viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	381	387	1373	1	0	2020-10-28	103.224.182.207	Iphone

	tier	domain	count	registrar	name_servers	org
0	tier_1	puracandelatv.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
1	tier_1	codanova.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
2	tier_1	dudroid.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
3	tier_1	secondnaturecd.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
4	tier_1	vvvgrace.net	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
5	tier_1	03calls.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
6	tier_1	soal-psikotest.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
7	tier_1	ddiziizle.net	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
8	tier_1	benstreaming.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
9	tier_1	a-doctor-in-the-house.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
10	tier_2	bidr.trellian.com	276	ABOVE.COM PTY LTD.	NS1.TRELLIAN.COM	REDACTED FOR PRIVACY
11	tier_2	changeslots.com	216	Instra Corporation Pty Ltd.	CLEO.NS.CLOUDFLARE.COM	REDACTED FOR PRIVACY
12	tier_2	go.trackinz.com	46	None	None	None
13	tier_2	0redira.com	33	ABOVE.COM PTY LTD.	NS1.ABOVE.COM	REDACTED FOR PRIVACY
14	tier_2	us.redirectbuzz.club	14	Gandi SAS	ns-2.awsdns-00.com	PPCBUZZ
15	tier_2	recode.pw	14	Gandi SAS	NS-1611.AWSDNS-09.CO.UK	None
16	tier_2	api.apientry.com	10	GoDaddy.com, LLC	ELMA.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
17	tier_2	portablemusic.mobi	10	GoDaddy.com, LLC	None	None
18	tier_2	11164440.searchiqnet.com	8	GoDaddy.com, LLC	NS57.DOMAINCONTROL.COM	Domains By Proxy, LLC
19	tier_2	susd.lugos-cla.com	7	Amazon Registrar, Inc.	NS-1412.AWSDNS-48.ORG	Whois Privacy Service
20	tier_3	theconnectvpn.com	216	DonDominio (SCIP)	ARNOLD.NS.CLOUDFLARE.COM	Soluciones Corporativas IP, c/o Whois Proxy
21	tier_3	checkherefun.com	39	None	None	None
22	tier_3	pes20.proasdf.com	10	GoDaddy.com, LLC	NS61.DOMAINCONTROL.COM	Domains By Proxy, LLC
23	tier_3	promotionsonlineus.com	7	GoDaddy.com, LLC	ALEXIS.NS.CLOUDFLARE.COM	None
24	tier_3	localpages.com	4	Network Solutions, LLC	NS1.FABULOUSCDN.COM	None
25	tier_3	carsnspeed.net	4	GANDI SAS	NS-1120.AWSDNS-12.ORG	PPCBUZZ
26	tier_3	amazon.com	3	MarkMonitor, Inc.	NS1.P31.DYNECT.NET	Amazon Technologies, Inc.
27	tier_3	samsung.com	3	None	None	None
28	tier_3	play.google.com	3	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google LLC
29	tier_3	minecraft.net	3	TUCOWS, INC.	NS-1395.AWSDNS-46.ORG	Contact Privacy Inc. Customer 0120735043

	ip	hostname	city	region	org	postal	country_name	tier	count
0	103.224.182.207	lb-182-207.above.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_1	310
1	103.224.212.221	lb-212-221.above.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_1	1
2	103.224.182.206	bidr.trellian.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_2	276
3	34.207.32.33	ec2-34-207-32-33.compute-1.amazonaws.com	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23471	United States	tier_2	216
4	34.226.252.28	ec2-34-226-252-28.compute-1.amazonaws.com	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23471	United States	tier_2	46
5	103.224.212.241	lb-212-241.above.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_2	33
6	209.132.243.15	nan	Wyoming	Michigan	AS7296 Alchemy Communications, Inc.	49509	United States	tier_2	21
7	34.199.107.160	ec2-34-199-107-160.compute-1.amazonaws.com	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23471	United States	tier_2	14
8	67.212.173.78	server04.com-2.mobi	Chicago	Illinois	AS32475 SingleHop LLC	60666	United States	tier_2	7
9	54.175.126.175	ec2-54-175-126-175.compute-1.amazonaws.com	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23471	United States	tier_2	6
10	172.64.132.8	nan	Greenville	South Carolina	AS13335 Cloudflare, Inc.	29616	United States	tier_2	6
11	31.170.100.125	nan	Madrid	Madrid	AS201942 Soltia Consulting SL	28001	Spain	tier_2	6
12	172.67.181.234	nan	New York City	New York	AS13335 Cloudflare, Inc.	10004	United States	tier_3	99
13	104.27.186.165	nan	New York City	New York	AS13335 Cloudflare, Inc.	10004	United States	tier_3	74
14	104.27.187.165	nan	New York City	New York	AS13335 Cloudflare, Inc.	10004	United States	tier_3	43
15	157.245.227.32	nan	Santa Clara	California	AS14061 DigitalOcean, LLC	95051	United States	tier_3	39
16	162.243.10.151	nan	New York City	New York	AS14061 DigitalOcean, LLC	10011	United States	tier_3	10
17	66.63.171.200	66.63.171.200.static.quadranet.com	Los Angeles	California	AS8100 QuadraNet Enterprises LLC	90014	United States	tier_3	4
18	172.64.100.4	nan	New York City	New York	AS13335 Cloudflare, Inc.	10004	United States	tier_3	4
19	13.225.224.25	server-13-225-224-25.jfk51.r.cloudfront.net	Atlantic City	New Jersey	AS16509 Amazon.com, Inc.	08404	United States	tier_3	3
20	23.221.210.196	a23-221-210-196.deploy.static.akamaitechnologies.com	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	3
21	172.64.101.4	nan	New York City	New York	AS13335 Cloudflare, Inc.	10004	United States	tier_3	3

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶