viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	165	168	662	1	22	2021-04-08	64.32.8.68	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	gaitametore.com	1	Blisternet, Incorporated	NS1.DNSNUTS.COM	None
1	tier_1	cupidonx.com	1	eNom375, Incorporated	NS1.DNSNUTS.COM	None
2	tier_1	brickerenterprise.com	1	NamePal.com #8011 Inc.	NS1.DNSNUTS.COM	None
3	tier_1	fuge.it	1	Munpe Invest SL	n	None
4	tier_1	antiilluminati.net	1	Hawthornedomains.com LLC	NS1.DNSNUTS.COM	None
5	tier_1	beritatrendz.com	1	Nameselite, LLC	NS1.DNSNUTS.COM	None
6	tier_1	bagustekno.net	1	Zone of Domains LLC	NS1.DNSNUTS.COM	None
7	tier_1	cilipu.com	1	eNomSky, Inc.	NS1.DNSNUTS.COM	None
8	tier_1	aptrk10.com	1	One Putt, Inc. (formerly:Z-Core, Inc.)	NS1.DNSNUTS.COM	None
9	tier_1	dconvert.net	1	eNomFor, Inc.	NS1.DNSNUTS.COM	None
10	tier_2	btpnav.com	56	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
11	tier_2	1496.rawlexi.com	35	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
12	tier_2	americanlisted.com	34	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
13	tier_2	9nl.es	34	None	None	None
14	tier_2	newre-conversions.clickmeter.com	34	REGISTER S.P.A.	NS-1498.AWSDNS-59.ORG	REDACTED FOR PRIVACY
15	tier_2	trk.jometer.com	34	Amazon Registrar, Inc.	NS-129.AWSDNS-16.COM	Whois Privacy Service
16	tier_2	api.l5srv.net	34	GoDaddy.com, LLC	NS53.DOMAINCONTROL.COM	Domains By Proxy, LLC
17	tier_2	nizephoros-pom.com	28	Amazon Registrar, Inc.	NS-1192.AWSDNS-21.ORG	Whois Privacy Service
18	tier_2	click.expmediadirect.com	18	None	None	None
19	tier_2	managerformula.com	12	None	None	None
20	tier_2	track.vcdc.com	10	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
21	tier_2	asufij.xyz	10	None	None	None
22	tier_2	hureseyd.top	9	NameSilo, LLC	ns1.selectel.org	See PrivacyGuardian.org
23	tier_2	clk.rtpdn12.com	7	None	None	None
24	tier_2	btpnative.com	7	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnative.com
25	tier_2	infopicked.com	6	None	None	None
26	tier_2	api.apptap.com	6	Amazon Registrar, Inc.	NS-1256.AWSDNS-29.ORG	Whois Privacy Service
27	tier_2	api.mplayit.com	6	Amazon Registrar, Inc.	NS-1236.AWSDNS-26.ORG	Whois Privacy Service
28	tier_2	redirect.viglink.com	6	Amazon Registrar, Inc.	NS1.VIGLINK.COM	Whois Privacy Service
29	tier_2	link.sylikes.com	6	MarkMonitor, Inc.	NS-1063.AWSDNS-04.ORG	Connexity, Inc.
30	tier_3	upward.careers	34	GoDaddy.com, LLC	ns21.domaincontrol.com	Domains By Proxy, LLC
31	tier_3	managerformula.com	15	None	None	None
32	tier_3	s3.amazonaws.com	13	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
33	tier_3	xzb.subeamy.pw	10	None	None	None
34	tier_3	blockchain-com.email	4	NameSilo, LLC	ns1.selectel.org	See PrivacyGuardian.org
35	tier_3	reebok.com	4	CSC CORPORATE DOMAINS, INC.	NS1.NETNAMES.NET	Reebok International, Ltd.
36	tier_3	play.google.com	3	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google LLC
37	tier_3	bing.com	3	None	None	None
38	tier_3	check-your-profitzone.life	2	None	None	None
39	tier_3	rd.bizrate.com	2	None	None	None
40	tier_3	runnewest-bestextremelyfile.best	2	None	None	None
41	tier_3	americanlisted.com	1	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
42	tier_3	lastminute.com	1	MarkMonitor, Inc.	NS-1042.AWSDNS-02.ORG	Bravonext S.A.
43	tier_3	apple.global-info.space	1	None	None	None
44	tier_3	booking.com	1	None	None	None
45	tier_3	wayfair.com	1	None	None	None

	ip	hostname	city	region	org	postal	country_name	tier	count	anycast
0	64.32.8.70	customer.sharktech.net	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	21	nan
1	64.32.8.67	customer.sharktech.net	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	16	nan
2	185.107.56.60	nan	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	14	nan
3	64.32.8.69	customer.sharktech.net	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	11	nan
4	64.32.8.68	customer.sharktech.net	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	10	nan
5	185.107.56.58	nan	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	10	nan
6	185.107.56.59	nan	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	8	nan
7	185.107.56.57	nan	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	7	nan
8	209.15.13.136	nan	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	67	nan
9	198.54.112.216	nan	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	36	nan
10	35.209.61.240	240.61.209.35.bc.googleusercontent.com	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	1	nan
11	67.227.173.37	nan	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_2	34	nan
12	23.21.53.13	ec2-23-21-53-13.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	21	nan
13	23.21.166.230	ec2-23-21-166-230.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	18	nan
14	198.134.116.30	nan	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	18	nan
15	54.197.247.190	ec2-54-197-247-190.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	16	nan
16	54.235.205.204	ec2-54-235-205-204.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	13	nan
17	192.138.218.207	rd.bizrate.com	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	2	nan
18	99.84.114.17	server-99-84-114-17.ewr52.r.cloudfront.net	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	10	nan
19	167.233.8.197	static.197.8.233.167.clients.your-server.de	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	10	nan
20	99.84.114.25	server-99-84-114-25.ewr52.r.cloudfront.net	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	10	nan
21	34.197.176.2	ec2-34-197-176-2.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	9	nan
22	34.207.43.7	ec2-34-207-43-7.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	9	nan
23	185.233.2.13	nan	Saint Petersburg	St.-Petersburg	AS48096 Enterprise Cloud Ltd.	190000	Russia	tier_2	9	nan
24	99.84.114.65	server-99-84-114-65.ewr52.r.cloudfront.net	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	8	nan
25	173.239.53.32	nan	New York City	New York	AS27257 Webair Internet Development Company Inc.	10004	United States	tier_2	8	nan
26	173.192.101.24	18.65.c0ad.ip4.static.sl-reverse.com	Dallas	Texas	AS36351 SoftLayer Technologies Inc.	75270	United States	tier_2	7	nan
27	52.206.141.190	ec2-52-206-141-190.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	7	nan
28	67.227.172.40	nan	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_3	34	nan
29	23.38.167.202	a23-38-167-202.deploy.static.akamaitechnologies.com	Philadelphia	Pennsylvania	AS20940 Akamai International B.V.	19099	United States	tier_3	8	nan
30	35.165.21.241	ec2-35-165-21-241.us-west-2.compute.amazonaws.com	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_3	7	nan
31	23.38.167.227	a23-38-167-227.deploy.static.akamaitechnologies.com	Philadelphia	Pennsylvania	AS20940 Akamai International B.V.	19099	United States	tier_3	4	nan
32	23.44.210.223	a23-44-210-223.deploy.static.akamaitechnologies.com	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_3	4	nan
33	23.38.167.192	a23-38-167-192.deploy.static.akamaitechnologies.com	Philadelphia	Pennsylvania	AS20940 Akamai International B.V.	19099	United States	tier_3	3	nan
34	52.88.215.122	ec2-52-88-215-122.us-west-2.compute.amazonaws.com	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_3	3	nan
35	172.217.165.142	lax30s03-in-f14.1e100.net	Los Angeles	California	AS15169 Google LLC	90009	United States	tier_3	2	nan
36	52.217.88.230	s3-1.amazonaws.com	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	nan
37	5.8.47.52	nan	Haarlem	North Holland	AS209813 Fast Content Delivery LTD	2031	Netherlands	tier_3	2	nan
38	13.107.21.200	nan	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	2	True
39	31.184.202.191	nan	Haarlem	North Holland	AS209813 Fast Content Delivery LTD	2031	Netherlands	tier_3	2	nan
40	192.138.218.207	rd.bizrate.com	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	2	nan
41	100.37.135.2	pool-100-37-135-2.nycmny.fios.verizon.net	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	2	nan
42	52.217.110.190	s3-1.amazonaws.com	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	nan
43	52.20.53.118	ec2-52-20-53-118.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	2	nan
44	204.79.197.200	a-0001.a-msedge.net	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	1	True
45	52.217.89.198	s3-1.amazonaws.com	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	nan
46	52.216.147.150	s3-1.amazonaws.com	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	nan
47	52.216.99.61	s3-1.amazonaws.com	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	nan
48	142.250.80.14	lga34s33-in-f14.1e100.net	New York City	New York	AS15169 Google LLC	10004	United States	tier_3	1	nan
49	52.216.100.245	s3-1.amazonaws.com	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	nan
50	52.217.79.126	s3-1.amazonaws.com	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	nan
51	35.209.61.240	240.61.209.35.bc.googleusercontent.com	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	1	nan
52	52.217.169.16	s3-1.amazonaws.com	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	nan
53	52.217.13.166	s3-1.amazonaws.com	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	nan
54	104.18.142.27	nan	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	True
55	52.216.16.155	s3-1.amazonaws.com	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	nan
56	52.217.102.62	s3-1.amazonaws.com	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	nan
57	104.21.78.145	nan	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	True

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶