viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	449	468	1733	1	0	2020-10-29	103.224.182.207	Android

	tier	domain	count	registrar	name_servers	org
0	tier_1	erokuni.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
1	tier_1	codanova.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
2	tier_1	cocers.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
3	tier_1	annagoesshopping.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
4	tier_1	barboach.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
5	tier_1	bellewe.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
6	tier_1	03calls.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
7	tier_1	dx-torrent.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
8	tier_1	animewapers.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
9	tier_1	benstreaming.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
10	tier_2	bidr.trellian.com	177	ABOVE.COM PTY LTD.	NS1.TRELLIAN.COM	REDACTED FOR PRIVACY
11	tier_2	us.redirectbuzz.club	171	Gandi SAS	ns-2.awsdns-00.com	PPCBUZZ
12	tier_2	recode.pw	145	Gandi SAS	NS-1611.AWSDNS-09.CO.UK	None
13	tier_2	portablemusic.mobi	77	GoDaddy.com, LLC	None	None
14	tier_2	maromorb.com	70	NameSilo, LLC	ELMA.NS.CLOUDFLARE.COM	See PrivacyGuardian.org
15	tier_2	0redira.com	62	ABOVE.COM PTY LTD.	NS1.ABOVE.COM	REDACTED FOR PRIVACY
16	tier_2	reroplittrewheck.pro	35	DANESCO TRADING LTD	NS-280.AWSDNS-35.COM	DANESCO TRADING LTD.
17	tier_2	track.fungiers.com	35	GoDaddy.com, LLC	NS73.DOMAINCONTROL.COM	None
18	tier_2	wolve.pro	33	DANESCO TRADING LTD	AIDEN.NS.CLOUDFLARE.COM	DANESCO TRADING LTD.
19	tier_2	bxt1.shaperal.com	32	GoDaddy.com, LLC	DESI.NS.CLOUDFLARE.COM	None
20	tier_3	carsnspeed.net	67	GANDI SAS	NS-1120.AWSDNS-12.ORG	PPCBUZZ
21	tier_3	172.104.184.43	32	Name.com, Inc.	NS1.LINODE.COM	Linode, LLC
22	tier_3	pes20.proasdf.com	13	GoDaddy.com, LLC	NS61.DOMAINCONTROL.COM	Domains By Proxy, LLC
23	tier_3	amazon.com	11	MarkMonitor, Inc.	NS1.P31.DYNECT.NET	Amazon Technologies, Inc.
24	tier_3	samsung.com	11	None	None	None
25	tier_3	clk.news-headlines.co	11	NAMECHEAP INC	ns-1428.awsdns-50.org	WhoisGuard, Inc.
26	tier_3	blog.sfgate.com	6	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.
27	tier_3	macys.com	3	Network Solutions, LLC	A1-135.AKAM.NET	None
28	tier_3	bizrate.com	3	MarkMonitor, Inc.	NS-1189.AWSDNS-20.ORG	Meredith Corporation
29	tier_3	query.pureleads.com	3	New Frontier, Inc.	NS1.P05.DYNECT.NET	Domain Protection Services, Inc.

	ip	hostname	city	region	org	postal	country_name	tier	count
0	103.224.182.207	lb-182-207.above.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_1	255
1	103.224.182.206	bidr.trellian.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_2	177
2	103.224.212.241	lb-212-241.above.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_2	62
3	209.132.243.15	nan	Wyoming	Michigan	AS7296 Alchemy Communications, Inc.	49509	United States	tier_2	49
4	172.64.108.15	nan	New York City	New York	AS13335 Cloudflare, Inc.	10004	United States	tier_2	37
5	67.212.173.78	server04.com-2.mobi	Chicago	Illinois	AS32475 SingleHop LLC	60666	United States	tier_2	32
6	172.64.109.15	nan	New York City	New York	AS13335 Cloudflare, Inc.	10004	United States	tier_2	30
7	66.232.112.68	66-232-112-68.static.hvvc.us	Tampa	Florida	AS29802 HIVELOCITY, Inc.	33606	United States	tier_2	28
8	66.232.112.74	66-232-112-74.static.hvvc.us	Denver	Colorado	AS29802 HIVELOCITY, Inc.	80210	United States	tier_2	25
9	213.32.106.141	ip141.ip-213-32-106.eu	Luxembourg	Luxembourg	AS16276 OVH SAS	L-1118	Luxembourg	tier_2	24
10	31.170.100.126	nan	Madrid	Madrid	AS201942 Soltia Consulting SL	28001	Spain	tier_2	20
11	100.37.135.2	pool-100-37-135-2.nycmny.fios.verizon.net	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	37
12	172.104.184.43	li1775-43.members.linode.com	Singapore	Singapore	AS63949 Linode, LLC	048508	Singapore	tier_3	32
13	162.243.10.151	nan	New York City	New York	AS14061 DigitalOcean, LLC	10011	United States	tier_3	13
14	23.221.210.196	a23-221-210-196.deploy.static.akamaitechnologies.com	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	9
15	13.225.224.25	server-13-225-224-25.jfk51.r.cloudfront.net	Atlantic City	New Jersey	AS16509 Amazon.com, Inc.	08404	United States	tier_3	8
16	66.232.112.86	66-232-112-86.static.hvvc.us	Tampa	Florida	AS29802 HIVELOCITY, Inc.	33606	United States	tier_3	7
17	151.101.0.200	nan	Singapore	Singapore	AS54113 Fastly	048508	Singapore	tier_3	6
18	66.232.112.90	66-232-112-90.static.hvvc.us	Tampa	Florida	AS29802 HIVELOCITY, Inc.	33606	United States	tier_3	6
19	66.232.112.81	66-232-112-81.static.hvvc.us	Tampa	Florida	AS29802 HIVELOCITY, Inc.	33606	United States	tier_3	6
20	66.232.112.73	66-232-112-73.static.hvvc.us	Tampa	Florida	AS29802 HIVELOCITY, Inc.	33606	United States	tier_3	6

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶