Click-Fraud Report

This report identifies click-fraud attempts, which we see when botnets are given the direction to click on revenue-generating URLs.

This is frequently done either to change the results of searches, or to generate specific revenue for the criminals; they may also have been contracted to generate the selections.

Fields

Date

Date of the action in UTC+0
Time

Time of the action in UTC+0
C&C

The IP address of the Command and Control system that issued the command
C&C Port

Port of the Command and Control
C&C ASN

ASN of the C&C IP
C&C Geo

Country location of the C&C
Channel

Channel on the C&C that was used for the command
Command

Actual command issued
TGT

Target IP address
TGT ASN

ASN of the Target IP
TGT Geo

Country of the Target IP
URL

The actual full URL that was given in the command

Sample

"Date","Time","C&C","C&C Port","C&C ASN","C&C Geo","Channel","Command","TGT","TGT ASN","TGT Geo","URL"
"2008-10-31","03:27:12","85.119.154.157",9988,39023,"DE","#1","!visit http://s10.gladiatus.de","213.165.88.130",8560,"DE","http://s10.gladiatus.de/game/c.php?uid=16951"

Our 80 Report Types

« Back to Network Reporting