viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	159	157	381	0	0	2020-12-21	37.48.65.151	Chrome

	tier	domain	count	registrar	name_servers	org
0	tier_1	freemoneysystem.net	1	Interlakenames.com LLC	NS1.DNSNUTS.COM	None
1	tier_1	animehentaitube.net	1	Heavydomains.net LLC	NS1.DNSNUTS.COM	None
2	tier_1	jrpgreview.com	1	SNAPNAMES 42, LLC	NS1.DNSNUTS.COM	None
3	tier_1	deadlysinx.net	1	Domains of Origin, LLC	NS1.DNSNUTS.COM	None
4	tier_1	lordntaylor.com	1	Sea Wasp, LLC	NS1.DNSNUTS.COM	Savvy Investments, LLC Privacy ID# 937761
5	tier_1	juggler-peka.net	1	Domaincomesaround.com LLC	NS1.DNSNUTS.COM	None
6	tier_1	crafthd.net	1	SNAPNAMES 42, LLC	NS1.DNSNUTS.COM	None
7	tier_1	spimy.us	1	UdomainName.com LLC	ns2.dnsnuts.com	None
8	tier_1	itiraku.net	1	Free Drop Zone LLC	NS1.DNSNUTS.COM	None
9	tier_1	dakmm.com	1	Private Domains, LLC	NS1.DNSNUTS.COM	None
10	tier_2	track.vcdc.com	33	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
11	tier_2	click.expmediadirect.com	29	NAMECHEAP INC	NS1.LINODE.COM	WhoisGuard, Inc.
12	tier_2	clk.rtpdn12.com	23	None	None	None
13	tier_2	euphe-gun.com	18	Amazon Registrar, Inc.	NS-1325.AWSDNS-37.ORG	Whois Privacy Service
14	tier_2	media-px.com	13	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
15	tier_2	servedby.flashtalking.com	13	MESH DIGITAL LIMITED	NS1.P09.DYNECT.NET	Flashtalking, Inc.
16	tier_2	build.mediapicker.com	10	GoDaddy.com, LLC	RAQUEL.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
17	tier_2	click.junmediadirect.com	7	NAMECHEAP INC	NS1.LINODE.COM	WhoisGuard, Inc.
18	tier_2	btpnative.com	5	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnative.com
19	tier_2	infopicked.com	5	NAMECHEAP INC	NS0.DNSMADEEASY.COM	WhoisGuard, Inc.
20	tier_3	fortunerain.info	18	GoDaddy.com, LLC	MOLLY.NS.CLOUDFLARE.COM	None
21	tier_3	socalhondadealers.com	13	DREAMHOST	NS1.DREAMHOST.COM	Proxy Protection LLC
22	tier_3	turbo-pdf.com	13	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
23	tier_3	casinoentity.info	9	GoDaddy.com, LLC	MOLLY.NS.CLOUDFLARE.COM	None
24	tier_3	track.vcdc.com	8	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
25	tier_3	worldoftanks.ru	3	RU-CENTER-RU	ns1.wargaming.net.	Wargaming.net Limited
26	tier_3	squirt.org	2	NAMECHEAP INC	NS5.DNSMADEEASY.COM	WhoisGuard, Inc.
27	tier_3	boot-upquick-theintenselyfile.best	2	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
28	tier_3	streamswiftcompletelypro.best	2	Namecheap	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
29	tier_3	boot-uprefined-thecompletelyfile.best	2	None	None	None

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.216	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	20	nan	nan
1	207.244.67.218	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	19	nan	nan
2	207.244.67.214	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	17	nan	nan
3	207.244.67.215	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	11	nan	nan
4	185.107.56.58	Amsterdam	North Holland	AS43350 NForce Entertainment B.V.	1012	Netherlands	tier_1	6	nan	nan
5	37.48.65.151	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	4	nan	nan
6	185.107.56.60	Amsterdam	North Holland	AS43350 NForce Entertainment B.V.	1012	Netherlands	tier_1	3	nan	nan
7	185.107.56.57	Amsterdam	North Holland	AS43350 NForce Entertainment B.V.	1012	Netherlands	tier_1	3	nan	nan
8	37.48.65.150	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	2	nan	nan
9	37.48.65.149	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	1	nan	nan
10	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	29	nan	nan
11	173.239.53.32	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	26	nan	nan
12	205.185.216.10	Dallas	Texas	AS20446 Highwinds Network Group, Inc.	75201	United States	tier_2	12	map2.hwcdn.net	True
13	144.76.1.130	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	11	static.130.1.76.144.clients.your-server.de	nan
14	94.130.186.231	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	10	static.231.186.130.94.clients.your-server.de	nan
15	18.210.49.168	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	10	ec2-18-210-49-168.compute-1.amazonaws.com	nan
16	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	9	nan	nan
17	94.130.185.237	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	8	static.237.185.130.94.clients.your-server.de	nan
18	172.67.134.220	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_2	7	nan	True
19	34.226.113.11	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	7	ec2-34-226-113-11.compute-1.amazonaws.com	nan
20	178.128.246.195	Amsterdam	North Holland	AS14061 DigitalOcean, LLC	1012	Netherlands	tier_3	13	nan	nan
21	172.67.185.52	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	10	nan	True
22	75.101.207.6	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_3	10	ec2-75-101-207-6.compute-1.amazonaws.com	nan
23	195.201.92.254	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_3	8	static.254.92.201.195.clients.your-server.de	nan
24	34.207.4.240	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_3	7	ec2-34-207-4-240.compute-1.amazonaws.com	nan
25	104.31.95.162	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	7	nan	True
26	104.24.120.9	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	7	nan	True
27	35.174.35.73	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_3	6	ec2-35-174-35-73.compute-1.amazonaws.com	nan
28	92.223.21.73	Luxembourg	Luxembourg	AS199524 G-Core Labs S.A.	L-1882	Luxembourg	tier_3	3	ed-sl-b73.fe.core.pw	nan
29	158.106.84.60	Toronto	Ontario	AS23498 COGECODATA	M5N	Canada	tier_3	2	www.squirtmail.com	nan

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶