viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	278	277	984	0	13	2021-04-16	185.107.56.199	Iphone

	tier	domain	count	registrar	name_servers	org
0	tier_1	erotop.info	1	Dynadot, LLC	NS1.COMMONMX.COM	None
1	tier_1	best-ga.me	1	Dynadot, LLC	None	None
2	tier_1	aurbataao.com	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0159179997
3	tier_1	atransmissionclinic.com	1	! #1 Host Canada, Inc.	NS1.COMMONMX.COM	None
4	tier_1	skymaps.org	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
5	tier_1	apstc.org	1	Columbianames.com LLC	NS1.COMMONMX.COM	Statutory Masking Enabled
6	tier_1	bankersadda.org	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
7	tier_1	bicoholics.com	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0158852663
8	tier_1	massagista.org	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
9	tier_1	alinaplugaru.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
10	tier_2	aristo-hag.com	79	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
11	tier_2	btpnav.com	71	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
12	tier_2	click.expmediadirect.com	60	None	None	None
13	tier_2	atnpx.com	60	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
14	tier_2	api.quotes.com	27	Internet Domain Service BS Corp.	NS-CANADA.TOPDNS.COM	Whois Privacy Corp.
15	tier_2	changeslots.com	27	Instra Corporation Pty Ltd.	CLEO.NS.CLOUDFLARE.COM	REDACTED FOR PRIVACY
16	tier_2	api.apptap.com	20	Amazon Registrar, Inc.	NS-1256.AWSDNS-29.ORG	Whois Privacy Service
17	tier_2	redirect.viglink.com	20	Amazon Registrar, Inc.	NS1.VIGLINK.COM	Whois Privacy Service
18	tier_2	link.sylikes.com	20	MarkMonitor, Inc.	NS-1063.AWSDNS-04.ORG	Connexity, Inc.
19	tier_2	api.mplayit.com	19	Amazon Registrar, Inc.	NS-1236.AWSDNS-26.ORG	Whois Privacy Service
20	tier_2	rtbstream.com	18	1API GmbH	NS1.DNSIMPLE.COM	Registrant of rtbstream.com
21	tier_2	rd.bizrate.com	16	None	None	None
22	tier_2	rd.connexity.net	16	MarkMonitor Inc.	NS-1190.AWSDNS-20.ORG	None
23	tier_2	c.clickprotects.com	12	GoDaddy.com, LLC	NS63.DOMAINCONTROL.COM	Domains By Proxy, LLC
24	tier_2	11165151.addotnet.com	12	GoDaddy.com, LLC	NS75.DOMAINCONTROL.COM	Domains By Proxy, LLC
25	tier_2	geo.itunes.apple.com	12	CSC CORPORATE DOMAINS, INC.	A.NS.APPLE.COM	Apple Inc.
26	tier_2	itunes.apple.com	12	CSC CORPORATE DOMAINS, INC.	A.NS.APPLE.COM	Apple Inc.
27	tier_2	ad.doubleclick.net	12	None	None	None
28	tier_2	exporimy.com	7	GoDaddy.com, LLC	NS-1145.AWSDNS-15.ORG	Domains By Proxy, LLC
29	tier_2	sorrectionki.space	7	None	None	None
30	tier_3	kbb.com	44	CSC CORPORATE DOMAINS, INC.	PDNS164.ULTRADNS.BIZ	Autotrader.com
31	tier_3	bestappland.me	34	None	None	None
32	tier_3	theconnectvpn.com	27	DonDominio (SCIP)	ARNOLD.NS.CLOUDFLARE.COM	Soluciones Corporativas IP, c/o Whois Proxy
33	tier_3	robogarden.io	16	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	None
34	tier_3	music.apple.com	12	CSC CORPORATE DOMAINS, INC.	A.NS.APPLE.COM	Apple Inc.
35	tier_3	storystudio.sfgate.com	9	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.
36	tier_3	rd.bizrate.com	9	MarkMonitor, Inc.	NS-1189.AWSDNS-20.ORG	Meredith Corporation
37	tier_3	tackis.xyz	7	None	None	None
38	tier_3	wayfair.com	3	MarkMonitor, Inc.	A1-100.AKAM.NET	Wayfair, LLC
39	tier_3	patpat.sjv.io	2	GANDI SAS	NS-545.AWSDNS-04.NET	None
40	tier_3	wayfair.com_LOOP_1	2	None	None	None
41	tier_3	patpat.sjv.io_LOOP_1	2	None	None	None
42	tier_3	ww38.quickbooksx.com	1	Key-Systems GmbH	NS1.ABOVE.COM	c/o whoisproxy.com
43	tier_3	aristo-hag.com	1	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	None
44	tier_3	edureka.co	1	Network Solutions, LLC	ns-1218.awsdns-24.org	kapil
45	tier_3	atnpx.com	1	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
46	tier_3	dollartree.com	1	Network Solutions, LLC	A1-230.AKAM.NET	None
47	tier_3	overstock.com	1	MarkMonitor, Inc.	DNS1.P01.NSONE.NET	Overstock.com, Inc - TMA606142
48	tier_3	adameve.com	1	Network Solutions, LLC	A1-75.AKAM.NET	None
49	tier_3	skechers.com	1	None	None	None
50	tier_3	appliancesconnection.com	1	GoDaddy.com, LLC	NS67.DOMAINCONTROL.COM	Domains By Proxy, LLC
51	tier_3	ads.midwayusa.com	1	GoDaddy.com, LLC	NS-1486.AWSDNS-57.ORG	MidwayUSA
52	tier_3	frontgate.com	1	Network Solutions, LLC	NS1.HSN.NET	Cornerstone Brands, Inc.
53	tier_3	bestbody.s3.amazonaws.com	1	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
54	tier_3	1800petmeds.com	1	GoDaddy.com, LLC	DNS1.P03.NSONE.NET	PETMED EXPRESS, INC.
55	tier_3	macys.com	1	Network Solutions, LLC	A1-135.AKAM.NET	Macy's Systems and Technology, Inc.
56	tier_3	ram21.proasdf.com	1	GoDaddy.com, LLC	NS61.DOMAINCONTROL.COM	Domains By Proxy, LLC
57	tier_3	search.discoverweb.com	1	GoDaddy.com, LLC	NINA.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
58	tier_3	fanatics.com	1	None	None	None
59	tier_3	filter.onwardclick.com	1	None	None	None

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	27	nan	nan
1	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	25	nan	nan
2	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	22	nan	nan
3	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	17	nan	nan
4	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	16	nan	nan
5	206.221.176.184	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	14	nan	nan
6	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	10	nan	nan
7	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	7	nan	nan
8	74.63.241.30	Dallas	Texas	AS46475 Limestone Networks, Inc.	75270	United States	tier_1	5	30-241-63-74.static.reverse.lstn.net	nan
9	37.48.65.150	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	4	nan	nan
10	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	91	nan	nan
11	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	60	nan	nan
12	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	9	rd.bizrate.com	nan
13	104.26.10.53	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
14	5.79.68.236	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_2	27	nan	nan
15	34.207.32.33	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	27	ec2-34-207-32-33.compute-1.amazonaws.com	nan
16	209.132.243.15	Los Angeles	California	AS7296 Alchemy Communications, Inc.	90009	United States	tier_2	26	nan	nan
17	104.26.11.53	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_2	23	nan	True
18	54.208.107.202	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-54-208-107-202.compute-1.amazonaws.com	nan
19	18.235.67.128	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	22	ec2-18-235-67-128.compute-1.amazonaws.com	nan
20	34.197.176.2	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	19	ec2-34-197-176-2.compute-1.amazonaws.com	nan
21	3.224.109.140	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	18	ec2-3-224-109-140.compute-1.amazonaws.com	nan
22	52.72.29.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	17	ec2-52-72-29-7.compute-1.amazonaws.com	nan
23	192.138.218.139	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_2	16	rd.connexity.net	nan
24	23.43.252.68	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_2	12	a23-43-252-68.deploy.static.akamaitechnologies.com	nan
25	52.21.176.105	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	11	ec2-52-21-176-105.compute-1.amazonaws.com	nan
26	54.84.4.127	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	11	ec2-54-84-4-127.compute-1.amazonaws.com	nan
27	184.85.6.44	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_2	10	a184-85-6-44.deploy.static.akamaitechnologies.com	nan
28	54.197.172.17	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	10	ec2-54-197-172-17.compute-1.amazonaws.com	nan
29	204.44.79.214	Los Angeles	California	AS8100 QuadraNet Enterprises LLC	90014	United States	tier_2	9	204.44.79.214.static.quadranet.com	nan
30	23.44.217.143	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	44	a23-44-217-143.deploy.static.akamaitechnologies.com	nan
31	142.93.4.215	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	34	nan	nan
32	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	17	pool-100-37-135-2.nycmny.fios.verizon.net	nan
33	104.21.80.8	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	15	nan	True
34	104.21.91.236	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	14	nan	True
35	172.67.181.234	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	13	nan	True
36	151.101.0.200	San Francisco	California	AS54113 Fastly	94107	United States	tier_3	9	nan	True
37	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	9	rd.bizrate.com	nan
38	104.21.65.93	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	6	nan	True
39	23.41.189.99	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	3	a23-41-189-99.deploy.static.akamaitechnologies.com	nan
40	35.227.211.136	Kansas City	Missouri	AS15169 Google LLC	64121	United States	tier_3	2	136.211.227.35.bc.googleusercontent.com	True
41	185.53.179.28	Munich	Bavaria	AS61969 Team Internet AG	80331	Germany	tier_3	1	nan	nan
42	54.208.107.202	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-54-208-107-202.compute-1.amazonaws.com	nan
43	54.192.100.33	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-54-192-100-33.ewr53.r.cloudfront.net	nan
44	104.26.10.53	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
45	23.73.233.19	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_3	1	a23-73-233-19.deploy.static.akamaitechnologies.com	nan
46	172.67.189.184	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
47	104.77.221.88	New York City	New York	AS16625 Akamai Technologies, Inc.	10004	United States	tier_3	1	a104-77-221-88.deploy.static.akamaitechnologies.com	nan
48	184.85.24.16	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a184-85-24-16.deploy.static.akamaitechnologies.com	nan
49	104.16.189.137	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
50	24.157.42.211	New York City	New York	AS6128 Cablevision Systems Corp.	10004	United States	tier_3	1	189d2ad3.cst.lightpath.net	nan
51	104.102.136.83	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_3	1	a104-102-136-83.deploy.static.akamaitechnologies.com	nan
52	184.87.71.113	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a184-87-71-113.deploy.static.akamaitechnologies.com	nan
53	52.217.44.156	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1-w.amazonaws.com	nan
54	104.16.135.104	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
55	104.77.220.218	New York City	New York	AS16625 Akamai Technologies, Inc.	10004	United States	tier_3	1	a104-77-220-218.deploy.static.akamaitechnologies.com	nan
56	162.243.10.151	New York City	New York	AS14061 DigitalOcean, LLC	10011	United States	tier_3	1	nan	nan
57	172.67.144.251	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
58	184.87.65.240	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a184-87-65-240.deploy.static.akamaitechnologies.com	nan
59	172.67.172.143	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶