viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	298	299	1118	2	0	2020-10-04	103.224.182.207	Android

	tier	domain	count	registrar	name_servers	org
0	tier_1	puracandelatv.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
1	tier_1	codanova.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
2	tier_1	dudroid.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
3	tier_1	secondnaturecd.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
4	tier_1	vvvgrace.net	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
5	tier_1	03calls.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
6	tier_1	ddiziizle.net	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
7	tier_1	articlemarketingautomation.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
8	tier_1	benstreaming.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
9	tier_1	googledocs.co.uk	1	Internet Domain Services BS Corp t/a Internet.bs [Tag = IDS-BS]	n	None
10	tier_2	bidr.trellian.com	217	ABOVE.COM PTY LTD.	NS1.TRELLIAN.COM	REDACTED FOR PRIVACY
11	tier_2	track.amzinguidance.com	114	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
12	tier_2	trkads.info	102	DANESCO TRADING LTD	NS1.DIGITALOCEAN.COM	DANESCO TRADING LTD.
13	tier_2	google.com	102	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google LLC
14	tier_2	0redira.com	17	ABOVE.COM PTY LTD.	NS1.ABOVE.COM	REDACTED FOR PRIVACY
15	tier_2	11164440.searchiqnet.com	7	GoDaddy.com, LLC	NS57.DOMAINCONTROL.COM	Domains By Proxy, LLC
16	tier_2	query.pureleads.com	7	New Frontier, Inc.	NS1.P05.DYNECT.NET	Domain Protection Services, Inc.
17	tier_2	clickserve.dartsearch.net	5	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google LLC
18	tier_2	ad.doubleclick.net	5	None	None	None
19	tier_2	dbc.pathroutes.com	5	GoDaddy.com, LLC	NS75.DOMAINCONTROL.COM	Domains By Proxy, LLC
20	tier_3	instantprizesnow.com	114	NAMECHEAP INC	DAWN.NS.CLOUDFLARE.COM	WhoisGuard, Inc.
21	tier_3	google.com_LOOP_1	102	None	None	None
22	tier_3	amazon.com	5	MarkMonitor, Inc.	NS1.P31.DYNECT.NET	Amazon Technologies, Inc.
23	tier_3	mytears.restasis.com	4	None	None	None
24	tier_3	freeshipping.com	2	GoDaddy.com, LLC	ERIC.NS.CLOUDFLARE.COM	Clarus Direct
25	tier_3	everydayconsumers.com	2	GoDaddy.com, LLC	JANET.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
26	tier_3	macys.com	2	Network Solutions, LLC	A1-135.AKAM.NET	None
27	tier_3	bidr.trellian.com	2	ABOVE.COM PTY LTD.	NS1.TRELLIAN.COM	REDACTED FOR PRIVACY
28	tier_3	cellularoutfitter.com_LOOP_2	1	None	None	None
29	tier_3	zoro.com_LOOP_1	1	None	None	None

	ip	hostname	city	region	org	postal	country_name	tier	count
0	103.224.182.207	lb-182-207.above.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_1	241
1	103.224.182.206	bidr.trellian.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_2	217
2	34.226.252.28	ec2-34-226-252-28.compute-1.amazonaws.com	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23471	United States	tier_2	114
3	165.22.162.145	nan	Santa Clara	California	AS14061 DigitalOcean, LLC	95051	United States	tier_2	102
4	172.217.165.132	lax30s03-in-f4.1e100.net	Los Angeles	California	AS15169 Google LLC	90009	United States	tier_2	27
5	142.250.64.100	lga34s31-in-f4.1e100.net	New York City	New York	AS15169 Google LLC	10004	United States	tier_2	24
6	209.132.243.15	nan	Los Angeles	California	AS7296 Alchemy Communications, Inc.	90009	United States	tier_2	19
7	172.217.10.132	lga34s16-in-f4.1e100.net	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_2	17
8	103.224.212.241	lb-212-241.above.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_2	17
9	172.217.10.100	lga34s15-in-f4.1e100.net	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_2	10
10	172.217.12.196	lga25s63-in-f4.1e100.net	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_2	6
11	100.37.135.2	pool-100-37-135-2.nycmny.fios.verizon.net	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	107
12	172.67.144.45	nan	New York City	New York	AS13335 Cloudflare, Inc.	10004	United States	tier_3	38
13	104.18.51.94	nan	Atlantic City	New Jersey	AS13335 Cloudflare, Inc.	08404	United States	tier_3	38
14	104.18.50.94	nan	Atlantic City	New Jersey	AS13335 Cloudflare, Inc.	08404	United States	tier_3	38
15	13.33.83.196	server-13-33-83-196.ewr52.r.cloudfront.net	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	4
16	34.202.188.95	ec2-34-202-188-95.compute-1.amazonaws.com	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23471	United States	tier_3	3
17	172.67.219.253	nan	New York City	New York	AS13335 Cloudflare, Inc.	10004	United States	tier_3	2
18	23.41.189.63	a23-41-189-63.deploy.static.akamaitechnologies.com	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	2
19	54.224.113.54	ec2-54-224-113-54.compute-1.amazonaws.com	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23471	United States	tier_3	1
20	104.22.13.220	nan	New York City	New York	AS13335 Cloudflare, Inc.	10004	United States	tier_3	1

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶