viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	266	274	1196	0	15	2021-04-11	207.244.67.215	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	digaaz.com	1	NamePal.com #8013, LLC	NS1.COMMONMX.COM	None
1	tier_1	filmapik.tv	1	Domain Landing Zone LLC	NS1.COMMONMX.COM	None
2	tier_1	licnewagency.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
3	tier_1	la2tatcom.com	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0159165625
4	tier_1	cdhatver.com	1	NamePal.com #8010, LLC	NS1.COMMONMX.COM	None
5	tier_1	interests.pro	1	DYNADOT LLC	NS1.COMMONMX.COM	None
6	tier_1	editimage.org	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	Virtua Drug Ltd
7	tier_1	jsamsplace.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	Domains By Proxy, LLC
8	tier_1	123musiq.me	1	GoDaddy.com, LLC	None	None
9	tier_1	eatatjacknjills.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	Domains By Proxy, LLC
10	tier_2	btpnav.com	130	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
11	tier_2	aristo-hag.com	74	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
12	tier_2	1496.rawlexi.com	43	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
13	tier_2	nizephoros-pom.com	43	Amazon Registrar, Inc.	NS-1192.AWSDNS-21.ORG	Whois Privacy Service
14	tier_2	americanlisted.com	42	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
15	tier_2	winfreegift.net	37	DYNADOT, LLC	VIP1.ALIDNS.COM	None
16	tier_2	click.expmediadirect.com	27	None	None	None
17	tier_2	btpnative.com	26	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnative.com
18	tier_2	infopicked.com	26	NAMECHEAP INC	NS0.DNSMADEEASY.COM	Privacy service provided by Withheld for Privacy ehf
19	tier_2	ads35.adtelligent.com	25	DANESCO TRADING LTD	NS.ANYCASTNS1.ORG	Vertamedia,LLC
20	tier_2	dsp35.adtelligent.com	25	DANESCO TRADING LTD	NS.ANYCASTNS1.ORG	Vertamedia,LLC
21	tier_2	aldb1.mysearch.space	25	None	None	None
22	tier_2	externals-1953518744.us-east-1.elb.amazonaws.com	25	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
23	tier_2	search.snjsearch.com	25	GoDaddy.com, LLC	NS73.DOMAINCONTROL.COM	Domains By Proxy, LLC
24	tier_2	9nl.es	23	None	None	None
25	tier_2	newre-conversions.clickmeter.com	23	None	None	None
26	tier_2	trk.jometer.com	21	Amazon Registrar, Inc.	NS-129.AWSDNS-16.COM	Whois Privacy Service
27	tier_2	api.l5srv.net	19	GoDaddy.com, LLC	NS53.DOMAINCONTROL.COM	Domains By Proxy, LLC
28	tier_2	asufij.xyz	18	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
29	tier_2	managerformula.com	12	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
30	tier_3	free-gifts.net	37	DYNADOT, LLC	VIP1.ALIDNS.COM	None
31	tier_3	managerformula.com	30	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
32	tier_3	upward.careers	19	GoDaddy.com, LLC	ns21.domaincontrol.com	Domains By Proxy, LLC
33	tier_3	xzb.subeamy.pw	18	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
34	tier_3	bing.com	15	MarkMonitor, Inc.	DNS1.P09.NSONE.NET	Microsoft Corporation
35	tier_3	us.tideri.com	13	united domains AG	NS.UDAG.DE	None
36	tier_3	s3.amazonaws.com	12	None	None	None
37	tier_3	seekallanswrs.com	10	NameSilo, LLC	NS-CLOUD-A1.GOOGLEDOMAINS.COM	See PrivacyGuardian.org
38	tier_3	kbb.com	5	CSC CORPORATE DOMAINS, INC.	PDNS164.ULTRADNS.BIZ	Autotrader.com
39	tier_3	wayfair.com	4	None	None	None
40	tier_3	click.appcast.io	3	101Domain GRS Ltd	NS-85.AWSDNS-10.COM	None
41	tier_3	rd.bizrate.com	3	MarkMonitor Inc.	NS-1189.AWSDNS-20.ORG	None
42	tier_3	signup.finddreamjobs.com	2	GoDaddy.com, LLC	ALEXIS.NS.CLOUDFLARE.COM	Find Dream Jobs
43	tier_3	storystudio.sfgate.com	2	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.
44	tier_3	whatjobs.com	2	123-Reg Limited	VIDA.NS.CLOUDFLARE.COM	None
45	tier_3	dollarshaveclub.com	1	GoDaddy.com, LLC	NS-1465.AWSDNS-55.ORG	Domains By Proxy, LLC
46	tier_3	click.appcast.io_LOOP_1	1	None	None	None
47	tier_3	netradioplayer.com	1	GoDaddy.com, LLC	NS41.DOMAINCONTROL.COM	Domains By Proxy, LLC
48	tier_3	nizephoros-pom.com	1	Amazon Registrar, Inc.	NS-1192.AWSDNS-21.ORG	Whois Privacy Service
49	tier_3	maurices.com_LOOP_1	1	None	None	None
50	tier_3	careerbuilder.com	1	CSC CORPORATE DOMAINS, INC.	BROCK.CBJOBS.NET	CareerBuilder, LLC
51	tier_3	promorepublic.com	1	Onlinenic Inc	LIA.NS.CLOUDFLARE.COM	PromoRepublic Oy
52	tier_3	ballarddesigns.com_LOOP_1	1	None	None	None
53	tier_3	runnewest-bestextremelyfile.best	1	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
54	tier_3	americanlisted.com	1	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
55	tier_3	lampsplus.com_LOOP_1	1	None	None	None
56	tier_3	reebok.com	1	CSC CORPORATE DOMAINS, INC.	NS1.NETNAMES.NET	Reebok International, Ltd.
57	tier_3	invictastores.com_LOOP_1	1	None	None	None
58	tier_3	jobs.jobget.com	1	Amazon Registrar, Inc.	NS-1314.AWSDNS-36.ORG	None

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	37	nan	nan
1	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	33	nan	nan
2	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	21	nan	nan
3	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	20	nan	nan
4	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	14	nan	nan
5	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	12	nan	nan
6	206.221.176.184	Newark	New Jersey	AS23470 ReliableSite.Net LLC	07175	United States	tier_1	12	nan	nan
7	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	11	nan	nan
8	82.192.82.225	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	4	nan	nan
9	74.63.241.30	Dallas	Texas	AS46475 Limestone Networks, Inc.	75270	United States	tier_1	3	30-241-63-74.static.reverse.lstn.net	nan
10	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	157	nan	nan
11	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	43	nan	nan
12	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_2	42	240.61.209.35.bc.googleusercontent.com	nan
13	47.254.67.38	Mountain View	California	AS45102 Alibaba (US) Technology Co., Ltd.	94035	United States	tier_3	37	nan	nan
14	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	27	nan	nan
15	173.192.101.24	Dallas	Texas	AS36351 SoftLayer Technologies Inc.	75270	United States	tier_2	26	18.65.c0ad.ip4.static.sl-reverse.com	nan
16	209.205.202.42	New York City	New York	AS55081 24 SHELLS	10004	United States	tier_2	25	static-42-202-205-209.24shells.net	nan
17	209.205.202.43	New York City	New York	AS55081 24 SHELLS	10004	United States	tier_2	25	static-43-202-205-209.24shells.net	nan
18	35.162.164.74	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_2	25	ec2-35-162-164-74.us-west-2.compute.amazonaws.com	nan
19	52.72.29.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	24	ec2-52-72-29-7.compute-1.amazonaws.com	nan
20	52.206.108.38	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-52-206-108-38.compute-1.amazonaws.com	nan
21	34.197.176.2	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	20	ec2-34-197-176-2.compute-1.amazonaws.com	nan
22	54.208.107.202	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	20	ec2-54-208-107-202.compute-1.amazonaws.com	nan
23	67.227.173.37	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_2	19	nan	nan
24	18.235.67.128	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	17	ec2-18-235-67-128.compute-1.amazonaws.com	nan
25	34.207.43.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	16	ec2-34-207-43-7.compute-1.amazonaws.com	nan
26	50.16.173.246	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	16	ec2-50-16-173-246.compute-1.amazonaws.com	nan
27	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	3	nan	nan
28	3.125.109.211	Frankfurt am Main	Hesse	AS16509 Amazon.com, Inc.	60311	Germany	tier_2	15	ec2-3-125-109-211.eu-central-1.compute.amazonaws.com	nan
29	23.21.53.13	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	15	ec2-23-21-53-13.compute-1.amazonaws.com	nan
30	47.254.67.38	Mountain View	California	AS45102 Alibaba (US) Technology Co., Ltd.	94035	United States	tier_3	37	nan	nan
31	67.227.172.40	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_3	19	nan	nan
32	172.232.19.147	Newark	New Jersey	AS20940 Akamai International B.V.	07175	United States	tier_3	17	a172-232-19-147.deploy.static.akamaitechnologies.com	nan
33	35.246.171.123	Frankfurt am Main	Hesse	AS15169 Google LLC	60311	Germany	tier_3	13	123.171.246.35.bc.googleusercontent.com	nan
34	172.232.19.138	Newark	New Jersey	AS20940 Akamai International B.V.	07175	United States	tier_3	13	a172-232-19-138.deploy.static.akamaitechnologies.com	nan
35	35.165.21.241	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_3	11	ec2-35-165-21-241.us-west-2.compute.amazonaws.com	nan
36	204.79.197.200	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	10	a-0001.a-msedge.net	True
37	35.226.116.123	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	10	123.116.226.35.bc.googleusercontent.com	nan
38	52.88.215.122	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_3	7	ec2-52-88-215-122.us-west-2.compute.amazonaws.com	nan
39	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	5	pool-100-37-135-2.nycmny.fios.verizon.net	nan
40	13.107.21.200	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	5	nan	True
41	23.44.217.143	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	5	a23-44-217-143.deploy.static.akamaitechnologies.com	nan
42	23.39.32.237	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	4	a23-39-32-237.deploy.static.akamaitechnologies.com	nan
43	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	3	nan	nan
44	3.234.0.165	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	2	ec2-3-234-0-165.compute-1.amazonaws.com	nan
45	52.216.89.45	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
46	104.17.47.14	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	2	nan	True
47	98.129.228.57	Dallas	Texas	AS33070 Rackspace Hosting	75270	United States	tier_3	2	nan	nan
48	52.217.110.78	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
49	151.101.1.9	San Francisco	California	AS54113 Fastly	94107	United States	tier_3	1	nan	True
50	52.216.110.157	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
51	52.3.4.129	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-52-3-4-129.compute-1.amazonaws.com	nan
52	52.216.107.158	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
53	52.20.164.166	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-52-20-164-166.compute-1.amazonaws.com	nan
54	52.206.108.38	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-52-206-108-38.compute-1.amazonaws.com	nan
55	99.84.47.65	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-47-65.ewr52.r.cloudfront.net	nan
56	104.26.10.26	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
57	54.231.97.211	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
58	52.217.131.176	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
59	52.20.53.118	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-52-20-53-118.compute-1.amazonaws.com	nan

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶