viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	20	16	20	0	0	2020-11-24	64.32.8.68	Chrome

	tier	domain	count	registrar	name_servers	org
0	tier_1	sarcastic.us	1	UdomainName.com LLC	ns2.dnsnuts.com	None
1	tier_1	televisionshow.us	1	UdomainName.com LLC	ns1.dnsnuts.com	None
2	tier_1	lookuppage.us	1	UdomainName.com LLC	ns2.dnsnuts.com	None
3	tier_1	pspr.us	1	UdomainName.com LLC	ns2.dnsnuts.com	None
4	tier_2	dprtb.com	1	GoDaddy.com, LLC	NS1.DNSIMPLE.COM	Domains By Proxy, LLC
5	tier_2	sopho-kat.com	1	Amazon Registrar, Inc.	NS-1009.AWSDNS-62.NET	Whois Privacy Service
6	tier_2	ww1.televisionshow.us	1	UdomainName.com LLC	ns1.dnsnuts.com	None
7	tier_2	c.pageprotect.net	1	GoDaddy.com, LLC	NS75.DOMAINCONTROL.COM	Domains By Proxy, LLC
8	tier_2	11168258.searchiqnet.com	1	GoDaddy.com, LLC	NS57.DOMAINCONTROL.COM	Domains By Proxy, LLC
9	tier_2	clickserve.dartsearch.net	1	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google LLC
10	tier_2	ad.doubleclick.net	1	None	None	None
11	tier_2	dbc.pathroutes.com	1	GoDaddy.com, LLC	NS75.DOMAINCONTROL.COM	Domains By Proxy, LLC
12	tier_2	track.vcdc.com	1	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
13	tier_2	clk.rtpdn11.com	1	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
14	tier_3	irl.com	1	GoDaddy.com, LLC	NS-106.AWSDNS-13.COM	Domains By Proxy, LLC
15	tier_3	samsung.com	1	None	None	None
16	tier_3	protects.s3.us-east-2.amazonaws.com	1	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
17	tier_3	turbo-pdf.com	1	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.

	ip	hostname	city	region	org	postal	country_name	tier	count
0	64.32.8.69	customer.sharktech.net	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	1
1	207.244.67.214	nan	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	1
2	37.48.65.150	nan	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	1
3	185.107.56.57	nan	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	1
4	209.132.243.15	nan	Grand Rapids	Michigan	AS7296 Alchemy Communications, Inc.	49502	United States	tier_2	3
5	209.15.13.136	nan	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	1
6	52.205.210.89	ec2-52-205-210-89.compute-1.amazonaws.com	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23450	United States	tier_2	1
7	199.59.242.153	nan	Tampa	Florida	AS395082 Bodis, LLC	33609	United States	tier_2	1
8	172.217.10.142	lga34s16-in-f14.1e100.net	Mountain View	California	AS15169 Google LLC	94043	United States	tier_2	1
9	172.217.3.102	lga34s18-in-f6.1e100.net	Mountain View	California	AS15169 Google LLC	94043	United States	tier_2	1
10	94.130.185.237	static.237.185.130.94.clients.your-server.de	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	1
11	173.239.53.32	nan	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	1
12	34.198.58.156	ec2-34-198-58-156.compute-1.amazonaws.com	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23450	United States	tier_2	1
13	198.134.116.30	nan	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	1
14	104.248.63.248	nan	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	1
15	23.38.172.65	a23-38-172-65.deploy.static.akamaitechnologies.com	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1
16	52.219.96.88	s3-r-w.us-east-2.amazonaws.com	Columbus	Ohio	AS16509 Amazon.com, Inc.	43209	United States	tier_3	1
17	178.128.246.195	nan	Amsterdam	North Holland	AS14061 DigitalOcean, LLC	1012	Netherlands	tier_3	1

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶