viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	218	234	1027	0	0	2021-01-12	37.48.65.149	Chrome

	tier	domain	count	registrar	name_servers	org
0	tier_1	9ref.com	1	Lionshare Domains, LLC	NS1.DNSNUTS.COM	The Management Group II
1	tier_1	aharonic.net	1	Gradeadomainnames.com LLC	NS1.DNSNUTS.COM	None
2	tier_1	deadchicksarecoolmodels.com	1	Communigal Communication Ltd	NS1.COMMONMX.COM	None
3	tier_1	buysellads.ph	1	None	None	None
4	tier_1	fnanon.com	1	enom652, Inc.	NS1.DNSNUTS.COM	None
5	tier_1	csfort.us	1	Communigal Communication Ltd	ns2.commonmx.com	None
6	tier_1	di1.us	1	Communigal Communication Ltd	ns2.commonmx.com	None
7	tier_1	bagustekno.net	1	Zone of Domains LLC	NS1.DNSNUTS.COM	None
8	tier_1	flyingsg.com	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0158841585
9	tier_1	cloudfilezz.com	1	Lionshare Domains, LLC	NS1.DNSNUTS.COM	The Management Group II
10	tier_2	dprtb.com	67	1API GmbH	NS1.DNSIMPLE.COM	REDACTED FOR PRIVACY
11	tier_2	alfik-fik.com	58	Amazon Registrar, Inc.	NS-1264.AWSDNS-30.ORG	Whois Privacy Service
12	tier_2	api.searchlinker.com	52	GoDaddy.com, LLC	NS-1158.AWSDNS-16.ORG	Domains By Proxy, LLC
13	tier_2	bestresults.xyz	51	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
14	tier_2	my-search.com	45	Go China Domains, LLC	NS-1080.AWSDNS-07.ORG	Domains By Proxy, LLC
15	tier_2	bradamante-per.com	43	Amazon Registrar, Inc.	NS-1026.AWSDNS-00.ORG	Whois Privacy Service
16	tier_2	powerofsearches.com	32	GoDaddy.com, LLC	DNS1.P09.NSONE.NET	ClientConnect LTD
17	tier_2	track.vcdc.com	21	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
18	tier_2	forlumineontor.com	20	URL SOLUTIONS INC.	NS-1239.AWSDNS-26.ORG	GLOBAL DOMAIN PRIVACY SERVICES INC
19	tier_2	api.bestwebplayer.com	20	NAMECHEAP INC	NS-1333.AWSDNS-38.ORG	WhoisGuard, Inc.
20	tier_3	bing.com	50	MarkMonitor, Inc.	DNS1.P09.NSONE.NET	Microsoft Corporation
21	tier_3	get.streamssitesearch.com	18	GoDaddy.com, LLC	ISLA.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
22	tier_3	searchfrequently.com	10	GoDaddy.com, LLC	NEIL.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
23	tier_3	gearbest.com	7	Alibaba Cloud Computing (Beijing) Co., Ltd.	NS-1356.AWSDNS-41.ORG	None
24	tier_3	tjmzxqyhftsoptqvcnimforyraogdm.s3.amazonaws.com	5	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
25	tier_3	yhesgyeblzntrmyyvtajhdgglamuqx.s3.amazonaws.com	4	MarkMonitor Inc.	R1.AMAZONAWS.COM	None
26	tier_3	tgphrhcxzgrzhjjlfnnmgjntnetmol.s3.amazonaws.com	4	None	None	None
27	tier_3	track.vcdc.com	4	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
28	tier_3	sfolzqzvrkqnyvlseoojlpihvxacrj.s3.amazonaws.com	4	None	None	None
29	tier_3	hmxlwfzjglqsupqvyccdeyfywsasht.s3.amazonaws.com	3	MarkMonitor Inc.	R1.AMAZONAWS.COM	None

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.215	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	20	nan	nan
1	207.244.67.216	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	19	nan	nan
2	207.244.67.214	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	19	nan	nan
3	207.244.67.218	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	13	nan	nan
4	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	12	nan	nan
5	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	8	nan	nan
6	206.221.176.184	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	6	nan	nan
7	37.48.65.150	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	6	nan	nan
8	37.48.65.148	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	5	nan	nan
9	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	5	nan	nan
10	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	90	nan	nan
11	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_2	63	pool-100-37-135-2.nycmny.fios.verizon.net	nan
12	34.202.98.117	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23479	United States	tier_2	56	ec2-34-202-98-117.compute-1.amazonaws.com	nan
13	34.226.113.11	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23479	United States	tier_2	45	ec2-34-226-113-11.compute-1.amazonaws.com	nan
14	3.213.168.177	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23479	United States	tier_2	27	ec2-3-213-168-177.compute-1.amazonaws.com	nan
15	18.213.221.179	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23479	United States	tier_2	25	ec2-18-213-221-179.compute-1.amazonaws.com	nan
16	178.62.225.201	Amsterdam	North Holland	AS14061 DigitalOcean, LLC	1012	Netherlands	tier_2	25	nan	nan
17	23.43.56.185	New York City	New York	AS20940 Akamai International B.V.	10004	United States	tier_2	23	a23-43-56-185.deploy.static.akamaitechnologies.com	nan
18	23.43.56.194	New York City	New York	AS20940 Akamai International B.V.	10004	United States	tier_2	22	a23-43-56-194.deploy.static.akamaitechnologies.com	nan
19	95.217.204.250	Helsinki	Uusimaa	AS24940 Hetzner Online GmbH	00100	Finland	tier_2	18	static.250.204.217.95.clients.your-server.de	nan
20	204.79.197.200	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	49	a-0001.a-msedge.net	True
21	172.64.175.31	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	10	nan	True
22	172.64.174.31	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	8	nan	True
23	184.87.57.96	New York City	New York	AS16625 Akamai Technologies, Inc.	10004	United States	tier_3	7	a184-87-57-96.deploy.static.akamaitechnologies.com	nan
24	104.31.80.30	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	5	nan	True
25	172.67.138.156	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	5	nan	True
26	195.201.92.254	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_3	4	static.254.92.201.195.clients.your-server.de	nan
27	158.106.84.60	Toronto	Ontario	AS23498 COGECODATA	M5N	Canada	tier_3	3	gay-hookup.com	nan
28	104.18.16.24	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	3	nan	True
29	139.45.196.79	Poplar	England	AS9002 RETN Limited	E14	United Kingdom	tier_3	2	nan	nan

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶