viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	176	178	535	1	0	2020-12-11	207.244.67.215	Iphone

	tier	domain	count	registrar	name_servers	org
0	tier_1	arizona-sexcams.com	1	Top Pick Names LLC	NS1.DNSNUTS.COM	None
1	tier_1	bestmothertube.com	1	NamePal.com #8008 Inc.	NS1.DNSNUTS.COM	The Management Group II
2	tier_1	banmorktawan.com	1	DropWalk.com, Inc.	NS1.DNSNUTS.COM	None
3	tier_1	biznes-world.com	1	EunamesOregon.com LLC	NS1.DNSNUTS.COM	None
4	tier_1	bdlive71.com	1	NamePal.com #8023 Inc.	NS1.DNSNUTS.COM	None
5	tier_1	5uxiaoshuo.com	1	NamePal.com #8018 Inc.	NS1.DNSNUTS.COM	The Management Group II
6	tier_1	35ink.com	1	CloudBreakDomains, LLC	NS1.DNSNUTS.COM	None
7	tier_1	caljepcosta.com	1	Beartrapdomains.com LLC	NS1.DNSNUTS.COM	None
8	tier_1	arizonanationalbank.com	1	Sea Wasp, LLC	NS1.DNSNUTS.COM	Savvy Investments, LLC Privacy ID# 750202
9	tier_1	captitolone.com	1	Media Elite Holdings Limited	NS1.DNSNUTS.COM	Fundacion Privacy Services LTD
10	tier_2	euphe-gun.com	40	Amazon Registrar, Inc.	NS-1325.AWSDNS-37.ORG	Whois Privacy Service
11	tier_2	track.vcdc.com	37	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
12	tier_2	ad.doubleclick.net	31	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google Inc.
13	tier_2	api.quotes.com	29	Internet Domain Service BS Corp.	NS-CANADA.TOPDNS.COM	Whois Privacy Corp.
14	tier_2	changeslots.com	29	Instra Corporation Pty Ltd.	CLEO.NS.CLOUDFLARE.COM	REDACTED FOR PRIVACY
15	tier_2	atnpx.com	28	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
16	tier_2	r.ealeo.com	16	DYNADOT LLC	NS-1186.AWSDNS-20.ORG	None
17	tier_2	rd.bizrate.com	16	MarkMonitor, Inc.	NS-1189.AWSDNS-20.ORG	Meredith Corporation
18	tier_2	rd.connexity.net	15	None	None	None
19	tier_2	btpnative.com	7	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnative.com
20	tier_3	theconnectvpn.com	29	DonDominio (SCIP)	ARNOLD.NS.CLOUDFLARE.COM	Soluciones Corporativas IP, c/o Whois Proxy
21	tier_3	kbb.com	28	CSC CORPORATE DOMAINS, INC.	PDNS164.ULTRADNS.BIZ	Autotrader.com
22	tier_3	track.vcdc.com	11	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
23	tier_3	blog.sfgate.com	9	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.
24	tier_3	happierplacez.com	7	NAMECHEAP INC	NS-1336.AWSDNS-39.ORG	WhoisGuard, Inc.
25	tier_3	r.ealeo.com	3	DYNADOT LLC	NS-1186.AWSDNS-20.ORG	None
26	tier_3	m.kohls.com	2	Network Solutions, LLC	A1-236.AKAM.NET	Kohl's Illinois, Inc.
27	tier_3	brownells.com	2	Network Solutions, LLC	NS1.YOTTAA.NET	None
28	tier_3	blog.chron.com	2	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Newspapers, LLC
29	tier_3	m.costway.com_LOOP_1	1	None	None	None

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.214	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	27	nan	nan
1	207.244.67.216	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	26	nan	nan
2	207.244.67.218	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	25	nan	nan
3	207.244.67.215	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	18	nan	nan
4	37.48.65.151	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	3	nan	nan
5	37.48.65.148	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	2	nan	nan
6	185.107.56.59	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	2	nan	nan
7	185.107.56.58	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	2	nan	nan
8	37.48.65.150	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	2	nan	nan
9	64.32.8.67	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	1	customer.sharktech.net	nan
10	5.79.68.236	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_2	29	nan	nan
11	34.207.32.33	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	29	ec2-34-207-32-33.compute-1.amazonaws.com	nan
12	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_2	22	rd.bizrate.com	nan
13	172.217.10.38	Mountain View	California	AS15169 Google LLC	94043	United States	tier_2	17	lga34s13-in-f6.1e100.net	nan
14	66.165.243.151	Los Angeles	California	AS29802 HIVELOCITY, Inc.	90009	United States	tier_3	3	66-165-243-151.static.hvvc.us	nan
15	104.26.10.53	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_2	16	nan	True
16	192.138.218.139	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_2	15	rd.connexity.net	nan
17	3.221.180.161	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	15	ec2-3-221-180-161.compute-1.amazonaws.com	nan
18	173.192.101.24	Dallas	Texas	AS36351 SoftLayer Technologies Inc.	75270	United States	tier_2	14	18.65.c0ad.ip4.static.sl-reverse.com	nan
19	144.76.0.242	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	12	static.242.0.76.144.clients.your-server.de	nan
20	23.44.217.143	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	28	a23-44-217-143.deploy.static.akamaitechnologies.com	nan
21	172.67.181.234	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	11	nan	True
22	151.101.0.200	San Francisco	California	AS54113 Fastly	94107	United States	tier_3	11	nan	True
23	195.201.92.254	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_3	11	static.254.92.201.195.clients.your-server.de	nan
24	104.27.186.165	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	9	nan	True
25	104.27.187.165	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	9	nan	True
26	178.128.78.12	Santa Clara	California	AS14061 DigitalOcean, LLC	95051	United States	tier_3	7	nan	nan
27	66.165.243.151	Los Angeles	California	AS29802 HIVELOCITY, Inc.	90009	United States	tier_3	3	66-165-243-151.static.hvvc.us	nan
28	23.38.172.138	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	2	a23-38-172-138.deploy.static.akamaitechnologies.com	nan
29	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	1	pool-100-37-135-2.nycmny.fios.verizon.net	nan

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶