viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	251	269	1130	0	17	2021-04-09	185.107.56.199	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	karsiyakadenizsurucukursu.org	1	None	None	None
1	tier_1	yongkangstreet.org	1	None	None	None
2	tier_1	androidzoo.in	1	Dynadot LLC	ns1.commonmx.com	None
3	tier_1	cuuveed.com	1	DYNADOT17 LLC	NS1.COMMONMX.COM	None
4	tier_1	tamiat.org	1	None	None	None
5	tier_1	cclover.me	1	None	None	None
6	tier_1	affordableglass.org	1	None	None	None
7	tier_1	conspir4cy.org	1	None	None	None
8	tier_1	chagford-accom.co.uk	1	Virtua Drug Ltd t/a autoBackorder [Tag = AUTOBACKORDER]	n	None
9	tier_1	elinformativohipico.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
10	tier_2	btpnav.com	76	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
11	tier_2	click.expmediadirect.com	63	None	None	None
12	tier_2	api.apptap.com	45	Amazon Registrar, Inc.	NS-1256.AWSDNS-29.ORG	Whois Privacy Service
13	tier_2	redirect.viglink.com	44	Amazon Registrar, Inc.	NS1.VIGLINK.COM	Whois Privacy Service
14	tier_2	link.sylikes.com	44	MarkMonitor, Inc.	NS-1063.AWSDNS-04.ORG	Connexity, Inc.
15	tier_2	1496.rawlexi.com	42	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
16	tier_2	americanlisted.com	41	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
17	tier_2	rd.bizrate.com	40	MarkMonitor, Inc.	NS-1189.AWSDNS-20.ORG	Meredith Corporation
18	tier_2	wayfair.com	32	None	None	None
19	tier_2	rd.connexity.net	31	None	None	None
20	tier_2	api.mplayit.com	29	Amazon Registrar, Inc.	NS-1236.AWSDNS-26.ORG	Whois Privacy Service
21	tier_2	aristo-hag.com	27	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
22	tier_2	nizephoros-pom.com	25	Amazon Registrar, Inc.	NS-1192.AWSDNS-21.ORG	Whois Privacy Service
23	tier_2	9nl.es	23	None	None	None
24	tier_2	newre-conversions.clickmeter.com	23	REGISTER S.P.A.	NS-1498.AWSDNS-59.ORG	REDACTED FOR PRIVACY
25	tier_2	trk.jometer.com	19	Amazon Registrar, Inc.	NS-129.AWSDNS-16.COM	None
26	tier_2	managerformula.com	15	None	None	None
27	tier_2	api.l5srv.net	15	GoDaddy.com, LLC	NS53.DOMAINCONTROL.COM	Domains By Proxy, LLC
28	tier_2	asufij.xyz	13	None	None	None
29	tier_2	click.appcast.io	12	None	None	None
30	tier_3	wayfair.com_LOOP_1	32	None	None	None
31	tier_3	s3.amazonaws.com	16	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
32	tier_3	upward.careers	15	GoDaddy.com, LLC	ns21.domaincontrol.com	Domains By Proxy, LLC
33	tier_3	xzb.subeamy.pw	13	None	None	None
34	tier_3	us.tideri.com	12	united domains AG	NS.UDAG.DE	None
35	tier_3	managerformula.com	9	None	None	None
36	tier_3	rd.bizrate.com	8	MarkMonitor, Inc.	NS-1189.AWSDNS-20.ORG	Meredith Corporation
37	tier_3	blockchain-com.email	7	NameSilo, LLC	ns1.selectel.org	See PrivacyGuardian.org
38	tier_3	bing.com	6	None	None	None
39	tier_3	kbb.com	5	CSC CORPORATE DOMAINS, INC.	PDNS164.ULTRADNS.BIZ	Autotrader.com
40	tier_3	runnewest-bestextremelyfile.best	4	None	None	None
41	tier_3	play.google.com	3	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google LLC
42	tier_3	google.com	3	None	None	None
43	tier_3	signup.finddreamjobs.com	3	GoDaddy.com, LLC	ALEXIS.NS.CLOUDFLARE.COM	Find Dream Jobs
44	tier_3	wayfair.com	3	None	None	None
45	tier_3	click.appcast.io_LOOP_1	3	None	None	None
46	tier_3	skechers.com	2	None	None	None
47	tier_3	linkedin.com	2	None	None	None
48	tier_3	birkenstock.com	2	PSI-USA, Inc. dba Domain Robot	A.NS14.NET	BIRKENSTOCK SALES GMBH
49	tier_3	surfisnow.com	1	GoDaddy.com, LLC	DNS1.P09.NSONE.NET	ClientConnect LTD
50	tier_3	rpa21.proasdf.com	1	GoDaddy.com, LLC	NS61.DOMAINCONTROL.COM	Domains By Proxy, LLC
51	tier_3	click.appcast.io	1	None	None	None
52	tier_3	thredup.com	1	GoDaddy.com, LLC	MATT.NS.CLOUDFLARE.COM	ThredUp Inc.
53	tier_3	aristo-hag.com	1	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
54	tier_3	surveystarz.com	1	GoDaddy.com, LLC	NS13.DOMAINCONTROL.COM	Domains By Proxy, LLC
55	tier_3	whatjobs.com	1	123-Reg Limited	VIDA.NS.CLOUDFLARE.COM	None
56	tier_3	signup.careersandjobs.co	1	GoDaddy.com, LLC	alexis.ns.cloudflare.com	Domains By Proxy, LLC
57	tier_3	google.com_LOOP_1	1	None	None	None
58	tier_3	customerservicejobs.com	1	ENOM, INC.	DNS1.NAME-SERVICES.COM	REDACTED FOR PRIVACY
59	tier_3	macys.com	1	Network Solutions, LLC	A1-135.AKAM.NET	None

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	29	nan	nan
1	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	21	nan	nan
2	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	21	nan	nan
3	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	17	nan	nan
4	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	15	nan	nan
5	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	13	nan	nan
6	206.221.176.184	Newark	New Jersey	AS23470 ReliableSite.Net LLC	07175	United States	tier_1	11	nan	nan
7	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	8	nan	nan
8	82.192.82.225	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	4	nan	nan
9	82.192.82.226	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	3	nan	nan
10	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	87	nan	nan
11	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	8	nan	nan
12	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	63	nan	nan
13	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	42	nan	nan
14	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_2	41	240.61.209.35.bc.googleusercontent.com	nan
15	23.41.189.99	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	3	a23-41-189-99.deploy.static.akamaitechnologies.com	nan
16	192.138.218.139	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_2	31	rd.connexity.net	nan
17	52.206.141.190	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	26	ec2-52-206-141-190.compute-1.amazonaws.com	nan
18	34.197.67.232	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	26	ec2-34-197-67-232.compute-1.amazonaws.com	nan
19	3.226.37.31	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	25	ec2-3-226-37-31.compute-1.amazonaws.com	nan
20	52.205.177.114	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	22	ec2-52-205-177-114.compute-1.amazonaws.com	nan
21	34.225.128.119	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	19	ec2-34-225-128-119.compute-1.amazonaws.com	nan
22	34.207.43.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	16	ec2-34-207-43-7.compute-1.amazonaws.com	nan
23	67.227.173.37	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_2	15	nan	nan
24	23.21.166.230	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	14	ec2-23-21-166-230.compute-1.amazonaws.com	nan
25	23.21.53.13	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	13	ec2-23-21-53-13.compute-1.amazonaws.com	nan
26	52.206.108.38	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	12	ec2-52-206-108-38.compute-1.amazonaws.com	nan
27	185.233.2.13	Saint Petersburg	St.-Petersburg	AS48096 Enterprise Cloud Ltd.	190000	Russia	tier_2	11	nan	nan
28	173.239.53.32	New York City	New York	AS27257 Webair Internet Development Company Inc.	10004	United States	tier_2	10	nan	nan
29	54.235.205.204	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	10	ec2-54-235-205-204.compute-1.amazonaws.com	nan
30	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	39	pool-100-37-135-2.nycmny.fios.verizon.net	nan
31	67.227.172.40	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_3	15	nan	nan
32	52.88.215.122	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_3	12	ec2-52-88-215-122.us-west-2.compute.amazonaws.com	nan
33	35.246.171.123	Frankfurt am Main	Hesse	AS15169 Google LLC	60311	Germany	tier_3	12	123.171.246.35.bc.googleusercontent.com	nan
34	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	8	nan	nan
35	204.79.197.200	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	5	a-0001.a-msedge.net	True
36	23.44.217.143	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	5	a23-44-217-143.deploy.static.akamaitechnologies.com	nan
37	5.8.47.52	Haarlem	North Holland	AS209813 Fast Content Delivery LTD	2031	Netherlands	tier_3	4	nan	nan
38	52.20.53.118	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	4	ec2-52-20-53-118.compute-1.amazonaws.com	nan
39	23.41.189.99	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	3	a23-41-189-99.deploy.static.akamaitechnologies.com	nan
40	23.200.0.37	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_3	3	a23-200-0-37.deploy.static.akamaitechnologies.com	nan
41	23.200.0.41	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_3	3	a23-200-0-41.deploy.static.akamaitechnologies.com	nan
42	52.216.243.182	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
43	172.217.165.142	Los Angeles	California	AS15169 Google LLC	90009	United States	tier_3	2	lax30s03-in-f14.1e100.net	nan
44	52.217.80.182	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
45	104.16.188.137	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	2	nan	True
46	13.107.42.14	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	2	nan	True
47	172.217.10.68	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_3	2	lga34s14-in-f4.1e100.net	nan
48	52.217.81.78	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
49	104.17.48.14	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	2	nan	True
50	162.243.10.151	New York City	New York	AS14061 DigitalOcean, LLC	10011	United States	tier_3	2	nan	nan
51	23.200.0.21	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_3	2	a23-200-0-21.deploy.static.akamaitechnologies.com	nan
52	52.217.99.78	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
53	23.38.170.120	Newark	New Jersey	AS20940 Akamai International B.V.	07175	United States	tier_3	2	a23-38-170-120.deploy.static.akamaitechnologies.com	nan
54	13.33.46.45	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-13-33-46-45.ewr52.r.cloudfront.net	nan
55	13.107.21.200	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	1	nan	True
56	52.217.90.30	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
57	100.25.52.1	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-100-25-52-1.compute-1.amazonaws.com	nan
58	52.217.92.22	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
59	52.217.64.46	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶