions, LLCNS1.P29.DYNECT.NETNone
24tier_3music.apple.com2CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
25tier_3eyebuydirect.com2Wild West Domains, LLCNS10.DNSMADEEASY.COMEyeBuyDirect Inc.
26tier_3apple.com2CSC CORPORATE DOMAINS, INC.A.NS.APPLE.COMApple Inc.
27tier_3search.eproute.info2GoDaddy.com, LLCNS22.DOMAINCONTROL.COMDomains By Proxy, LLC
28tier_3stripchat.com1NAMECHEAP INCAMY.NS.CLOUDFLARE.COMWhoisGuard, Inc.
29tier_3nutrisystem.com1Network Solutions, LLCEDNS104.ULTRADNS.BIZNone
ipcityregionorgpostalcountry_nametiercounthostname
0207.244.67.216ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_121nan
1207.244.67.218ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_115nan
2207.244.67.215ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_114nan
3207.244.67.214ManassasVirginiaAS30633 Leaseweb USA, Inc.20108United Statestier_113nan
482.192.82.226SoestUtrechtAS60781 LeaseWeb Netherlands B.V.3765Netherlandstier_13nan
546.166.182.114AmsterdamNorth HollandAS43350 NForce Entertainment B.V.1012Netherlandstier_12nan
682.192.82.228SoestUtrechtAS60781 LeaseWeb Netherlands B.V.3765Netherlandstier_11nan
746.166.182.112AmsterdamNorth HollandAS43350 NForce Entertainment B.V.1012Netherlandstier_11nan
837.48.65.151AmsterdamNorth HollandAS60781 LeaseWeb Netherlands B.V.1012Netherlandstier_11nan
982.192.82.227SoestUtrechtAS60781 LeaseWeb Netherlands B.V.3765Netherlandstier_11nan
10173.192.101.24DallasTexasAS36351 SoftLayer Technologies Inc.75270United Statestier_23618.65.c0ad.ip4.static.sl-reverse.com
11198.134.116.30New York CityNew YorkAS27257 Webair Internet Development Company Inc.10013United Statestier_231nan
12209.15.13.136TorontoOntarioAS13768 Aptum TechnologiesM5NCanadatier_218nan
1334.230.220.28Virginia BeachVirginiaAS14618 Amazon.com, Inc.23457United Statestier_217ec2-34-230-220-28.compute-1.amazonaws.com
14209.132.243.15Los AngelesCaliforniaAS7296 Alchemy Communications, Inc.90009United Statestier_216nan
1554.39.130.163LangfordBritish ColumbiaAS16276 OVH SASV9BCanadatier_315ns568503.ip-54-39-130.net
16192.138.218.207SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_215rd.bizrate.com
1766.165.243.151TampaFloridaAS29802 HIVELOCITY, Inc.33606United Statestier_21466-165-243-151.static.hvvc.us
18192.138.218.139SeattleWashingtonAS14332 Connexity, Inc.98111United Statestier_212rd.connexity.net
19172.104.144.44Frankfurt am MainHesseAS63949 Linode, LLC60311Germanytier_211li1660-44.members.linode.com
2054.39.130.163LangfordBritish ColumbiaAS16276 OVH SASV9BCanadatier_315ns568503.ip-54-39-130.net
21172.67.181.234New York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_37nan
22172.67.219.253New York CityNew YorkAS13335 Cloudflare, Inc.10004United Statestier_36nan
23104.27.186.165Atlantic CityNew JerseyAS13335 Cloudflare, Inc.08404United Statestier_35nan
24104.27.187.165Atlantic CityNew JerseyAS13335 Cloudflare, Inc.08404United Statestier_35nan
25104.24.118.18Atlantic CityNew JerseyAS13335 Cloudflare, Inc.08404United Statestier_34nan
26100.37.135.2New York CityNew YorkAS701 MCI Communications Services, Inc. d/b/a Verizon Business10004United Statestier_34pool-100-37-135-2.nycmny.fios.verizon.net
27104.24.119.18Atlantic CityNew JerseyAS13335 Cloudflare, Inc.08404United Statestier_32nan
28151.101.2.137BrisbaneQueenslandAS54113 Fastly4000Australiatier_32nan
29107.154.102.49Atlantic CityNew JerseyAS19551 Incapsula Inc08404United Statestier_32107.154.102.49.ip.incapdns.net

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website