viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	238	243	936	0	26	2021-04-19	37.48.65.149	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	moniker.name	1	None	None	None
1	tier_1	arrecharge.in	1	Dynadot LLC	ns1.commonmx.com	None
2	tier_1	phimm.net	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
3	tier_1	bomber22.net	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
4	tier_1	anhdep.pro	1	DYNADOT LLC	NS1.COMMONMX.COM	None
5	tier_1	nijigenmarket.net	1	eNom463, Incorporated	NS1.COMMONMX.COM	None
6	tier_1	mymp3song.net	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
7	tier_1	dapool.me	1	Dynadot, LLC	None	None
8	tier_1	flinzo.com	1	Dynadot5 LLC	NS1.COMMONMX.COM	None
9	tier_1	boost.asia	1	Dynadot, LLC	NS1.COMMONMX.COM	None
10	tier_2	btpnav.com	126	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
11	tier_2	aristo-hag.com	58	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
12	tier_2	nizephoros-pom.com	56	Amazon Registrar, Inc.	NS-1192.AWSDNS-21.ORG	Whois Privacy Service
13	tier_2	1496.rawlexi.com	42	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
14	tier_2	americanlisted.com	41	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
15	tier_2	btpnative.com	28	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnative.com
16	tier_2	infopicked.com	27	NAMECHEAP INC	NS0.DNSMADEEASY.COM	Privacy service provided by Withheld for Privacy ehf
17	tier_2	9nl.es	24	None	None	None
18	tier_2	newre-conversions.clickmeter.com	24	REGISTER S.P.A.	NS-1498.AWSDNS-59.ORG	REDACTED FOR PRIVACY
19	tier_2	trk.jometer.com	24	Amazon Registrar, Inc.	NS-129.AWSDNS-16.COM	Whois Privacy Service
20	tier_2	api.l5srv.net	24	GoDaddy.com, LLC	NS53.DOMAINCONTROL.COM	Domains By Proxy, LLC
21	tier_2	managerformula.com	19	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
22	tier_2	click.expmediadirect.com	16	NAMECHEAP INC	NS1.LINODE.COM	Privacy service provided by Withheld for Privacy ehf
23	tier_2	hureseyd.top	10	NameSilo, LLC	ns1.selectel.org	See PrivacyGuardian.org
24	tier_2	rtbstream.com	7	1API GmbH	NS1.DNSIMPLE.COM	Registrant of rtbstream.com
25	tier_2	clk.rtpdn12.com	6	None	None	None
26	tier_2	rqhere2.com	6	NAMECHEAP INC	JEROME.NS.CLOUDFLARE.COM	Privacy service provided by Withheld for Privacy ehf
27	tier_2	mega.affiliate-dash.com	5	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
28	tier_2	blockchain-com.email	4	NameSilo, LLC	ns1.selectel.org	See PrivacyGuardian.org
29	tier_2	ads35.adtelligent.com	3	DANESCO TRADING LTD	NS.ANYCASTNS1.ORG	Vertamedia,LLC
30	tier_3	irl.com	46	GoDaddy.com, LLC	NS-106.AWSDNS-13.COM	Domains By Proxy, LLC
31	tier_3	managerformula.com	37	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
32	tier_3	upward.careers	24	GoDaddy.com, LLC	ns21.domaincontrol.com	Domains By Proxy, LLC
33	tier_3	s3.amazonaws.com	19	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
34	tier_3	us.tideri.com	13	united domains AG	NS.UDAG.DE	None
35	tier_3	blockchain-com.email	6	NameSilo, LLC	ns1.selectel.org	See PrivacyGuardian.org
36	tier_3	runnewest-bestextremelyfile.best	5	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
37	tier_3	medicreed.club	4	NAMECHEAP INC	molly.ns.cloudflare.com	Privacy service provided by Withheld for Privacy ehf
38	tier_3	tripleprofit-zone.life	3	None	None	None
39	tier_3	bing.com	3	MarkMonitor, Inc.	DNS1.P09.NSONE.NET	Microsoft Corporation
40	tier_3	chrismoneymaker.com	3	GoDaddy.com, LLC	NS65.DOMAINCONTROL.COM	Amaya Services Limited
41	tier_3	click.appcast.io	1	101Domain GRS Ltd	NS-85.AWSDNS-10.COM	None
42	tier_3	americanlisted.com	1	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
43	tier_3	play.google.com	1	None	None	None
44	tier_3	aristo-hag.com	1	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
45	tier_3	etoro.com	1	DomainTheNet.com	EUR5.AKAM.NET	******
46	tier_3	us.jobtome.com	1	GoDaddy.com, LLC	CHRIS.NS.CLOUDFLARE.COM	Jobtome Internantional SA
47	tier_3	orthofeet.com	1	Network Solutions, LLC	NS27.WORLDNIC.COM	ORTHOFEET INC.
48	tier_3	amazonhvh.thejobnetwork.com	1	GoDaddy.com, LLC	NS-1356.AWSDNS-41.ORG	RealMatch
49	tier_3	storystudio.sfgate.com	1	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.
50	tier_3	adzuna.com	1	123-Reg Limited	NS-1197.AWSDNS-21.ORG	AdHunter

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	29	nan	nan
1	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	24	nan	nan
2	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	22	nan	nan
3	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	19	nan	nan
4	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	13	nan	nan
5	206.221.176.184	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	10	nan	nan
6	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	10	nan	nan
7	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	6	nan	nan
8	185.107.56.197	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	4	nan	nan
9	82.192.82.226	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	4	nan	nan
10	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	161	nan	nan
11	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	42	nan	nan
12	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_2	41	240.61.209.35.bc.googleusercontent.com	nan
13	52.72.29.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	30	ec2-52-72-29-7.compute-1.amazonaws.com	nan
14	54.208.107.202	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	30	ec2-54-208-107-202.compute-1.amazonaws.com	nan
15	34.197.176.2	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	29	ec2-34-197-176-2.compute-1.amazonaws.com	nan
16	173.192.101.24	Dallas	Texas	AS36351 SoftLayer Technologies Inc.	75270	United States	tier_2	28	18.65.c0ad.ip4.static.sl-reverse.com	nan
17	18.235.67.128	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	25	ec2-18-235-67-128.compute-1.amazonaws.com	nan
18	67.227.173.37	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_2	24	nan	nan
19	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	16	nan	nan
20	54.197.247.190	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	13	ec2-54-197-247-190.compute-1.amazonaws.com	nan
21	23.21.53.13	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	13	ec2-23-21-53-13.compute-1.amazonaws.com	nan
22	23.21.166.45	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	11	ec2-23-21-166-45.compute-1.amazonaws.com	nan
23	54.235.205.204	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	11	ec2-54-235-205-204.compute-1.amazonaws.com	nan
24	23.38.167.227	Philadelphia	Pennsylvania	AS20940 Akamai International B.V.	19099	United States	tier_3	20	a23-38-167-227.deploy.static.akamaitechnologies.com	nan
25	185.233.2.13	Saint Petersburg	St.-Petersburg	AS48096 Enterprise Cloud Ltd.	190000	Russia	tier_2	10	nan	nan
26	99.84.114.53	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	9	server-99-84-114-53.ewr52.r.cloudfront.net	nan
27	99.84.114.25	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	9	server-99-84-114-25.ewr52.r.cloudfront.net	nan
28	23.38.167.202	Philadelphia	Pennsylvania	AS20940 Akamai International B.V.	19099	United States	tier_3	17	a23-38-167-202.deploy.static.akamaitechnologies.com	nan
29	173.239.53.32	New York City	New York	AS27257 Webair Internet Development Company Inc.	10004	United States	tier_2	6	nan	nan
30	67.227.172.40	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_3	24	nan	nan
31	23.38.167.227	Philadelphia	Pennsylvania	AS20940 Akamai International B.V.	19099	United States	tier_3	20	a23-38-167-227.deploy.static.akamaitechnologies.com	nan
32	23.38.167.202	Philadelphia	Pennsylvania	AS20940 Akamai International B.V.	19099	United States	tier_3	17	a23-38-167-202.deploy.static.akamaitechnologies.com	nan
33	35.246.171.123	Frankfurt am Main	Hesse	AS15169 Google LLC	60311	Germany	tier_3	13	123.171.246.35.bc.googleusercontent.com	nan
34	161.35.60.200	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	7	nan	nan
35	167.172.136.193	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	6	nan	nan
36	52.20.53.118	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	5	ec2-52-20-53-118.compute-1.amazonaws.com	nan
37	5.8.47.52	Haarlem	North Holland	AS209813 Fast Content Delivery LTD	2031	Netherlands	tier_3	4	nan	True
38	52.203.36.44	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	4	ec2-52-203-36-44.compute-1.amazonaws.com	nan
39	67.207.81.229	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	4	nan	nan
40	67.207.80.24	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	4	nan	nan
41	52.73.153.209	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	4	ec2-52-73-153-209.compute-1.amazonaws.com	nan
42	31.184.202.185	Haarlem	North Holland	AS209813 Fast Content Delivery LTD	2031	Netherlands	tier_3	3	nan	True
43	64.227.12.111	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	3	nan	nan
44	204.79.197.200	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	3	a-0001.a-msedge.net	True
45	104.21.68.134	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	3	nan	True
46	92.205.4.117	Strasbourg	Grand Est	AS21499 Host Europe GmbH	67000	France	tier_3	3	ip-92-205-4-117.ip.secureserver.net	nan
47	54.205.240.192	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	3	ec2-54-205-240-192.compute-1.amazonaws.com	nan
48	52.73.87.228	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	3	ec2-52-73-87-228.compute-1.amazonaws.com	nan
49	157.245.242.152	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	3	nan	nan
50	157.245.84.7	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	2	nan	nan
51	52.217.94.206	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
52	52.216.106.134	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
53	52.217.64.246	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
54	52.216.178.237	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
55	52.216.22.45	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
56	52.44.140.30	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	2	ec2-52-44-140-30.compute-1.amazonaws.com	nan
57	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	2	pool-100-37-135-2.nycmny.fios.verizon.net	nan
58	3.234.0.165	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-3-234-0-165.compute-1.amazonaws.com	nan
59	52.217.194.192	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶