viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	123	116	398	0	35	2021-01-17	37.48.65.151	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	bitenergy.org	1	Allearthdomains.com LLC	NS1.COMMONMX.COM	None
1	tier_1	write.name	1	None	None	None
2	tier_1	beactivedentist.com	1	enom1008, Inc.	NS1.COMMONMX.COM	None
3	tier_1	5ka.me	1	Dynadot, LLC	None	None
4	tier_1	9novels.net	1	! #1 Host Japan, Inc.	NS1.DNSNUTS.COM	The Management Group II
5	tier_1	3files.net	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0158497154
6	tier_1	andisucirta.com	1	DYNADOT14 LLC	NS1.COMMONMX.COM	None
7	tier_1	vikings.name	1	None	None	None
8	tier_1	applique.me	1	GoDaddy.com, LLC	None	None
9	tier_1	archives.name	1	None	None	None
10	tier_2	1496.wcitianka.com	31	GoDaddy Online Services Cayman Islands LTD	NS-1096.AWSDNS-09.ORG	None
11	tier_2	americanlisted.com	31	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
12	tier_2	click.appcast.io	29	101Domain GRS Ltd	NS-85.AWSDNS-10.COM	None
13	tier_2	dprtb.com	27	1API GmbH	NS1.DNSIMPLE.COM	REDACTED FOR PRIVACY
14	tier_2	5339.wcitianka.com	27	GoDaddy Online Services Cayman Islands LTD	NS-1096.AWSDNS-09.ORG	None
15	tier_2	tr.trackingsys.tech	27	DonDominio (SCIP)	NS1.DONDOMINIO.COM	Soluciones Corporativas IP, c/o Whois Proxy
16	tier_2	get38.admedit.net	27	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
17	tier_2	careerbliss.com	12	GoDaddy.com, LLC	NS10.DNSMADEEASY.COM	Domains By Proxy, LLC
18	tier_2	trk.careerbliss.com	12	GoDaddy.com, LLC	NS10.DNSMADEEASY.COM	Domains By Proxy, LLC
19	tier_2	open.app.jobrapido.com	6	Marcaria.com International, Inc.	NS-CLOUD-D1.GOOGLEDOMAINS.COM	GDPR Masked
20	tier_3	careerbliss.com	17	GoDaddy.com, LLC	NS10.DNSMADEEASY.COM	Domains By Proxy, LLC
21	tier_3	soft4update.findperfectplaces4download.work	5	None	None	None
22	tier_3	installworking.findyourultimateplayersfirst.best	4	None	None	None
23	tier_3	workingupdate.findyourultimateplayersfirst.best	4	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
24	tier_3	ready4maintain.findyourultimateplayersfirst.best	4	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
25	tier_3	upgradelive.findperfectplaces4download.work	3	None	None	None
26	tier_3	update2new.thestablegreatupgrades.best	3	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
27	tier_3	checksoft.findyourultimateplayersfirst.best	3	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	WhoisGuard, Inc.
28	tier_3	applytothisjob.com	2	GoDaddy.com, LLC	NS-1499.AWSDNS-59.ORG	JobDig
29	tier_3	google.com	2	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google LLC

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.218	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	13	nan	nan
1	207.244.67.215	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	11	nan	nan
2	207.244.67.216	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	8	nan	nan
3	207.244.67.214	Manassas	Virginia	AS30633 Leaseweb USA, Inc.	20108	United States	tier_1	8	nan	nan
4	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	5	nan	nan
5	206.221.176.184	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	4	nan	nan
6	185.107.56.200	Amsterdam	North Holland	AS43350 NForce Entertainment B.V.	1012	Netherlands	tier_1	3	nan	nan
7	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	2	nan	nan
8	37.48.65.150	Soest	Utrecht	AS60781 LeaseWeb Netherlands B.V.	3765	Netherlands	tier_1	2	nan	nan
9	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	2	nan	nan
10	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	58	nan	nan
11	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_2	31	240.61.209.35.bc.googleusercontent.com	nan
12	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	28	nan	nan
13	34.231.10.22	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23479	United States	tier_2	27	ec2-34-231-10-22.compute-1.amazonaws.com	nan
14	137.74.180.226	Strasbourg	Grand Est	AS16276 OVH SAS	67000	France	tier_2	27	ip226.ip-137-74-180.eu	nan
15	207.38.44.116	Los Angeles	California	AS5693 Latisys-Irvine, LLC	90009	United States	tier_3	17	cbsmtp1.careerbliss.com	nan
16	34.194.75.233	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23479	United States	tier_2	16	ec2-34-194-75-233.compute-1.amazonaws.com	nan
17	3.211.178.164	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23479	United States	tier_2	13	ec2-3-211-178-164.compute-1.amazonaws.com	nan
18	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	2	pool-100-37-135-2.nycmny.fios.verizon.net	nan
19	178.33.228.114	Roubaix	Hauts-de-France	AS16276 OVH SAS	59051 CEDEX 1	France	tier_2	6	ns3021656.ip-178-33-228.eu	nan
20	54.175.171.244	Virginia Beach	Virginia	AS14618 Amazon.com, Inc.	23479	United States	tier_3	27	ec2-54-175-171-244.compute-1.amazonaws.com	nan
21	207.38.44.116	Los Angeles	California	AS5693 Latisys-Irvine, LLC	90009	United States	tier_3	17	cbsmtp1.careerbliss.com	nan
22	209.236.97.202	Minneapolis	Minnesota	AS13649 Flexential Colorado Corp.	55440	United States	tier_3	2	nan	nan
23	184.87.68.204	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	2	a184-87-68-204.deploy.static.akamaitechnologies.com	nan
24	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	2	pool-100-37-135-2.nycmny.fios.verizon.net	nan
25	35.246.171.123	Frankfurt am Main	Hesse	AS15169 Google LLC	60311	Germany	tier_3	2	123.171.246.35.bc.googleusercontent.com	nan
26	52.217.87.164	Virginia Beach	Virginia	AS16509 Amazon.com, Inc.	23479	United States	tier_3	1	s3-1-w.amazonaws.com	nan
27	172.217.9.228	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_3	1	lga34s11-in-f4.1e100.net	nan
28	23.227.38.32	Ottawa	Ontario	AS13335 Cloudflare, Inc.	K2P	Canada	tier_3	1	myshopify.com	True
29	172.232.19.91	Newark	New Jersey	AS20940 Akamai International B.V.	07175	United States	tier_3	1	a172-232-19-91.deploy.static.akamaitechnologies.com	nan

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶