viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	253	258	937	0	14	2021-04-10	185.107.56.199	Iphone

	tier	domain	count	registrar	name_servers	org
0	tier_1	awword.co	1	Communigal Communication Ltd	ns2.commonmx.com	None
1	tier_1	c2sd.org	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
2	tier_1	emmaplays.co	1	Communigal Communication Ltd	ns2.commonmx.com	None
3	tier_1	affordableglass.org	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
4	tier_1	conspir4cy.org	1	Domaincapitan.com LLC	NS1.COMMONMX.COM	None
5	tier_1	beactivedentist.com	1	SNAPNAMES 7, LLC	NS1.COMMONMX.COM	None
6	tier_1	asio.pro	1	DYNADOT LLC	NS1.COMMONMX.COM	None
7	tier_1	derechosdeautor.co	1	GoDaddy.com, LLC	ns2.commonmx.com	None
8	tier_1	buengobiernoenred.co	1	Communigal Communication Ltd	ns2.commonmx.com	None
9	tier_1	assuncionistas.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
10	tier_2	aristo-hag.com	86	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
11	tier_2	btpnav.com	78	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
12	tier_2	atnpx.com	64	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
13	tier_2	changeslots.com	52	Instra Corporation Pty Ltd.	CLEO.NS.CLOUDFLARE.COM	REDACTED FOR PRIVACY
14	tier_2	ad.doubleclick.net	42	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google Inc.
15	tier_2	click.expmediadirect.com	38	None	None	None
16	tier_2	api.quotes.com	32	Internet Domain Service BS Corp.	NS-CANADA.TOPDNS.COM	Whois Privacy Corp.
17	tier_2	btpnative.com	25	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnative.com
18	tier_2	infopicked.com	25	None	None	None
19	tier_2	p274639.infopicked.com	21	None	None	None
20	tier_2	rd.bizrate.com	10	MarkMonitor, Inc.	NS-1189.AWSDNS-20.ORG	Meredith Corporation
21	tier_2	rd.connexity.net	8	None	None	None
22	tier_2	link.sylikes.com	7	None	None	None
23	tier_2	62758.click.validclick.net	6	Safenames Ltd	NS1.FULLMAILBOX.COM	None
24	tier_2	r.ealeo.com	4	DYNADOT LLC	NS-1186.AWSDNS-20.ORG	None
25	tier_2	c.clickprotects.com	4	GoDaddy.com, LLC	NS63.DOMAINCONTROL.COM	Domains By Proxy, LLC
26	tier_2	11165151.addotnet.com	4	GoDaddy.com, LLC	NS75.DOMAINCONTROL.COM	Domains By Proxy, LLC
27	tier_2	geo.itunes.apple.com	4	CSC CORPORATE DOMAINS, INC.	A.NS.APPLE.COM	Apple Inc.
28	tier_2	itunes.apple.com	4	CSC CORPORATE DOMAINS, INC.	A.NS.APPLE.COM	Apple Inc.
29	tier_2	63110.click.validclick.net	3	Safenames Ltd	NS1.FULLMAILBOX.COM	None
30	tier_3	theconnectvpn.com	52	DonDominio (SCIP)	ARNOLD.NS.CLOUDFLARE.COM	Soluciones Corporativas IP, c/o Whois Proxy
31	tier_3	kbb.com	42	CSC CORPORATE DOMAINS, INC.	PDNS164.ULTRADNS.BIZ	Autotrader.com
32	tier_3	bestappland.me	36	None	None	None
33	tier_3	robogarden.io	22	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	None
34	tier_3	storystudio.sfgate.com	8	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.
35	tier_3	storystudio.chron.com	6	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Newspapers, LLC
36	tier_3	fanatics.com	4	MarkMonitor, Inc.	A1-147.AKAM.NET	Fanatics Inc.
37	tier_3	music.apple.com	4	CSC CORPORATE DOMAINS, INC.	A.NS.APPLE.COM	Apple Inc.
38	tier_3	storystudio.mysanantonio.com	3	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	The Hearst Corporation
39	tier_3	wayfair.com	3	None	None	None
40	tier_3	aristo-hag.com	2	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
41	tier_3	crutchfield.com	1	Domain.com, LLC	NS1.CRUTCHFIELD.COM	REDACTED FOR PRIVACY
42	tier_3	63084.click.validclick.net	1	Safenames Ltd	NS1.FULLMAILBOX.COM	None
43	tier_3	michaelkors.com	1	NOM-IQ Ltd dba Com Laude	A1-111.AKAM.NET	Michael Kors, L.L.C.
44	tier_3	joinsmarty.com	1	None	None	None
45	tier_3	filter.onwardclick.com	1	None	None	None
46	tier_3	birkenstock.com	1	PSI-USA, Inc. dba Domain Robot	A.NS14.NET	BIRKENSTOCK SALES GMBH
47	tier_3	bestbody.s3.amazonaws.com	1	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
48	tier_3	63110.click.validclick.net	1	Safenames Ltd	NS1.FULLMAILBOX.COM	None
49	tier_3	childrensplace.com	1	CSC CORPORATE DOMAINS, INC.	PDNS1.CSCDNS.NET	The Childrens Place Services Company, LLC

	ip	city	region	org	postal	country_name	tier	count	anycast	hostname
0	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	27	nan	nan
1	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	27	nan	nan
2	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	26	nan	nan
3	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	21	nan	nan
4	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	17	nan	nan
5	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	14	nan	nan
6	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	10	nan	nan
7	206.221.176.184	Newark	New Jersey	AS23470 ReliableSite.Net LLC	07175	United States	tier_1	8	nan	nan
8	185.107.56.198	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	4	nan	nan
9	185.107.56.199	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	4	nan	nan
10	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	104	nan	nan
11	172.67.74.77	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_2	55	True	nan
12	34.207.32.33	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	52	nan	ec2-34-207-32-33.compute-1.amazonaws.com
13	173.192.101.24	Dallas	Texas	AS36351 SoftLayer Technologies Inc.	75270	United States	tier_2	46	nan	18.65.c0ad.ip4.static.sl-reverse.com
14	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	38	nan	nan
15	5.79.68.236	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_2	32	nan	nan
16	52.72.29.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	20	nan	ec2-52-72-29-7.compute-1.amazonaws.com
17	52.206.108.38	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	18	nan	ec2-52-206-108-38.compute-1.amazonaws.com
18	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_2	17	nan	nan
19	204.44.79.214	Los Angeles	California	AS8100 QuadraNet Enterprises LLC	90014	United States	tier_3	2	nan	204.44.79.214.static.quadranet.com
20	54.208.107.202	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	nan	ec2-54-208-107-202.compute-1.amazonaws.com
21	172.217.3.102	Westbury	New York	AS15169 Google LLC	11590	United States	tier_2	16	nan	lga34s18-in-f6.1e100.net
22	18.235.67.128	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	13	nan	ec2-18-235-67-128.compute-1.amazonaws.com
23	34.197.176.2	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	nan	ec2-34-197-176-2.compute-1.amazonaws.com
24	172.217.165.134	Los Angeles	California	AS15169 Google LLC	90009	United States	tier_2	11	nan	lax30s03-in-f6.1e100.net
25	209.132.243.15	Los Angeles	California	AS7296 Alchemy Communications, Inc.	90009	United States	tier_2	10	nan	nan
26	172.217.11.6	New York City	New York	AS15169 Google LLC	10004	United States	tier_2	9	nan	lga25s60-in-f6.1e100.net
27	192.138.218.139	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_2	8	nan	rd.connexity.net
28	34.207.43.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	6	nan	ec2-34-207-43-7.compute-1.amazonaws.com
29	173.239.53.32	New York City	New York	AS27257 Webair Internet Development Company Inc.	10004	United States	tier_3	1	nan	nan
30	172.67.181.234	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	43	True	nan
31	23.44.217.143	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	39	nan	a23-44-217-143.deploy.static.akamaitechnologies.com
32	142.93.4.215	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	36	nan	nan
33	98.129.228.57	Dallas	Texas	AS33070 Rackspace Hosting	75270	United States	tier_3	17	nan	nan
34	104.21.80.8	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	11	True	nan
35	172.67.172.143	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	11	True	nan
36	104.21.91.236	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	9	True	nan
37	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	4	nan	pool-100-37-135-2.nycmny.fios.verizon.net
38	184.87.65.240	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	3	nan	a184-87-65-240.deploy.static.akamaitechnologies.com
39	23.1.205.179	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_3	3	nan	a23-1-205-179.deploy.static.akamaitechnologies.com
40	23.39.32.237	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	3	nan	a23-39-32-237.deploy.static.akamaitechnologies.com
41	204.44.79.214	Los Angeles	California	AS8100 QuadraNet Enterprises LLC	90014	United States	tier_3	2	nan	204.44.79.214.static.quadranet.com
42	205.196.12.74	Washington	Washington, D.C.	AS54391 Crutchfield New Media LLC	20045	United States	tier_3	1	nan	www.crutchfield.com
43	184.85.16.53	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	nan	a184-85-16-53.deploy.static.akamaitechnologies.com
44	104.26.13.42	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	True	nan
45	23.0.199.211	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_3	1	nan	a23-0-199-211.deploy.static.akamaitechnologies.com
46	173.239.53.32	New York City	New York	AS27257 Webair Internet Development Company Inc.	10004	United States	tier_3	1	nan	nan
47	34.197.176.2	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	nan	ec2-34-197-176-2.compute-1.amazonaws.com
48	54.208.107.202	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	nan	ec2-54-208-107-202.compute-1.amazonaws.com
49	23.59.250.35	Newark	New Jersey	AS20940 Akamai International B.V.	07175	United States	tier_3	1	nan	a23-59-250-35.deploy.static.akamaitechnologies.com
50	52.216.88.11	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	nan	s3-1-w.amazonaws.com
51	184.85.4.64	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	nan	a184-85-4-64.deploy.static.akamaitechnologies.com

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶