Malware Discoverer Github Homepage.

Daily Threat Intelligence Report

This report contains following information. All tables and graphs are auto-generated.

1. Overall statistics
   1. Number of domains detected
   2. Number of domains detected by Google Safe Browsing
   3. IP address behind entry-level domains
   4. date of collection
2. Top 10 domain statistics
   1. count (number of redirection paths that contain this domain)
   2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
   3. registar
   4. organization
3. Top 10 IP statistics
   1. count
   2. location (city, country, region)
   3. hostname
   4. organization
4. Consolidated redirection path
   1. green: tier one domain
   2. yellow: tier two domain
   3. red: tier three domain

Content Warning: The following domain names and screenshots contain material that may be harmful or traumatizing to some audiences.

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	254	261	681	0	33	2021-08-09	93.115.28.104	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	steamstatus.us	1	Communigal Communication Ltd	ns2.rentondc.com	None
1	tier_1	bbvabancontinental.com	1	Baronofdomains.com LLC	NS1.RENTONDC.COM	None
2	tier_1	18oocontacts.com	1	Media Elite Holdings Limited	NS1.RENTONDC.COM	Fundacion Privacy Services LTD
3	tier_1	craiglisthouston.com	1	Media Elite Holdings Limited	NS1.RENTONDC.COM	Fundacion Privacy Services LTD
4	tier_1	1s2c3s.com	1	Communigal Communication Ltd	NS1.RENTONDC.COM	None
5	tier_1	arearoofingandsiding.com	1	TUCOWS, INC.	NS1.RENTONDC.COM	REDACTED FOR PRIVACY
6	tier_1	ccchanelcc.com	1	Domainsoverboard.com LLC	NS1.RENTONDC.COM	None
7	tier_1	088800.com	1	TUCOWS, INC.	NS1.RENTONDC.COM	REDACTED FOR PRIVACY
8	tier_1	cloverush.com	1	Domains Etc LLC	NS1.RENTONDC.COM	None
9	tier_1	1txx.com	1	Media Elite Holdings Limited	NS1.RENTONDC.COM	Fundacion Privacy Services LTD

	ip	city	region	org	postal	country_name	tier	count
0	172.98.192.37	Union City	Georgia	AS31863 Centrilogic, Inc.	30291	United States	tier_1	42
1	172.98.192.36	Union City	Georgia	AS31863 Centrilogic, Inc.	30291	United States	tier_1	42
2	93.115.28.104	Vilnius	Vilnius	AS16125 UAB Cherry Servers	01001	Lithuania	tier_1	31

Aggregated redirection graph of domains located on current IP address.

• The redirection flows from left to right
• Leftmost domains are initial domains hosted on current IP
• Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website