viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	76	73	105	0	0	2020-11-28	103.224.182.207	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	animewapers.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
1	tier_1	blacherreport.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
2	tier_1	asdfsadf.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
3	tier_1	arphanetbr.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
4	tier_1	boardsgalore.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
5	tier_1	appsclaro.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
6	tier_1	babyshower-decorations.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
7	tier_1	apmazon.com	1	TLD Registrar Solutions Ltd.	NS1.ABOVE.COM	Whois Privacy Corp.
8	tier_1	animekiller.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
9	tier_1	92dresses.com	1	GoDaddy.com, LLC	NS1.ABOVE.COM	None
10	tier_2	xml.sedodna.com	8	PSI-USA, Inc. dba Domain Robot	NS-1222.AWSDNS-24.ORG	None
11	tier_2	bidr.trellian.com	6	ABOVE.COM PTY LTD.	NS1.TRELLIAN.COM	REDACTED FOR PRIVACY
12	tier_2	build.mediapicker.com	3	GoDaddy.com, LLC	RAQUEL.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
13	tier_2	seemlast.monster	3	None	None	None
14	tier_2	ww2.siteplug.com	3	None	None	None
15	tier_2	sopho-kat.com	2	Amazon Registrar, Inc.	NS-1009.AWSDNS-62.NET	Whois Privacy Service
16	tier_2	amzn.to	2	None	None	None
17	tier_2	rd.bizrate.com	2	MarkMonitor, Inc.	NS-1189.AWSDNS-20.ORG	Meredith Corporation
18	tier_2	rd.connexity.net	2	None	None	None
19	tier_2	bodybuilding.sjv.io	2	GANDI SAS	NS-545.AWSDNS-04.NET	None
20	tier_3	macpaw.com	3	GANDI SAS	NS-1492.AWSDNS-58.ORG	MacPaw Family Ltd.
21	tier_3	irl.com	2	GoDaddy.com, LLC	NS-106.AWSDNS-13.COM	Domains By Proxy, LLC
22	tier_3	amazon.com	2	MarkMonitor, Inc.	NS1.P31.DYNECT.NET	Amazon Technologies, Inc.
23	tier_3	bodybuilding.com	2	None	None	None
24	tier_3	boot-upcompletely-therefinedfile.best	1	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
25	tier_3	boot-upintensely-thesophisticatedfile.best	1	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
26	tier_3	samsclub.com_LOOP_1	1	None	None	None
27	tier_3	macys.com	1	Network Solutions, LLC	A1-135.AKAM.NET	None
28	tier_3	boot-upprecise-theintenselyfile.best	1	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
29	tier_3	theconnectvpn.com	1	DonDominio (SCIP)	ARNOLD.NS.CLOUDFLARE.COM	Soluciones Corporativas IP, c/o Whois Proxy

	ip	hostname	city	region	org	postal	country_name	tier	count
0	103.224.182.207	lb-182-207.above.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_1	19
1	91.195.240.136	nan	Munich	Bavaria	AS47846 SEDO GmbH	80331	Germany	tier_2	9
2	173.239.53.32	nan	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	8
3	103.224.182.206	bidr.trellian.com	Caulfield South	Victoria	AS133618 Trellian Pty. Limited	3193	Australia	tier_2	6
4	18.210.49.168	ec2-18-210-49-168.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	3
5	192.138.218.207	rd.bizrate.com	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_2	3
6	199.59.242.153	nan	Tampa	Florida	AS395082 Bodis, LLC	33609	United States	tier_2	3
7	216.139.248.127	216-139-248-127.aus.us.siteprotect.com	Austin	Texas	AS32400 Hostway Services, Inc.	73301	United States	tier_2	3
8	67.199.248.13	cname.bitly.com	New York City	New York	AS396982 Google LLC	10010	United States	tier_2	2
9	95.211.26.199	nan	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_2	2
10	54.225.132.253	ec2-54-225-132-253.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	2
11	75.101.207.6	ec2-75-101-207-6.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	3
12	35.224.231.200	200.231.224.35.bc.googleusercontent.com	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	3
13	100.37.135.2	pool-100-37-135-2.nycmny.fios.verizon.net	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	2
14	23.44.211.112	a23-44-211-112.deploy.static.akamaitechnologies.com	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_3	2
15	192.81.212.192	nan	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	1
16	13.225.224.25	server-13-225-224-25.jfk51.r.cloudfront.net	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_3	1
17	104.248.50.87	nan	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	1
18	23.33.97.165	a23-33-97-165.deploy.static.akamaitechnologies.com	New York City	New York	AS16625 Akamai Technologies, Inc.	10004	United States	tier_3	1
19	104.77.220.218	a104-77-220-218.deploy.static.akamaitechnologies.com	New York City	New York	AS16625 Akamai Technologies, Inc.	10004	United States	tier_3	1
20	104.27.186.165	nan	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶