viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	245	246	894	0	17	2021-04-17	207.244.67.215	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	igramecka.com	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0159177977
1	tier_1	forumt.biz	1	Communigal Communication Ltd	ns2.commonmx.com	None
2	tier_1	btcapp.co	1	Communigal Communication Ltd	ns2.commonmx.com	None
3	tier_1	coolkicks.co	1	Dynadot LLC	ns2.commonmx.com	None
4	tier_1	csmatrix.org	1	Atomicdomainnames.com LLC	NS1.COMMONMX.COM	Statutory Masking Enabled
5	tier_1	beauty-boutique.co	1	Communigal Communication Ltd	ns2.commonmx.com	None
6	tier_1	avsarangg.com	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0158852301
7	tier_1	carloscastillo.co	1	Communigal Communication Ltd	ns1.commonmx.com	None
8	tier_1	hqasianphotos.com	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0159171163
9	tier_1	flyingsg.com	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0158841585
10	tier_2	btpnav.com	150	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
11	tier_2	aristo-hag.com	80	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
12	tier_2	nizephoros-pom.com	46	Amazon Registrar, Inc.	NS-1192.AWSDNS-21.ORG	Whois Privacy Service
13	tier_2	1496.rawlexi.com	37	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
14	tier_2	americanlisted.com	31	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
15	tier_2	managerformula.com	24	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
16	tier_2	9nl.es	19	None	None	None
17	tier_2	newre-conversions.clickmeter.com	19	REGISTER S.P.A.	NS-1498.AWSDNS-59.ORG	REDACTED FOR PRIVACY
18	tier_2	trk.jometer.com	19	Amazon Registrar, Inc.	NS-129.AWSDNS-16.COM	Whois Privacy Service
19	tier_2	api.l5srv.net	19	GoDaddy.com, LLC	NS53.DOMAINCONTROL.COM	Domains By Proxy, LLC
20	tier_2	click.expmediadirect.com	17	NAMECHEAP INC	NS1.LINODE.COM	Privacy service provided by Withheld for Privacy ehf
21	tier_2	asufij.xyz	16	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
22	tier_2	btpnative.com	4	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnative.com
23	tier_2	infopicked.com	4	NAMECHEAP INC	NS0.DNSMADEEASY.COM	Privacy service provided by Withheld for Privacy ehf
24	tier_2	atnpx.com	3	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
25	tier_2	ad.doubleclick.net	3	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google Inc.
26	tier_2	t.co	2	CSC Corporate Domains, Inc.	d01-01.ns.twtrdns.net	Twitter, Inc.
27	tier_2	ww2.siteplug.com	2	DOMAINPEOPLE, INC.	NS-1263.AWSDNS-29.ORG	REDACTED FOR PRIVACY
28	tier_2	click.linksynergy.com	2	CSC CORPORATE DOMAINS, INC.	DNS1.P09.NSONE.NET	Rakuten Marketing
29	tier_2	clever-redirect.com	2	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
30	tier_3	irl.com	70	GoDaddy.com, LLC	NS-106.AWSDNS-13.COM	Domains By Proxy, LLC
31	tier_3	s3.amazonaws.com	24	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
32	tier_3	managerformula.com	20	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
33	tier_3	upward.careers	19	GoDaddy.com, LLC	ns21.domaincontrol.com	Domains By Proxy, LLC
34	tier_3	xzb.subeamy.pw	16	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
35	tier_3	us.tideri.com	12	united domains AG	NS.UDAG.DE	None
36	tier_3	americanlisted.com	5	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
37	tier_3	kbb.com	3	CSC CORPORATE DOMAINS, INC.	PDNS164.ULTRADNS.BIZ	Autotrader.com
38	tier_3	storystudio.chron.com	3	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Newspapers, LLC
39	tier_3	weniix.com	2	NAMECHEAP INC	DNS1.NAMECHEAPHOSTING.COM	Privacy service provided by Withheld for Privacy ehf
40	tier_3	storystudio.sfgate.com	1	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.
41	tier_3	belk.com	1	CSC CORPORATE DOMAINS, INC.	DNS1.P08.NSONE.NET	Belk Stores Services, Inc
42	tier_3	music.apple.com	1	CSC CORPORATE DOMAINS, INC.	A.NS.APPLE.COM	Apple Inc.
43	tier_3	aristo-hag.com	1	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
44	tier_3	art.com	1	CSC CORPORATE DOMAINS, INC.	SDNS113.ULTRADNS.BIZ	Art.com, Inc.
45	tier_3	littlewoods.com	1	Network Solutions, LLC	ASIA1.AKAM.NET	Statutory Masking Enabled
46	tier_3	halloweenexpress.com	1	GoDaddy.com, LLC	NS27.DOMAINCONTROL.COM	ASADART LLC
47	tier_3	bergdorfgoodman.com	1	CSC CORPORATE DOMAINS, INC.	NS-1513.AWSDNS-61.ORG	NM Nevada Trust
48	tier_3	148.trackints.com	1	NameCheap, Inc.	NS0.DNSMADEEASY.COM	None
49	tier_3	google.com_LOOP_1	1	None	None	None

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	31	nan	nan
1	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	26	nan	nan
2	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	26	nan	nan
3	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	15	nan	nan
4	206.221.176.184	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	13	nan	nan
5	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	13	nan	nan
6	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	12	nan	nan
7	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	11	nan	nan
8	185.107.56.199	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	4	nan	nan
9	37.48.65.151	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	3	nan	nan
10	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	154	nan	nan
11	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	37	nan	nan
12	52.72.29.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	35	ec2-52-72-29-7.compute-1.amazonaws.com	nan
13	54.208.107.202	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	32	ec2-54-208-107-202.compute-1.amazonaws.com	nan
14	34.197.176.2	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	31	ec2-34-197-176-2.compute-1.amazonaws.com	nan
15	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	5	240.61.209.35.bc.googleusercontent.com	nan
16	18.235.67.128	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	29	ec2-18-235-67-128.compute-1.amazonaws.com	nan
17	67.227.173.37	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_2	19	nan	nan
18	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	17	nan	nan
19	23.200.0.5	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_3	7	a23-200-0-5.deploy.static.akamaitechnologies.com	nan
20	23.21.166.45	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	10	ec2-23-21-166-45.compute-1.amazonaws.com	nan
21	23.21.53.13	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	10	ec2-23-21-53-13.compute-1.amazonaws.com	nan
22	23.200.0.41	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_3	13	a23-200-0-41.deploy.static.akamaitechnologies.com	nan
23	54.197.247.190	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	9	ec2-54-197-247-190.compute-1.amazonaws.com	nan
24	54.235.205.204	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	9	ec2-54-235-205-204.compute-1.amazonaws.com	nan
25	44.239.66.208	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_2	8	ec2-44-239-66-208.us-west-2.compute.amazonaws.com	nan
26	99.84.114.53	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	6	server-99-84-114-53.ewr52.r.cloudfront.net	nan
27	99.84.114.17	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	5	server-99-84-114-17.ewr52.r.cloudfront.net	nan
28	99.84.114.25	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	5	server-99-84-114-25.ewr52.r.cloudfront.net	nan
29	204.44.79.214	Los Angeles	California	AS8100 QuadraNet Enterprises LLC	90014	United States	tier_2	4	204.44.79.214.static.quadranet.com	nan
30	67.227.172.40	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_3	19	nan	nan
31	23.200.0.41	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_3	13	a23-200-0-41.deploy.static.akamaitechnologies.com	nan
32	35.246.171.123	Frankfurt am Main	Hesse	AS15169 Google LLC	60311	Germany	tier_3	12	123.171.246.35.bc.googleusercontent.com	nan
33	52.73.87.228	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	12	ec2-52-73-87-228.compute-1.amazonaws.com	nan
34	157.245.242.152	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	10	nan	nan
35	52.88.215.122	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_3	9	ec2-52-88-215-122.us-west-2.compute.amazonaws.com	nan
36	167.172.136.193	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	9	nan	nan
37	23.200.0.5	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_3	7	a23-200-0-5.deploy.static.akamaitechnologies.com	nan
38	35.165.21.241	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_3	7	ec2-35-165-21-241.us-west-2.compute.amazonaws.com	nan
39	157.245.84.7	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	6	nan	nan
40	161.35.60.200	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	5	nan	nan
41	54.205.240.192	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	5	ec2-54-205-240-192.compute-1.amazonaws.com	nan
42	67.207.81.229	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	5	nan	nan
43	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	5	240.61.209.35.bc.googleusercontent.com	nan
44	52.73.153.209	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	4	ec2-52-73-153-209.compute-1.amazonaws.com	nan
45	151.101.0.200	San Francisco	California	AS54113 Fastly	94107	United States	tier_3	4	nan	True
46	52.203.36.44	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	4	ec2-52-203-36-44.compute-1.amazonaws.com	nan
47	64.227.12.111	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	4	nan	nan
48	23.44.217.143	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	3	a23-44-217-143.deploy.static.akamaitechnologies.com	nan
49	162.0.209.104	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_3	2	premium170-1.web-hosting.com	nan
50	52.217.77.230	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
51	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	2	pool-100-37-135-2.nycmny.fios.verizon.net	nan
52	54.231.82.226	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
53	52.216.115.85	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
54	67.207.80.24	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	2	nan	nan
55	52.216.237.133	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
56	52.217.4.118	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
57	198.199.66.189	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	2	nan	nan
58	52.217.33.22	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
59	52.216.146.5	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶