viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	190	197	555	0	0	2020-11-26	207.244.67.215	Iphone

	tier	domain	count	registrar	name_servers	org
0	tier_1	blessedit.com	1	SNAPNAMES 29, LLC	NS1.DNSNUTS.COM	None
1	tier_1	deadlysinx.net	1	Domains of Origin, LLC	NS1.DNSNUTS.COM	None
2	tier_1	ddoba.net	1	Ripcurl Domains, LLC	NS1.DNSNUTS.COM	None
3	tier_1	film4vn.us	1	UdomainName.com LLC	ns2.dnsnuts.com	None
4	tier_1	johnsonscareers.net	1	DropWeek.com, LLC	NS1.DNSNUTS.COM	None
5	tier_1	alekseypopovv.net	1	Namearsenal.com LLC	NS1.DNSNUTS.COM	None
6	tier_1	buam.net	1	SNAPNAMES 3, LLC	NS1.DNSNUTS.COM	None
7	tier_1	newrf.net	1	Domainsurgeon.com LLC	NS1.DNSNUTS.COM	None
8	tier_1	codingvideos.net	1	Namecatch Zone LLC	NS1.DNSNUTS.COM	None
9	tier_1	easybed.nl	1	EuroDNS S.A.	ns1.dnsnuts.com	None
10	tier_2	sopho-kat.com	59	Amazon Registrar, Inc.	NS-1009.AWSDNS-62.NET	Whois Privacy Service
11	tier_2	track.vcdc.com	54	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
12	tier_2	atnpx.com	33	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
13	tier_2	changeslots.com	28	Instra Corporation Pty Ltd.	CLEO.NS.CLOUDFLARE.COM	REDACTED FOR PRIVACY
14	tier_2	api.quotes.com	27	Internet Domain Service BS Corp.	NS-CANADA.TOPDNS.COM	Whois Privacy Corp.
15	tier_2	ad.doubleclick.net	11	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google Inc.
16	tier_2	61101.click.validclick.net	9	Safenames Ltd	NS1.FULLMAILBOX.COM	None
17	tier_2	infopicked.com	8	NAMECHEAP INC	NS0.DNSMADEEASY.COM	WhoisGuard, Inc.
18	tier_2	go.trackinz.com	7	NAMECHEAP INC	NS-1139.AWSDNS-14.ORG	WhoisGuard, Inc.
19	tier_2	dprtb.com	6	GoDaddy.com, LLC	NS1.DNSIMPLE.COM	Domains By Proxy, LLC
20	tier_3	kbb.com	33	CSC CORPORATE DOMAINS, INC.	PDNS164.ULTRADNS.BIZ	Autotrader.com
21	tier_3	theconnectvpn.com	28	DonDominio (SCIP)	ARNOLD.NS.CLOUDFLARE.COM	Soluciones Corporativas IP, c/o Whois Proxy
22	tier_3	track.vcdc.com	17	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
23	tier_3	blog.sfchronicle.com	10	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.
24	tier_3	blog.chron.com	7	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Newspapers, LLC
25	tier_3	checkthistime.com	7	NAMECHEAP INC	NS-1262.AWSDNS-29.ORG	WhoisGuard, Inc.
26	tier_3	blog.sfgate.com	7	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.
27	tier_3	clk.news-headlines.co	3	NAMECHEAP INC	ns-1428.awsdns-50.org	WhoisGuard, Inc.
28	tier_3	allbestsecureus.com	2	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
29	tier_3	alets-system.com	1	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.

	ip	city	region	org	postal	country_name	tier	count	hostname
0	207.244.67.218	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	23	nan
1	207.244.67.214	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	21	nan
2	207.244.67.216	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	17	nan
3	207.244.67.215	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	14	nan
4	185.107.56.59	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	8	nan
5	185.107.56.58	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	7	nan
6	37.48.65.150	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	7	nan
7	37.48.65.151	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	7	nan
8	37.48.65.149	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	6	nan
9	37.48.65.148	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	5	nan
10	54.225.132.253	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23450	United States	tier_2	41	ec2-54-225-132-253.compute-1.amazonaws.com
11	34.207.32.33	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23450	United States	tier_2	28	ec2-34-207-32-33.compute-1.amazonaws.com
12	5.79.68.236	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_2	27	nan
13	204.44.79.214	Los Angeles	California	AS8100 QuadraNet Enterprises LLC	90014	United States	tier_2	25	204.44.79.214.static.quadranet.com
14	104.26.11.53	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_2	20	nan
15	52.205.210.89	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23450	United States	tier_2	19	ec2-52-205-210-89.compute-1.amazonaws.com
16	173.192.101.24	Dallas	Texas	AS36351 SoftLayer Technologies Inc.	75270	United States	tier_2	16	18.65.c0ad.ip4.static.sl-reverse.com
17	94.130.185.237	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	15	static.237.185.130.94.clients.your-server.de
18	94.130.186.231	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	15	static.231.186.130.94.clients.your-server.de
19	144.76.0.242	Kyiv	Kyiv City	AS24940 Hetzner Online GmbH	03027	Ukraine	tier_2	13	static.242.0.76.144.clients.your-server.de
20	23.44.217.143	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	33	a23-44-217-143.deploy.static.akamaitechnologies.com
21	138.201.252.161	Geldern	North Rhine-Westphalia	AS24940 Hetzner Online GmbH	47608	Germany	tier_3	16	proxy.traffic.club
22	151.101.0.200	San Francisco	California	AS54113 Fastly	94107	United States	tier_3	14	nan
23	104.27.186.165	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	13	nan
24	98.129.228.57	Brookhaven	Mississippi	AS33070 Rackspace Hosting	39601	United States	tier_3	11	nan
25	104.27.187.165	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	10	nan
26	138.68.8.221	Santa Clara	California	AS14061 DigitalOcean, LLC	95051	United States	tier_3	7	nan
27	172.67.181.234	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	5	nan
28	64.225.2.103	Clifton	New Jersey	AS14061 DigitalOcean, LLC	07014	United States	tier_3	2	nan
29	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	2	pool-100-37-135-2.nycmny.fios.verizon.net

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶