Daily Threat Intelligence Report

This report contains following information. All tables and graphs are auto-generated.

  1. Overall statistics
    1. Number of domains detected
    2. Number of domains detected by Google Safe Browsing
    3. IP address behind entry-level domains
    4. date of collection
  2. Top 10 domain statistics
    1. count (number of redirection paths that contain this domain)
    2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
    3. registar
    4. organization
  3. Top 10 IP statistics
    1. count
    2. location (city, country, region)
    3. hostname
    4. organization
  4. Consolidated redirection path
    1. green: tier one domain
    2. yellow: tier two domain
    3. red: tier three domain

Content Warning: The following domain names and screenshots contain material that may be harmful or traumatizing to some audiences.

num_domainnum_linksnum_full_urlnum_safebrowsing_maliciousnum_vt_maliciousdateipuser_agent
02542616810332021-08-0993.115.28.104Safari
tierdomaincountregistrarname_serversorg
0tier_1steamstatus.us1Communigal Communication Ltdns2.rentondc.comNone
1tier_1bbvabancontinental.com1Baronofdomains.com LLCNS1.RENTONDC.COMNone
2tier_118oocontacts.com1Media Elite Holdings LimitedNS1.RENTONDC.COMFundacion Privacy Services LTD
3tier_1craiglisthouston.com1Media Elite Holdings LimitedNS1.RENTONDC.COMFundacion Privacy Services LTD
4tier_11s2c3s.com1Communigal Communication LtdNS1.RENTONDC.COMNone
5tier_1arearoofingandsiding.com1TUCOWS, INC.NS1.RENTONDC.COMREDACTED FOR PRIVACY
6tier_1ccchanelcc.com1Domainsoverboard.com LLCNS1.RENTONDC.COMNone
7tier_1088800.com1TUCOWS, INC.NS1.RENTONDC.COMREDACTED FOR PRIVACY
8tier_1cloverush.com1Domains Etc LLCNS1.RENTONDC.COMNone
9tier_11txx.com1Media Elite Holdings LimitedNS1.RENTONDC.COMFundacion Privacy Services LTD
ipcityregionorgpostalcountry_nametiercount
0172.98.192.37Union CityGeorgiaAS31863 Centrilogic, Inc.30291United Statestier_142
1172.98.192.36Union CityGeorgiaAS31863 Centrilogic, Inc.30291United Statestier_142
293.115.28.104VilniusVilniusAS16125 UAB Cherry Servers01001Lithuaniatier_131

Aggregated redirection graph of domains located on current IP address.

  • The redirection flows from left to right
  • Leftmost domains are initial domains hosted on current IP
  • Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website