viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	112	113	271	0	0	2020-11-30	64.32.8.70	Chrome

	tier	domain	count	registrar	name_servers	org
0	tier_1	memyselfandpi.net	1	Catch Domains LLC	NS1.DNSNUTS.COM	None
1	tier_1	squarelion.net	1	Namesaplenty LLC	NS1.DNSNUTS.COM	None
2	tier_1	605375.com	1	IServeYourDomain.com LLC	NS1.DNSNUTS.COM	None
3	tier_1	ahirugama.net	1	SNAPNAMES 19, LLC	NS1.DNSNUTS.COM	None
4	tier_1	shahi.net	1	Domain Rouge, LLC	NS1.DNSNUTS.COM	None
5	tier_1	melaniemoon.net	1	Domains of Origin, LLC	NS1.DNSNUTS.COM	None
6	tier_1	risleyitin.net	1	Pararescuedomains.com, LLC	NS1.DNSNUTS.COM	None
7	tier_1	videopremium.net	1	DomainsAreForever.net LLC	NS1.DNSNUTS.COM	None
8	tier_1	99popbra.com	1	OregonEU.com LLC	NS1.DNSNUTS.COM	None
9	tier_1	10tiposde.com	1	Top Pick Names LLC	NS1.DNSNUTS.COM	None
10	tier_2	sopho-kat.com	27	Amazon Registrar, Inc.	NS-1009.AWSDNS-62.NET	Whois Privacy Service
11	tier_2	dprtb.com	19	GoDaddy.com, LLC	NS1.DNSIMPLE.COM	Domains By Proxy, LLC
12	tier_2	click.expmediadirect.com	19	NAMECHEAP INC	NS1.LINODE.COM	WhoisGuard, Inc.
13	tier_2	media-px.com	7	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
14	tier_2	servedby.flashtalking.com	7	MESH DIGITAL LIMITED	NS1.P09.DYNECT.NET	Flashtalking, Inc.
15	tier_2	build.mediapicker.com	7	GoDaddy.com, LLC	RAQUEL.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
16	tier_2	track.vcdc.com	7	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
17	tier_2	mnason-hec.com	6	Amazon Registrar, Inc.	NS-1205.AWSDNS-22.ORG	Whois Privacy Service
18	tier_2	click.junmediadirect.com	6	NAMECHEAP INC	NS1.LINODE.COM	WhoisGuard, Inc.
19	tier_2	btpnative.com	6	GoDaddy.com, LLC	NS1.DNSIMPLE.COM	Domains By Proxy, LLC
20	tier_3	irl.com	14	GoDaddy.com, LLC	NS-106.AWSDNS-13.COM	Domains By Proxy, LLC
21	tier_3	socalhondadealers.com	7	DREAMHOST	NS1.DREAMHOST.COM	Proxy Protection LLC
22	tier_3	turbo-pdf.com	7	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
23	tier_3	loadoverly-thecurrentfile.best	4	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
24	tier_3	thefatburner.info	4	GoDaddy.com, LLC	MOLLY.NS.CLOUDFLARE.COM	None
25	tier_3	loadlatest-theoverlyfile.best	3	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
26	tier_3	il.betrivers.com	2	GoDaddy.com, LLC	ERIN.NS.CLOUDFLARE.COM	Rivers IP Holdings, LLC
27	tier_3	bitcofeed.info	2	GoDaddy.com, LLC	MOLLY.NS.CLOUDFLARE.COM	None
28	tier_3	macys.com	2	Network Solutions, LLC	A1-135.AKAM.NET	None
29	tier_3	toovolution.club	2	NAMECHEAP INC	demi.ns.cloudflare.com	WhoisGuard, Inc.

	ip	city	region	org	postal	country_name	tier	count	hostname
0	207.244.67.218	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	15	nan
1	207.244.67.216	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	14	nan
2	207.244.67.215	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	14	nan
3	207.244.67.214	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	8	nan
4	185.107.56.57	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	2	nan
5	185.107.56.59	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	2	nan
6	37.48.65.148	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	1	nan
7	64.32.8.69	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	1	customer.sharktech.net
8	37.48.65.150	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	1	nan
9	185.107.56.60	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	1	nan
10	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	25	nan
11	52.205.210.89	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	20	ec2-52-205-210-89.compute-1.amazonaws.com
12	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	19	nan
13	54.225.132.253	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	15	ec2-54-225-132-253.compute-1.amazonaws.com
14	205.185.216.10	Dallas	Texas	AS20446 Highwinds Network Group, Inc.	75201	United States	tier_2	7	map2.hwcdn.net
15	18.210.49.168	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	7	ec2-18-210-49-168.compute-1.amazonaws.com
16	173.192.101.24	Dallas	Texas	AS36351 SoftLayer Technologies Inc.	75270	United States	tier_2	7	18.65.c0ad.ip4.static.sl-reverse.com
17	104.28.30.109	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_2	6	nan
18	198.134.116.18	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	6	nan
19	94.130.186.231	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	3	static.231.186.130.94.clients.your-server.de
20	54.173.32.183	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	7	ec2-54-173-32-183.compute-1.amazonaws.com
21	178.128.246.195	Amsterdam	North Holland	AS14061 DigitalOcean, LLC	1012	Netherlands	tier_3	7	nan
22	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	6	pool-100-37-135-2.nycmny.fios.verizon.net
23	34.207.4.240	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	4	ec2-34-207-4-240.compute-1.amazonaws.com
24	162.243.166.170	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	3	nan
25	104.248.63.231	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	3	nan
26	104.248.50.87	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	3	nan
27	35.174.35.73	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	3	ec2-35-174-35-73.compute-1.amazonaws.com
28	104.27.174.27	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	3	nan
29	104.19.235.106	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	2	nan

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶