Daily Threat Intelligence Report

This report contains following information

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain
num_domain num_links num_full_url num_safebrowsing_malicious num_vt_malicious date ip user_agent
0 116 118 395 0 0 2020-12-08 37.48.65.149 Chrome
tier domain count registrar name_servers org
0 tier_1 mypirateproxy.com 1 Chipshot Domains LLC NS1.DNSNUTS.COM The Management Group II
1 tier_1 templatesuplex.com 1 Skykomishdomains.com LLC NS1.DNSNUTS.COM None
2 tier_1 panorama-pamporovo.com 1 Snapsource LLC NS1.DNSNUTS.COM None
3 tier_1 dl4warez.com 1 NamePal.com #8013 Inc. NS1.DNSNUTS.COM The Management Group II
4 tier_1 codecramp.com 1 Traffic Names, Incorporated NS1.DNSNUTS.COM None
5 tier_1 mowalls.net 1 eNomToo, Inc. NS1.DNSNUTS.COM None
6 tier_1 bryantan.info 1 BigLizarddomains.com LLC NS1.DNSNUTS.COM Statutory Masking Enabled
7 tier_1 jostoto.us 1 UdomainName.com LLC ns2.dnsnuts.com None
8 tier_1 aish.us 1 UdomainName.com LLC ns2.dnsnuts.com None
9 tier_1 mangaice.com 1 Leatherneckdomains.com, LLC NS1.DNSNUTS.COM The Management Group II
10 tier_2 dprtb.com 38 GoDaddy.com, LLC NS1.DNSIMPLE.COM Domains By Proxy, LLC
11 tier_2 1496.wcitianka.com 36 GoDaddy Online Services Cayman Islands LTD NS-1096.AWSDNS-09.ORG None
12 tier_2 americanlisted.com 36 ilait AB NS1.TELECOM3.NET Integration 3 Group AB
13 tier_2 click.expmediadirect.com 18 None None None
14 tier_2 click.appcast.io 17 101Domain GRS Ltd NS-85.AWSDNS-10.COM None
15 tier_2 rd.lcjalerts.com 17 GoDaddy.com, LLC NS-130.AWSDNS-16.COM Domains By Proxy, LLC
16 tier_2 us.jobtome.com 16 GoDaddy.com, LLC CHRIS.NS.CLOUDFLARE.COM Jobtome Internantional SA
17 tier_2 rd.torchdaily.com 10 GoDaddy.com, LLC NS-1225.AWSDNS-25.ORG Domains By Proxy, LLC
18 tier_2 krvtrk.com 10 None None None
19 tier_2 jsv3.recruitics.com 8 TUCOWS, INC. NS1.P24.DYNECT.NET REDACTED FOR PRIVACY
20 tier_3 jobs2careers.com 11 Amazon Registrar, Inc. NS-1189.AWSDNS-20.ORG Whois Privacy Service
21 tier_3 myhealthcycle.com 10 None None None
22 tier_3 turbo-pdf.com 9 None None None
23 tier_3 shipt.com_LOOP_1 7 None None None
24 tier_3 homedepotretailjobs.com 5 CSC CORPORATE DOMAINS, INC. NS-1365.AWSDNS-42.ORG Home Depot Product Authority, LLC
25 tier_3 feed.int.jobble.com 3 GoDaddy.com, LLC NS-1238.AWSDNS-26.ORG Domains By Proxy, LLC
26 tier_3 qualitydriversolutions.thejobnetwork.com 2 GoDaddy.com, LLC NS-1356.AWSDNS-41.ORG RealMatch
27 tier_3 sjobs.brassring.com 2 CSC CORPORATE DOMAINS, INC. A1-160.AKAM.NET Not Disclosed
28 tier_3 macys.com 2 Network Solutions, LLC A1-135.AKAM.NET Macy's Systems and Technology, Inc.
29 tier_3 the-house.com 1 GoDaddy.com, LLC NS-1305.AWSDNS-35.ORG Active Sports, Inc.
ip city region org postal country_name tier count hostname
0 207.244.67.218 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 23 nan
1 207.244.67.216 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 13 nan
2 207.244.67.215 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 11 nan
3 207.244.67.214 Manassas Virginia AS30633 Leaseweb USA, Inc. 20108 United States tier_1 8 nan
4 64.32.8.67 Los Angeles California AS46844 Sharktech 90009 United States tier_1 2 customer.sharktech.net
5 185.107.56.59 Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 2 nan
6 37.48.65.150 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 2 nan
7 64.32.8.69 Los Angeles California AS46844 Sharktech 90009 United States tier_1 1 customer.sharktech.net
8 37.48.65.149 Amsterdam North Holland AS60781 LeaseWeb Netherlands B.V. 1012 Netherlands tier_1 1 nan
9 185.107.56.58 Rotterdam South Holland AS43350 NForce Entertainment B.V. 3012 Netherlands tier_1 1 nan
10 209.15.13.136 Toronto Ontario AS13768 Aptum Technologies M5N Canada tier_2 40 nan
11 198.54.112.216 San Jose California AS22612 Namecheap, Inc. 95103 United States tier_2 36 nan
12 35.209.61.240 Council Bluffs Iowa AS15169 Google LLC 51502 United States tier_2 36 240.61.209.35.bc.googleusercontent.com
13 198.134.116.30 New York City New York AS27257 Webair Internet Development Company Inc. 10013 United States tier_2 18 nan
14 130.211.38.206 Kansas City Missouri AS15169 Google LLC 64121 United States tier_2 16 206.38.211.130.bc.googleusercontent.com
15 3.86.134.189 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 12 ec2-3-86-134-189.compute-1.amazonaws.com
16 34.203.143.4 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 10 ec2-34-203-143-4.compute-1.amazonaws.com
17 34.194.75.233 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 10 ec2-34-194-75-233.compute-1.amazonaws.com
18 3.211.178.164 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 7 ec2-3-211-178-164.compute-1.amazonaws.com
19 34.234.179.35 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_2 7 ec2-34-234-179-35.compute-1.amazonaws.com
20 157.245.245.47 North Bergen New Jersey AS14061 DigitalOcean, LLC 07047 United States tier_3 10 nan
21 178.128.246.195 Amsterdam North Holland AS14061 DigitalOcean, LLC 1012 Netherlands tier_3 9 nan
22 100.37.135.2 New York City New York AS701 MCI Communications Services, Inc. d/b/a Verizon Business 10004 United States tier_3 8 pool-100-37-135-2.nycmny.fios.verizon.net
23 34.236.61.118 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_3 6 ec2-34-236-61-118.compute-1.amazonaws.com
24 13.225.229.69 New York City New York AS16509 Amazon.com, Inc. 10004 United States tier_3 3 server-13-225-229-69.jfk51.r.cloudfront.net
25 199.83.128.213 Redwood City California AS19551 Incapsula Inc 94065 United States tier_3 3 199.83.128.213.ip.incapdns.net
26 34.199.213.119 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_3 2 ec2-34-199-213-119.compute-1.amazonaws.com
27 34.201.214.108 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_3 2 ec2-34-201-214-108.compute-1.amazonaws.com
28 66.77.22.60 Wayne Pennsylvania AS209 CenturyLink Communications, LLC 19087 United States tier_3 2 nan
29 52.3.90.145 Virginia Beach Virginia AS14618 Amazon.com, Inc. 23464 United States tier_3 2 ec2-52-3-90-145.compute-1.amazonaws.com

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website