viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	277	290	1207	0	16	2021-04-07	185.107.56.199	Chrome

	tier	domain	count	registrar	name_servers	org
0	tier_1	ehacker.co	1	Dynadot LLC	ns2.commonmx.com	None
1	tier_1	foto-ramki.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
2	tier_1	bexinhs.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
3	tier_1	hao678.info	1	Dynadot, LLC	NS1.COMMONMX.COM	None
4	tier_1	apknyot.info	1	Dynadot, LLC	NS1.COMMONMX.COM	None
5	tier_1	institutoraulporras.org	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
6	tier_1	camkiss.info	1	SiteName Ltd.	NS1.COMMONMX.COM	None
7	tier_1	dinosriverwest.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	Domains By Proxy, LLC
8	tier_1	besturl.info	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
9	tier_1	hotroz.info	1	Dynadot, LLC	NS1.COMMONMX.COM	None
10	tier_2	btpnav.com	77	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
11	tier_2	click.expmediadirect.com	62	None	None	None
12	tier_2	1496.rawlexi.com	48	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
13	tier_2	americanlisted.com	46	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
14	tier_2	traff0121.com	34	None	None	None
15	tier_2	mediagate.club	34	None	None	None
16	tier_2	0.mediagate.club	34	None	None	None
17	tier_2	rugab-ans.com	33	Amazon Registrar, Inc.	NS-1165.AWSDNS-17.ORG	Whois Privacy Service
18	tier_2	1.mediagate.club	33	None	None	None
19	tier_2	2.mediagate.club	28	None	None	None
20	tier_3	aliexpress.com_LOOP_1	22	None	None	None
21	tier_3	bing.com	20	MarkMonitor, Inc.	DNS1.P09.NSONE.NET	Microsoft Corporation
22	tier_3	us.tideri.com	19	united domains AG	NS.UDAG.DE	None
23	tier_3	nutrahealth.info	9	GoDaddy.com, LLC	MOLLY.NS.CLOUDFLARE.COM	None
24	tier_3	fithealthspark.info	7	GoDaddy.com, LLC	MOLLY.NS.CLOUDFLARE.COM	None
25	tier_3	3.mediagate.club	6	None	None	None
26	tier_3	2.mediagate.club	5	None	None	None
27	tier_3	cehappear.fun	5	Dynadot LLC	AIDEN.NS.CLOUDFLARE.COM	None
28	tier_3	kbb.com	4	CSC CORPORATE DOMAINS, INC.	PDNS164.ULTRADNS.BIZ	Autotrader.com
29	tier_3	dl0lhqr3fd1yh.cloudfront.net	3	None	None	None

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	27	nan	nan
1	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	24	nan	nan
2	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	20	nan	nan
3	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	18	nan	nan
4	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	14	nan	nan
5	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	10	nan	nan
6	206.221.176.184	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	10	nan	nan
7	74.63.241.25	Dallas	Texas	AS46475 Limestone Networks, Inc.	75270	United States	tier_1	6	25-241-63-74.static.reverse.lstn.net	nan
8	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	5	nan	nan
9	74.63.241.30	Dallas	Texas	AS46475 Limestone Networks, Inc.	75270	United States	tier_1	4	30-241-63-74.static.reverse.lstn.net	nan
10	178.62.225.201	Amsterdam	North Holland	AS14061 DigitalOcean, LLC	1012	Netherlands	tier_3	12	nan	nan
11	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	93	nan	nan
12	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	62	nan	nan
13	88.99.101.106	Hohen Neuendorf	Brandenburg	AS24940 Hetzner Online GmbH	16540	Germany	tier_2	56	static.106.101.99.88.clients.your-server.de	nan
14	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	48	nan	nan
15	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	2	240.61.209.35.bc.googleusercontent.com	nan
16	209.205.202.42	New York City	New York	AS55081 24 SHELLS	10004	United States	tier_2	23	static-42-202-205-209.24shells.net	nan
17	209.205.202.43	New York City	New York	AS55081 24 SHELLS	10004	United States	tier_2	23	static-43-202-205-209.24shells.net	nan
18	35.162.164.74	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_2	23	ec2-35-162-164-74.us-west-2.compute.amazonaws.com	nan
19	23.36.196.16	Philadelphia	Pennsylvania	AS16625 Akamai Technologies, Inc.	19099	United States	tier_2	22	a23-36-196-16.deploy.static.akamaitechnologies.com	nan
20	167.99.3.175	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_2	16	nan	nan
21	207.38.44.116	Los Angeles	California	AS5693 Latisys-Irvine, LLC	90009	United States	tier_3	2	cbsmtp1.careerbliss.com	nan
22	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	32	pool-100-37-135-2.nycmny.fios.verizon.net	nan
23	173.192.101.24	Dallas	Texas	AS36351 SoftLayer Technologies Inc.	75270	United States	tier_2	14	18.65.c0ad.ip4.static.sl-reverse.com	nan
24	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	3	rd.bizrate.com	nan
25	18.235.67.128	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	13	ec2-18-235-67-128.compute-1.amazonaws.com	nan
26	54.210.170.165	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	13	ec2-54-210-170-165.compute-1.amazonaws.com	nan
27	52.29.135.45	Frankfurt am Main	Hesse	AS16509 Amazon.com, Inc.	60311	Germany	tier_2	12	ec2-52-29-135-45.eu-central-1.compute.amazonaws.com	nan
28	3.125.109.211	Frankfurt am Main	Hesse	AS16509 Amazon.com, Inc.	60311	Germany	tier_2	11	ec2-3-125-109-211.eu-central-1.compute.amazonaws.com	nan
29	50.16.173.246	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	10	ec2-50-16-173-246.compute-1.amazonaws.com	nan
30	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	32	pool-100-37-135-2.nycmny.fios.verizon.net	nan
31	35.246.171.123	Frankfurt am Main	Hesse	AS15169 Google LLC	60311	Germany	tier_3	19	123.171.246.35.bc.googleusercontent.com	nan
32	178.62.225.201	Amsterdam	North Holland	AS14061 DigitalOcean, LLC	1012	Netherlands	tier_3	12	nan	nan
33	204.79.197.200	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	8	a-0001.a-msedge.net	True
34	104.21.21.208	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	7	nan	True
35	172.67.141.3	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	6	nan	True
36	13.107.22.200	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	6	nan	True
37	131.253.33.200	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	5	a-0001.dc-msedge.net	True
38	23.44.217.143	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	4	a23-44-217-143.deploy.static.akamaitechnologies.com	nan
39	104.21.70.248	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	3	nan	True
40	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	3	rd.bizrate.com	nan
41	199.83.128.213	Redwood City	California	AS19551 Incapsula Inc	94065	United States	tier_3	3	199.83.128.213.ip.incapdns.net	True
42	34.192.40.54	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	3	ec2-34-192-40-54.compute-1.amazonaws.com	nan
43	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	2	240.61.209.35.bc.googleusercontent.com	nan
44	99.84.41.100	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	2	server-99-84-41-100.ewr52.r.cloudfront.net	nan
45	23.43.253.154	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	2	a23-43-253-154.deploy.static.akamaitechnologies.com	nan
46	104.21.83.108	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	2	nan	True
47	207.38.44.116	Los Angeles	California	AS5693 Latisys-Irvine, LLC	90009	United States	tier_3	2	cbsmtp1.careerbliss.com	nan
48	99.83.180.214	Seattle	Washington	AS16509 Amazon.com, Inc.	98108	United States	tier_3	2	a6733df31c115e5a2.awsglobalaccelerator.com	True
49	52.85.132.55	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	server-52-85-132-55.iad50.r.cloudfront.net	nan
50	104.22.55.149	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	2	nan	True
51	34.196.177.100	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	2	ec2-34-196-177-100.compute-1.amazonaws.com	nan
52	143.204.147.112	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	2	server-143-204-147-112.ewr52.r.cloudfront.net	nan
53	99.84.114.112	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-114-112.ewr52.r.cloudfront.net	nan
54	173.239.53.32	New York City	New York	AS27257 Webair Internet Development Company Inc.	10004	United States	tier_3	1	nan	nan
55	34.251.34.108	Dublin	Leinster	AS16509 Amazon.com, Inc.	D02	Ireland	tier_3	1	ec2-34-251-34-108.eu-west-1.compute.amazonaws.com	nan
56	54.234.245.31	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-54-234-245-31.compute-1.amazonaws.com	nan
57	99.84.41.171	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-41-171.ewr52.r.cloudfront.net	nan
58	104.18.23.236	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
59	99.84.176.109	Washington	Washington, D.C.	AS16509 Amazon.com, Inc.	20045	United States	tier_3	1	server-99-84-176-109.iad89.r.cloudfront.net	nan

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶