viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	147	147	356	1	0	2020-12-22	64.32.8.68	Chrome

	tier	domain	count	registrar	name_servers	org
0	tier_1	istanbulrestaurantbirmingham.net	1	Kingdomains, LLC	NS1.DNSNUTS.COM	None
1	tier_1	aec-es.net	1	Blue Angel Domains LLC	NS1.DNSNUTS.COM	None
2	tier_1	economictims.com	1	Domain Landing Zone LLC	NS1.DNSNUTS.COM	None
3	tier_1	indiancag.org	1	Betterthanaveragedomains.com LLC	NS1.DNSNUTS.COM	The Management Group II
4	tier_1	yoin.us	1	UdomainName.com LLC	ns2.dnsnuts.com	None
5	tier_1	likeviss.net	1	Aquarius Domains, LLC	NS1.DNSNUTS.COM	None
6	tier_1	helyar.net	1	Name Connection Spot LLC	NS1.DNSNUTS.COM	None
7	tier_1	dl4warez.com	1	NamePal.com #8013, LLC	NS1.DNSNUTS.COM	None
8	tier_1	divxgay.net	1	SNAPNAMES 49, LLC	NS1.DNSNUTS.COM	None
9	tier_1	ava-producao.net	1	SNAPNAMES 45, LLC	NS1.DNSNUTS.COM	None
10	tier_3	us.tideri.com	9	united domains AG	NS.UDAG.DE	None
11	tier_3	us.sercanto.com	9	OVH, SAS	DNS20.OVH.NET	Wickedin s.r.l.
12	tier_3	track.vcdc.com	6	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
13	tier_3	vpnprime.net	5	NAMECHEAP INC	NS-1167.AWSDNS-17.ORG	WhoisGuard, Inc.
14	tier_3	worldoftanks.ru	5	RU-CENTER-RU	ns1.wargaming.net.	Wargaming.net Limited
15	tier_3	turbo-pdf.com	4	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
16	tier_3	il.betrivers.com	3	GoDaddy.com, LLC	ERIN.NS.CLOUDFLARE.COM	Rivers IP Holdings, LLC
17	tier_3	installoverlyswiftapplication.icu	2	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
18	tier_3	squirt.org	2	NAMECHEAP INC	NS5.DNSMADEEASY.COM	WhoisGuard, Inc.
19	tier_3	storeheavilystrongapplication.icu	2	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
20	tier_2	dprtb.com	29	GoDaddy.com, LLC	NS1.DNSIMPLE.COM	Domains By Proxy, LLC
21	tier_2	1496.wcitianka.com	24	GoDaddy Online Services Cayman Islands LTD	NS-1096.AWSDNS-09.ORG	None
22	tier_2	americanlisted.com	23	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
23	tier_2	track.vcdc.com	11	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
24	tier_2	click.expmediadirect.com	11	NAMECHEAP INC	NS1.LINODE.COM	WhoisGuard, Inc.
25	tier_2	build.mediapicker.com	9	GoDaddy.com, LLC	RAQUEL.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
26	tier_2	btpnative.com	8	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnative.com
27	tier_2	euphe-gun.com	8	Amazon Registrar, Inc.	NS-1325.AWSDNS-37.ORG	Whois Privacy Service
28	tier_2	click.junmediadirect.com	7	NAMECHEAP INC	NS1.LINODE.COM	WhoisGuard, Inc.
29	tier_2	infopicked.com	7	NAMECHEAP INC	NS0.DNSMADEEASY.COM	WhoisGuard, Inc.

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.218	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	18	nan	nan
1	207.244.67.216	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	13	nan	nan
2	207.244.67.214	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	11	nan	nan
3	207.244.67.215	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	9	nan	nan
4	185.107.56.60	Amsterdam	North Holland	AS43350 NForce Entertainment B.V.	1012	Netherlands	tier_1	5	nan	nan
5	37.48.65.150	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	3	nan	nan
6	37.48.65.151	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	3	nan	nan
7	185.107.56.57	Amsterdam	North Holland	AS43350 NForce Entertainment B.V.	1012	Netherlands	tier_1	2	nan	nan
8	185.107.56.58	Amsterdam	North Holland	AS43350 NForce Entertainment B.V.	1012	Netherlands	tier_1	2	nan	nan
9	64.32.8.67	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	1	customer.sharktech.net	nan
10	35.246.171.123	Frankfurt am Main	Hesse	AS15169 Google LLC	60311	Germany	tier_3	9	123.171.246.35.bc.googleusercontent.com	nan
11	75.101.207.6	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_3	8	ec2-75-101-207-6.compute-1.amazonaws.com	nan
12	195.201.92.254	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_3	6	static.254.92.201.195.clients.your-server.de	nan
13	35.204.107.142	Groningen	Groningen	AS15169 Google LLC	9711	Netherlands	tier_2	5	142.107.204.35.bc.googleusercontent.com	nan
14	178.128.246.195	Amsterdam	North Holland	AS14061 DigitalOcean, LLC	1012	Netherlands	tier_3	6	nan	nan
15	92.223.21.73	Luxembourg	Luxembourg	AS199524 G-Core Labs S.A.	L-1882	Luxembourg	tier_3	5	ed-sl-b73.fe.core.pw	nan
16	34.90.160.43	Groningen	Groningen	AS15169 Google LLC	9711	Netherlands	tier_3	3	43.160.90.34.bc.googleusercontent.com	nan
17	104.19.235.106	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	3	nan	True
18	13.225.210.79	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	2	server-13-225-210-79.ewr50.r.cloudfront.net	nan
19	158.106.84.60	Toronto	Ontario	AS23498 COGECODATA	M5N	Canada	tier_3	2	www.squirtmail.com	nan
20	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	37	nan	nan
21	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	24	nan	nan
22	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_2	23	240.61.209.35.bc.googleusercontent.com	nan
23	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	11	nan	nan
24	173.239.53.32	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	10	nan	nan
25	18.210.49.168	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23464	United States	tier_2	9	ec2-18-210-49-168.compute-1.amazonaws.com	nan
26	173.192.101.24	Dallas	Texas	AS36351 SoftLayer Technologies Inc.	75270	United States	tier_2	8	18.65.c0ad.ip4.static.sl-reverse.com	nan
27	198.134.116.18	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	7	nan	nan
28	144.76.1.130	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	5	static.130.1.76.144.clients.your-server.de	nan
29	35.204.107.142	Groningen	Groningen	AS15169 Google LLC	9711	Netherlands	tier_2	5	142.107.204.35.bc.googleusercontent.com	nan

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶