viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	114	113	323	0	0	2020-11-19	37.48.65.149	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	heyphim.com	1	Fetch Registrar, LLC	NS1.DNSNUTS.COM	None
1	tier_1	arpasuyu.net	1	Domain Grabber LLC	NS1.DNSNUTS.COM	None
2	tier_1	35ink.com	1	CloudBreakDomains, LLC	NS1.DNSNUTS.COM	None
3	tier_1	paydayloansfastcasha.com	1	Domainsoverboard.com LLC	NS1.DNSNUTS.COM	None
4	tier_1	ua24ua.com	1	Ripcurl Domains, LLC	NS1.DNSNUTS.COM	None
5	tier_1	flippaper.net	1	SNAPNAMES 22, LLC	NS1.DNSNUTS.COM	None
6	tier_1	cvv2.cc	1	Dropcatch Marketplace LLC	NS1.DNSNUTS.COM	None
7	tier_1	bluebonnetfederalcreditunion.com	1	Sea Wasp, LLC	NS1.DNSNUTS.COM	Savvy Investments, LLC Privacy ID# 772559
8	tier_1	webmformat.com	1	Alpha Beta Domains LLC	NS1.DNSNUTS.COM	None
9	tier_1	policeanalyst.com	1	Atomicdomainnames.com LLC	NS1.DNSNUTS.COM	None
10	tier_2	sopho-kat.com	26	Amazon Registrar, Inc.	NS-1009.AWSDNS-62.NET	Whois Privacy Service
11	tier_2	dprtb.com	25	GoDaddy.com, LLC	NS1.DNSIMPLE.COM	Domains By Proxy, LLC
12	tier_2	1496.wcitianka.com	20	GoDaddy Online Services Cayman Islands LTD	NS-1096.AWSDNS-09.ORG	None
13	tier_2	americanlisted.com	19	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
14	tier_2	verifiedclicker.com	18	TUCOWS, INC.	1-YOU.NJALLA.NO	REDACTED FOR PRIVACY
15	tier_2	mnason-hec.com	15	Amazon Registrar, Inc.	NS-1205.AWSDNS-22.ORG	Whois Privacy Service
16	tier_2	btpnative.com	14	GoDaddy.com, LLC	NS1.DNSIMPLE.COM	Domains By Proxy, LLC
17	tier_2	infopicked.com	12	NAMECHEAP INC	NS0.DNSMADEEASY.COM	WhoisGuard, Inc.
18	tier_2	track.vcdc.com	4	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
19	tier_2	rd.bizrate.com	4	MarkMonitor, Inc.	NS-1189.AWSDNS-20.ORG	Meredith Corporation
20	tier_3	us.tideri.com	19	united domains AG	NS.UDAG.DE	None
21	tier_3	antivirus-protection.me	18	NAMECHEAP INC	None	None
22	tier_3	toovolution.club	15	None	None	None
23	tier_3	affbank.com	3	DANESCO TRADING LTD	GABE.NS.CLOUDFLARE.COM	Advertecy LTD
24	tier_3	us.search.yahoo.com	1	MarkMonitor, Inc.	NS1.YAHOO.COM	Oath Inc.
25	tier_3	maxlend.com_LOOP_1	1	None	None	None
26	tier_3	kbb.com	1	CSC CORPORATE DOMAINS, INC.	PDNS164.ULTRADNS.BIZ	Autotrader.com
27	tier_3	womanwithin.com	1	CSC CORPORATE DOMAINS, INC.	PDNS1.ULTRADNS.NET	FullBeauty Brands Operations, LLC
28	tier_3	fragrancex.com	1	GoDaddy.com, LLC	NS1.P16.DYNECT.NET	FragranceX.com Inc.
29	tier_3	reebok.com	1	CSC CORPORATE DOMAINS, INC.	NS1.NETNAMES.NET	Reebok International, Ltd.

	ip	city	region	org	postal	country_name	tier	count	hostname
0	207.244.67.214	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	19	nan
1	207.244.67.215	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	16	nan
2	207.244.67.216	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	14	nan
3	207.244.67.218	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	14	nan
4	185.107.56.57	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	1	nan
5	185.107.56.59	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	1	nan
6	185.107.56.58	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	1	nan
7	64.32.8.69	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	1	customer.sharktech.net
8	64.32.8.68	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	1	customer.sharktech.net
9	64.32.8.70	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	1	customer.sharktech.net
10	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	39	nan
11	52.205.210.89	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23450	United States	tier_2	21	ec2-52-205-210-89.compute-1.amazonaws.com
12	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	20	nan
13	54.225.132.253	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23450	United States	tier_2	20	ec2-54-225-132-253.compute-1.amazonaws.com
14	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_2	19	240.61.209.35.bc.googleusercontent.com
15	134.209.199.255	Amsterdam	North Holland	AS14061 DigitalOcean, LLC	1012	Netherlands	tier_2	18	nan
16	173.192.101.24	Dallas	Texas	AS36351 SoftLayer Technologies Inc.	75270	United States	tier_2	14	18.65.c0ad.ip4.static.sl-reverse.com
17	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_2	4	rd.bizrate.com
18	66.165.243.151	Tampa	Florida	AS29802 HIVELOCITY, Inc.	33606	United States	tier_2	3	66-165-243-151.static.hvvc.us
19	192.138.218.139	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_2	3	rd.connexity.net
20	35.246.171.123	Frankfurt am Main	Hesse	AS15169 Google LLC	60311	Germany	tier_3	19	123.171.246.35.bc.googleusercontent.com
21	172.86.75.234	Amsterdam	North Holland	AS40676 Psychz Networks	1017	Netherlands	tier_3	18	nan
22	13.32.182.128	Washington	Washington, D.C.	AS16509 Amazon.com, Inc.	20045	United States	tier_3	8	server-13-32-182-128.iad66.r.cloudfront.net
23	13.32.182.45	Washington	Washington, D.C.	AS16509 Amazon.com, Inc.	20045	United States	tier_3	3	server-13-32-182-45.iad66.r.cloudfront.net
24	13.32.182.48	Washington	Washington, D.C.	AS16509 Amazon.com, Inc.	20045	United States	tier_3	3	server-13-32-182-48.iad66.r.cloudfront.net
25	35.156.139.229	Frankfurt am Main	Hesse	AS16509 Amazon.com, Inc.	60311	Germany	tier_3	3	ec2-35-156-139-229.eu-central-1.compute.amazonaws.com
26	66.218.84.137	Atlantic City	New Jersey	AS26101 Oath Holdings Inc.	08404	United States	tier_3	1	ats1.l7.search.vip.bf1.yahoo.com
27	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	1	pool-100-37-135-2.nycmny.fios.verizon.net
28	23.44.217.143	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a23-44-217-143.deploy.static.akamaitechnologies.com
29	13.32.182.43	Washington	Washington, D.C.	AS16509 Amazon.com, Inc.	20045	United States	tier_3	1	server-13-32-182-43.iad66.r.cloudfront.net

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶