viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	116	118	395	0	0	2020-12-08	37.48.65.149	Chrome

	tier	domain	count	registrar	name_servers	org
0	tier_1	mypirateproxy.com	1	Chipshot Domains LLC	NS1.DNSNUTS.COM	The Management Group II
1	tier_1	templatesuplex.com	1	Skykomishdomains.com LLC	NS1.DNSNUTS.COM	None
2	tier_1	panorama-pamporovo.com	1	Snapsource LLC	NS1.DNSNUTS.COM	None
3	tier_1	dl4warez.com	1	NamePal.com #8013 Inc.	NS1.DNSNUTS.COM	The Management Group II
4	tier_1	codecramp.com	1	Traffic Names, Incorporated	NS1.DNSNUTS.COM	None
5	tier_1	mowalls.net	1	eNomToo, Inc.	NS1.DNSNUTS.COM	None
6	tier_1	bryantan.info	1	BigLizarddomains.com LLC	NS1.DNSNUTS.COM	Statutory Masking Enabled
7	tier_1	jostoto.us	1	UdomainName.com LLC	ns2.dnsnuts.com	None
8	tier_1	aish.us	1	UdomainName.com LLC	ns2.dnsnuts.com	None
9	tier_1	mangaice.com	1	Leatherneckdomains.com, LLC	NS1.DNSNUTS.COM	The Management Group II
10	tier_2	dprtb.com	38	GoDaddy.com, LLC	NS1.DNSIMPLE.COM	Domains By Proxy, LLC
11	tier_2	1496.wcitianka.com	36	GoDaddy Online Services Cayman Islands LTD	NS-1096.AWSDNS-09.ORG	None
12	tier_2	americanlisted.com	36	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
13	tier_2	click.expmediadirect.com	18	None	None	None
14	tier_2	click.appcast.io	17	101Domain GRS Ltd	NS-85.AWSDNS-10.COM	None
15	tier_2	rd.lcjalerts.com	17	GoDaddy.com, LLC	NS-130.AWSDNS-16.COM	Domains By Proxy, LLC
16	tier_2	us.jobtome.com	16	GoDaddy.com, LLC	CHRIS.NS.CLOUDFLARE.COM	Jobtome Internantional SA
17	tier_2	rd.torchdaily.com	10	GoDaddy.com, LLC	NS-1225.AWSDNS-25.ORG	Domains By Proxy, LLC
18	tier_2	krvtrk.com	10	None	None	None
19	tier_2	jsv3.recruitics.com	8	TUCOWS, INC.	NS1.P24.DYNECT.NET	REDACTED FOR PRIVACY
20	tier_3	jobs2careers.com	11	Amazon Registrar, Inc.	NS-1189.AWSDNS-20.ORG	Whois Privacy Service
21	tier_3	myhealthcycle.com	10	None	None	None
22	tier_3	turbo-pdf.com	9	None	None	None
23	tier_3	shipt.com_LOOP_1	7	None	None	None
24	tier_3	homedepotretailjobs.com	5	CSC CORPORATE DOMAINS, INC.	NS-1365.AWSDNS-42.ORG	Home Depot Product Authority, LLC
25	tier_3	feed.int.jobble.com	3	GoDaddy.com, LLC	NS-1238.AWSDNS-26.ORG	Domains By Proxy, LLC
26	tier_3	qualitydriversolutions.thejobnetwork.com	2	GoDaddy.com, LLC	NS-1356.AWSDNS-41.ORG	RealMatch
27	tier_3	sjobs.brassring.com	2	CSC CORPORATE DOMAINS, INC.	A1-160.AKAM.NET	Not Disclosed
28	tier_3	macys.com	2	Network Solutions, LLC	A1-135.AKAM.NET	Macy's Systems and Technology, Inc.
29	tier_3	the-house.com	1	GoDaddy.com, LLC	NS-1305.AWSDNS-35.ORG	Active Sports, Inc.

	ip	city	region	org	postal	country_name	tier	count	hostname
0	207.244.67.218	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	23	nan
1	207.244.67.216	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	13	nan
2	207.244.67.215	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	11	nan
3	207.244.67.214	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	8	nan
4	64.32.8.67	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	2	customer.sharktech.net
5	185.107.56.59	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	2	nan
6	37.48.65.150	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	2	nan
7	64.32.8.69	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	1	customer.sharktech.net
8	37.48.65.149	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	1	nan
9	185.107.56.58	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	1	nan
10	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	40	nan
11	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	36	nan
12	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_2	36	240.61.209.35.bc.googleusercontent.com
13	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	18	nan
14	130.211.38.206	Kansas City	Missouri	AS15169 Google LLC	64121	United States	tier_2	16	206.38.211.130.bc.googleusercontent.com
15	3.86.134.189	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	12	ec2-3-86-134-189.compute-1.amazonaws.com
16	34.203.143.4	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	10	ec2-34-203-143-4.compute-1.amazonaws.com
17	34.194.75.233	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	10	ec2-34-194-75-233.compute-1.amazonaws.com
18	3.211.178.164	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	7	ec2-3-211-178-164.compute-1.amazonaws.com
19	34.234.179.35	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	7	ec2-34-234-179-35.compute-1.amazonaws.com
20	157.245.245.47	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	10	nan
21	178.128.246.195	Amsterdam	North Holland	AS14061 DigitalOcean, LLC	1012	Netherlands	tier_3	9	nan
22	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	8	pool-100-37-135-2.nycmny.fios.verizon.net
23	34.236.61.118	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_3	6	ec2-34-236-61-118.compute-1.amazonaws.com
24	13.225.229.69	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_3	3	server-13-225-229-69.jfk51.r.cloudfront.net
25	199.83.128.213	Redwood City	California	AS19551 Incapsula Inc	94065	United States	tier_3	3	199.83.128.213.ip.incapdns.net
26	34.199.213.119	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_3	2	ec2-34-199-213-119.compute-1.amazonaws.com
27	34.201.214.108	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_3	2	ec2-34-201-214-108.compute-1.amazonaws.com
28	66.77.22.60	Wayne	Pennsylvania	AS209 CenturyLink Communications, LLC	19087	United States	tier_3	2	nan
29	52.3.90.145	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_3	2	ec2-52-3-90-145.compute-1.amazonaws.com

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶