viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	195	207	757	0	0	2020-12-15	37.48.65.149	Android

	tier	domain	count	registrar	name_servers	org
0	tier_1	avg4.us	1	UdomainName.com LLC	ns1.dnsnuts.com	None
1	tier_1	playrusthq.com	1	Bounce Pass Domains LLC	NS1.DNSNUTS.COM	The Management Group II
2	tier_1	mysocaledlife.com	1	Magnolia Domains, LLC	NS1.DNSNUTS.COM	None
3	tier_1	templatesuplex.com	1	Skykomishdomains.com LLC	NS1.DNSNUTS.COM	None
4	tier_1	somedecor.com	1	Biglizarddomains.com LLC	NS1.DNSNUTS.COM	None
5	tier_1	garciniacambogiasideeffects4u.com	1	Rally Cry Domains, LLC	NS1.DNSNUTS.COM	None
6	tier_1	ausujet.com	1	Domain Name Root, LLC	NS1.DNSNUTS.COM	The Management Group II
7	tier_1	dakmm.com	1	Private Domains, Incorporated	NS1.DNSNUTS.COM	None
8	tier_1	banalitech.com	1	DropWeek.com, Inc.	NS1.DNSNUTS.COM	None
9	tier_1	poisonx.us	1	UdomainName.com LLC	ns2.dnsnuts.com	None
10	tier_2	track.vcdc.com	76	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
11	tier_2	euphe-gun.com	62	Amazon Registrar, Inc.	NS-1325.AWSDNS-37.ORG	Whois Privacy Service
12	tier_2	mnason-hec.com	41	Amazon Registrar, Inc.	NS-1205.AWSDNS-22.ORG	Whois Privacy Service
13	tier_2	get.popplunder.com	41	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
14	tier_2	trustedpush.com	39	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	WhoisGuard, Inc.
15	tier_2	win1.trustedpush.com	35	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	WhoisGuard, Inc.
16	tier_2	win2.trustedpush.com	32	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	WhoisGuard, Inc.
17	tier_2	atnpx.com	27	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
18	tier_2	ad.doubleclick.net	25	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google Inc.
19	tier_2	win3.trustedpush.com	21	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	WhoisGuard, Inc.
20	tier_3	kbb.com	24	CSC CORPORATE DOMAINS, INC.	PDNS164.ULTRADNS.BIZ	Autotrader.com
21	tier_3	track.vcdc.com	17	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
22	tier_3	win4.trustedpush.com	13	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	WhoisGuard, Inc.
23	tier_3	win3.trustedpush.com	11	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	WhoisGuard, Inc.
24	tier_3	blog.sfgate.com	11	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.
25	tier_3	blog.chron.com	11	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Newspapers, LLC
26	tier_3	win5.trustedpush.com	7	NameCheap, Inc.	NS-1142.AWSDNS-14.ORG	None
27	tier_3	wayfair.com	4	MarkMonitor, Inc.	A1-100.AKAM.NET	Wayfair, LLC
28	tier_3	win1.trustedpush.com	4	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	WhoisGuard, Inc.
29	tier_3	blog.mysanantonio.com	3	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	The Hearst Corporation

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.214	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	34	nan	nan
1	207.244.67.218	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	24	nan	nan
2	207.244.67.215	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	22	nan	nan
3	207.244.67.216	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	22	nan	nan
4	37.48.65.150	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	6	nan	nan
5	37.48.65.148	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	3	nan	nan
6	185.107.56.58	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	3	nan	nan
7	64.32.8.69	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	2	customer.sharktech.net	nan
8	37.48.65.149	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	2	nan	nan
9	185.107.56.59	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	2	nan	nan
10	13.225.229.73	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_3	7	server-13-225-229-73.jfk51.r.cloudfront.net	nan
11	34.199.180.187	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	41	ec2-34-199-180-187.compute-1.amazonaws.com	nan
12	3.221.180.161	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	40	ec2-3-221-180-161.compute-1.amazonaws.com	nan
13	204.44.79.214	Los Angeles	California	AS8100 QuadraNet Enterprises LLC	90014	United States	tier_2	27	204.44.79.214.static.quadranet.com	nan
14	52.73.170.217	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	22	ec2-52-73-170-217.compute-1.amazonaws.com	nan
15	144.76.1.130	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	22	static.130.1.76.144.clients.your-server.de	nan
16	34.202.98.117	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	22	ec2-34-202-98-117.compute-1.amazonaws.com	nan
17	34.226.113.11	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	19	ec2-34-226-113-11.compute-1.amazonaws.com	nan
18	94.130.186.231	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	19	static.231.186.130.94.clients.your-server.de	nan
19	172.217.10.6	Mountain View	California	AS15169 Google LLC	94043	United States	tier_2	19	lga34s12-in-f6.1e100.net	nan
20	151.101.0.200	San Francisco	California	AS54113 Fastly	94107	United States	tier_3	27	nan	True
21	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	26	pool-100-37-135-2.nycmny.fios.verizon.net	nan
22	195.201.92.254	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_3	15	static.254.92.201.195.clients.your-server.de	nan
23	23.66.194.233	New York City	New York	AS16625 Akamai Technologies, Inc.	10004	United States	tier_3	10	a23-66-194-233.deploy.static.akamaitechnologies.com	nan
24	23.33.130.92	New York City	New York	AS16625 Akamai Technologies, Inc.	10004	United States	tier_3	8	a23-33-130-92.deploy.static.akamaitechnologies.com	nan
25	13.225.229.73	New York City	New York	AS16509 Amazon.com, Inc.	10004	United States	tier_3	7	server-13-225-229-73.jfk51.r.cloudfront.net	nan
26	104.105.89.43	New York City	New York	AS16625 Akamai Technologies, Inc.	10004	United States	tier_3	6	a104-105-89-43.deploy.static.akamaitechnologies.com	nan
27	13.225.190.56	Montréal	Quebec	AS16509 Amazon.com, Inc.	H2W	Canada	tier_3	2	server-13-225-190-56.yul62.r.cloudfront.net	nan
28	23.41.189.99	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	2	a23-41-189-99.deploy.static.akamaitechnologies.com	nan
29	144.76.0.242	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_3	2	static.242.0.76.144.clients.your-server.de	nan

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶