viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	242	243	823	1	18	2021-04-07	185.107.56.199	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	ehacker.co	1	Dynadot LLC	ns2.commonmx.com	None
1	tier_1	foto-ramki.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
2	tier_1	focoonline.info	1	Dynadot, LLC	NS1.COMMONMX.COM	None
3	tier_1	azulholisticspa.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	Domains By Proxy, LLC
4	tier_1	coupeclub.cc	1	Zinc Domain Names LLC	NS1.COMMONMX.COM	None
5	tier_1	bexinhs.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
6	tier_1	hao678.info	1	Dynadot, LLC	NS1.COMMONMX.COM	None
7	tier_1	apknyot.info	1	Dynadot, LLC	NS1.COMMONMX.COM	None
8	tier_1	camkiss.info	1	SiteName Ltd.	NS1.COMMONMX.COM	None
9	tier_1	dinosriverwest.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	Domains By Proxy, LLC
10	tier_2	click.expmediadirect.com	120	None	None	None
11	tier_2	rqhere2.com	111	None	None	None
12	tier_2	btpnav.com	55	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
13	tier_2	1496.rawlexi.com	42	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
14	tier_2	americanlisted.com	41	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
15	tier_2	nizephoros-pom.com	12	Amazon Registrar, Inc.	NS-1192.AWSDNS-21.ORG	Whois Privacy Service
16	tier_2	rugab-ans.com	8	Amazon Registrar, Inc.	NS-1165.AWSDNS-17.ORG	Whois Privacy Service
17	tier_2	atnpx.com	5	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
18	tier_2	asufij.xyz	5	None	None	None
19	tier_2	managerformula.com	4	None	None	None
20	tier_2	rtbstream.com	4	1API GmbH	NS1.DNSIMPLE.COM	Registrant of rtbstream.com
21	tier_2	ad.doubleclick.net	3	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google Inc.
22	tier_2	api.apptap.com	2	Amazon Registrar, Inc.	NS-1256.AWSDNS-29.ORG	Whois Privacy Service
23	tier_2	api.mplayit.com	2	Amazon Registrar, Inc.	NS-1236.AWSDNS-26.ORG	Whois Privacy Service
24	tier_2	redirect.viglink.com	2	Amazon Registrar, Inc.	NS1.VIGLINK.COM	Whois Privacy Service
25	tier_2	link.sylikes.com	2	None	None	None
26	tier_2	hureseyd.top	2	NameSilo, LLC	ns1.selectel.org	See PrivacyGuardian.org
27	tier_2	blockchain-com.email	2	NameSilo, LLC	ns1.selectel.org	See PrivacyGuardian.org
28	tier_2	storage-for-mobileapps.life	2	None	None	None
29	tier_2	filter.explorads.com	2	GoDaddy.com, LLC	NS1.LINODE.COM	Domains By Proxy, LLC
30	tier_3	thehealthlevel.info	56	None	None	None
31	tier_3	us.tideri.com	41	united domains AG	NS.UDAG.DE	None
32	tier_3	youthandcare.info	40	None	None	None
33	tier_3	nutrahealth.info	9	GoDaddy.com, LLC	MOLLY.NS.CLOUDFLARE.COM	None
34	tier_3	managerformula.com	7	None	None	None
35	tier_3	fithealthspark.info	6	GoDaddy.com, LLC	MOLLY.NS.CLOUDFLARE.COM	None
36	tier_3	xzb.subeamy.pw	5	None	None	None
37	tier_3	s3.amazonaws.com	5	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
38	tier_3	kbb.com	4	CSC CORPORATE DOMAINS, INC.	PDNS164.ULTRADNS.BIZ	Autotrader.com
39	tier_3	rd.bizrate.com	2	None	None	None
40	tier_3	storystudio.sfgate.com	2	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.
41	tier_3	play.google.com	2	None	None	None
42	tier_3	go-x34n7wbcoes-ok.live	2	None	None	None
43	tier_3	americanlisted.com	1	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
44	tier_3	wayfair.com	1	None	None	None
45	tier_3	robogarden.io	1	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	None
46	tier_3	apple.global-info.space	1	None	None	None
47	tier_3	goldstar.com	1	ENOM, INC.	NS-102.AWSDNS-12.COM	REDACTED FOR PRIVACY

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	29	nan	nan
1	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	28	nan	nan
2	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	25	nan	nan
3	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	24	nan	nan
4	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	16	nan	nan
5	206.221.176.184	Newark	New Jersey	AS23470 ReliableSite.Net LLC	07175	United States	tier_1	11	nan	nan
6	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	6	nan	nan
7	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	6	nan	nan
8	82.192.82.227	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	5	nan	nan
9	37.48.65.150	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	4	nan	nan
10	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	122	nan	nan
11	167.99.3.175	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_2	111	nan	nan
12	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	60	nan	nan
13	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	43	nan	nan
14	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	1	240.61.209.35.bc.googleusercontent.com	nan
15	18.235.67.128	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	6	ec2-18-235-67-128.compute-1.amazonaws.com	nan
16	104.26.11.53	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_2	4	nan	True
17	54.208.107.202	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	4	ec2-54-208-107-202.compute-1.amazonaws.com	nan
18	34.197.176.2	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	3	ec2-34-197-176-2.compute-1.amazonaws.com	nan
19	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	2	rd.bizrate.com	nan
20	52.72.29.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	3	ec2-52-72-29-7.compute-1.amazonaws.com	nan
21	34.207.43.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	3	ec2-34-207-43-7.compute-1.amazonaws.com	nan
22	52.33.20.119	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_2	3	ec2-52-33-20-119.us-west-2.compute.amazonaws.com	nan
23	44.239.66.208	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_2	2	ec2-44-239-66-208.us-west-2.compute.amazonaws.com	nan
24	52.205.177.114	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	2	ec2-52-205-177-114.compute-1.amazonaws.com	nan
25	204.44.79.214	Los Angeles	California	AS8100 QuadraNet Enterprises LLC	90014	United States	tier_2	2	204.44.79.214.static.quadranet.com	nan
26	185.233.2.13	Saint Petersburg	St.-Petersburg	AS48096 Enterprise Cloud Ltd.	190000	Russia	tier_2	2	nan	nan
27	5.8.47.52	Haarlem	North Holland	AS209813 Fast Content Delivery LTD	2031	Netherlands	tier_2	2	nan	nan
28	45.77.159.202	New York City	New York	AS20473 The Constant Company, LLC	10004	United States	tier_2	2	45.77.159.202.vultr.com	nan
29	23.73.247.181	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_2	2	a23-73-247-181.deploy.static.akamaitechnologies.com	nan
30	35.246.171.123	Frankfurt am Main	Hesse	AS15169 Google LLC	60311	Germany	tier_3	41	123.171.246.35.bc.googleusercontent.com	nan
31	172.67.220.94	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	33	nan	True
32	104.21.11.199	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	25	nan	True
33	104.21.75.98	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	23	nan	True
34	172.67.167.55	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	15	nan	True
35	172.67.141.3	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	6	nan	True
36	172.67.200.87	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	5	nan	True
37	23.44.217.143	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	4	a23-44-217-143.deploy.static.akamaitechnologies.com	nan
38	104.21.70.248	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	3	nan	True
39	52.88.215.122	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_3	3	ec2-52-88-215-122.us-west-2.compute.amazonaws.com	nan
40	35.165.21.241	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_3	2	ec2-35-165-21-241.us-west-2.compute.amazonaws.com	nan
41	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	2	rd.bizrate.com	nan
42	172.232.19.138	Newark	New Jersey	AS20940 Akamai International B.V.	07175	United States	tier_3	2	a172-232-19-138.deploy.static.akamaitechnologies.com	nan
43	98.129.228.57	Dallas	Texas	AS33070 Rackspace Hosting	75270	United States	tier_3	2	nan	nan
44	52.217.193.64	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
45	172.217.9.238	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_3	2	lga34s11-in-f14.1e100.net	nan
46	104.21.86.43	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	2	nan	True
47	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	1	240.61.209.35.bc.googleusercontent.com	nan
48	23.200.0.40	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_3	1	a23-200-0-40.deploy.static.akamaitechnologies.com	nan
49	23.41.189.99	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a23-41-189-99.deploy.static.akamaitechnologies.com	nan
50	104.21.80.8	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
51	52.216.98.125	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
52	172.67.223.4	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
53	23.200.0.11	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_3	1	a23-200-0-11.deploy.static.akamaitechnologies.com	nan
54	50.18.212.168	San Jose	California	AS16509 Amazon.com, Inc.	95103	United States	tier_3	1	ec2-50-18-212-168.us-west-1.compute.amazonaws.com	nan
55	23.200.0.32	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_3	1	a23-200-0-32.deploy.static.akamaitechnologies.com	nan
56	104.21.21.208	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
57	52.216.178.141	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
58	23.200.0.21	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_3	1	a23-200-0-21.deploy.static.akamaitechnologies.com	nan
59	172.232.19.147	Newark	New Jersey	AS20940 Akamai International B.V.	07175	United States	tier_3	1	a172-232-19-147.deploy.static.akamaitechnologies.com	nan

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶