viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	137	146	483	0	17	2021-04-09	64.32.8.68	Chrome

	tier	domain	count	registrar	name_servers	org
0	tier_1	ciliguai.com	1	eNom437, Incorporated	NS1.DNSNUTS.COM	The Management Group II
1	tier_1	9ref.com	1	Lionshare Domains, LLC	NS1.DNSNUTS.COM	The Management Group II
2	tier_1	9novels.net	1	! #1 Host Japan, Inc.	NS1.DNSNUTS.COM	The Management Group II
3	tier_1	chastnoevideo.net	1	eNomEU, Inc.	NS1.DNSNUTS.COM	None
4	tier_1	cuocsong365.net	1	Flancrestdomains.com LLC	NS1.DNSNUTS.COM	None
5	tier_1	elektrononline.net	1	Blue Angel Domains LLC	NS1.DNSNUTS.COM	None
6	tier_1	aayaamlabs.com	1	enom666, Inc.	NS1.DNSNUTS.COM	None
7	tier_1	cheapvba.com	1	Adomainofyourown.com LLC	NS1.DNSNUTS.COM	None
8	tier_1	aptrk10.com	1	One Putt, Inc. (formerly:Z-Core, Inc.)	NS1.DNSNUTS.COM	None
9	tier_1	divxgay.net	1	eNom427, Incorporated	NS1.DNSNUTS.COM	None
10	tier_2	api.apptap.com	22	Amazon Registrar, Inc.	NS-1256.AWSDNS-29.ORG	Whois Privacy Service
11	tier_2	redirect.viglink.com	22	Amazon Registrar, Inc.	NS1.VIGLINK.COM	Whois Privacy Service
12	tier_2	link.sylikes.com	22	MarkMonitor, Inc.	NS-1063.AWSDNS-04.ORG	Connexity, Inc.
13	tier_2	aristo-hag.com	20	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
14	tier_2	rd.bizrate.com	19	None	None	None
15	tier_2	track.vcdc.com	17	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
16	tier_2	rd.connexity.net	17	None	None	None
17	tier_2	click.expmediadirect.com	13	None	None	None
18	tier_2	api.mplayit.com	12	Amazon Registrar, Inc.	NS-1236.AWSDNS-26.ORG	Whois Privacy Service
19	tier_2	clk.rtpdn12.com	11	None	None	None
20	tier_2	ads35.adtelligent.com	11	DANESCO TRADING LTD	NS.ANYCASTNS1.ORG	Vertamedia,LLC
21	tier_2	dsp35.adtelligent.com	11	DANESCO TRADING LTD	NS.ANYCASTNS1.ORG	Vertamedia,LLC
22	tier_2	externals-1953518744.us-east-1.elb.amazonaws.com	11	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
23	tier_2	search.snjsearch.com	11	GoDaddy.com, LLC	NS73.DOMAINCONTROL.COM	Domains By Proxy, LLC
24	tier_2	lulus.com	10	GoDaddy.com, LLC	NS-1116.AWSDNS-11.ORG	Domains By Proxy, LLC
25	tier_2	btpnav.com	10	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
26	tier_2	infopicked.com	9	None	None	None
27	tier_2	aldb1.mysearch.space	9	None	None	None
28	tier_2	btpnative.com	8	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnative.com
29	tier_2	nizephoros-pom.com	6	Amazon Registrar, Inc.	NS-1192.AWSDNS-21.ORG	None
30	tier_3	lulus.com_LOOP_1	10	None	None	None
31	tier_3	bing.com	10	MarkMonitor, Inc.	DNS1.P09.NSONE.NET	Microsoft Corporation
32	tier_3	rd.bizrate.com	8	None	None	None
33	tier_3	cehappear.fun	5	Dynadot LLC	AIDEN.NS.CLOUDFLARE.COM	None
34	tier_3	loyality-program.com	4	Amazon Registrar, Inc.	NS-108.AWSDNS-13.COM	None
35	tier_3	toryburch.com	3	CSC CORPORATE DOMAINS, INC.	DNS1.CSCDNS.NET	River Light V, L.P.
36	tier_3	aeropostale.com	2	Network Solutions, LLC	NS1.P17.DYNECT.NET	None
37	tier_3	2.mediagate.casa	2	None	None	None
38	tier_3	chrismoneymaker.com	2	GoDaddy.com, LLC	NS65.DOMAINCONTROL.COM	Amaya Services Limited
39	tier_3	aliexpress.com_LOOP_1	2	None	None	None
40	tier_3	google.com_LOOP_1	1	None	None	None
41	tier_3	google.com	1	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google LLC
42	tier_3	nissanusa.com	1	None	None	None
43	tier_3	ram21.proasdf.com	1	GoDaddy.com, LLC	NS61.DOMAINCONTROL.COM	Domains By Proxy, LLC
44	tier_3	appliancesconnection.com	1	GoDaddy.com, LLC	NS67.DOMAINCONTROL.COM	Domains By Proxy, LLC
45	tier_3	wayfair.com	1	None	None	None
46	tier_3	3.mediagate.casa	1	None	None	None
47	tier_3	venus.com	1	GoDaddy.com, LLC	NS0.DNSMADEEASY.COM	Venus Fashion, Inc.
48	tier_3	lulus.com	1	GoDaddy.com, LLC	NS-1116.AWSDNS-11.ORG	Domains By Proxy, LLC
49	tier_3	0.mediagate.casa	1	None	None	None
50	tier_3	bestsecretflirt.com	1	GoDaddy.com, LLC	NS0.DNSMADEEASY.COM	None
51	tier_3	volume.com	1	DYNADOT, LLC	A.NS.VOLUME.COM	None
52	tier_3	mergerinvesting.com	1	None	None	None
53	tier_3	slotocash.im	1	None	dane.ns.cloudflare.com.	None

	ip	hostname	city	region	org	postal	country_name	tier	count	anycast
0	64.32.8.70	customer.sharktech.net	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	16	nan
1	185.107.56.58	nan	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	10	nan
2	64.32.8.68	customer.sharktech.net	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	9	nan
3	185.107.56.60	nan	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	7	nan
4	64.32.8.69	customer.sharktech.net	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	6	nan
5	64.32.8.67	customer.sharktech.net	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	5	nan
6	185.107.56.57	nan	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	5	nan
7	185.107.56.59	nan	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	4	nan
8	192.138.218.207	nan	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	8	nan
9	178.62.225.201	nan	Amsterdam	North Holland	AS14061 DigitalOcean, LLC	1012	Netherlands	tier_3	4	nan
10	209.15.13.136	nan	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	18	nan
11	167.233.8.197	static.197.8.233.167.clients.your-server.de	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	17	nan
12	192.138.218.139	rd.connexity.net	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_2	17	nan
13	52.206.141.190	ec2-52-206-141-190.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	13	nan
14	198.134.116.30	nan	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	13	nan
15	173.239.53.32	nan	New York City	New York	AS27257 Webair Internet Development Company Inc.	10004	United States	tier_2	12	nan
16	3.226.37.31	ec2-3-226-37-31.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	12	nan
17	52.205.177.114	ec2-52-205-177-114.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	12	nan
18	52.72.29.7	ec2-52-72-29-7.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	11	nan
19	209.205.202.42	static-42-202-205-209.24shells.net	New York City	New York	AS55081 24 SHELLS	10004	United States	tier_2	11	nan
20	209.205.202.43	static-43-202-205-209.24shells.net	New York City	New York	AS55081 24 SHELLS	10004	United States	tier_2	11	nan
21	35.162.164.74	ec2-35-162-164-74.us-west-2.compute.amazonaws.com	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_2	11	nan
22	151.101.1.151	nan	San Francisco	California	AS54113 Fastly	94107	United States	tier_3	1	True
23	52.29.135.45	ec2-52-29-135-45.eu-central-1.compute.amazonaws.com	Frankfurt am Main	Hesse	AS16509 Amazon.com, Inc.	60311	Germany	tier_2	10	nan
24	34.225.128.119	ec2-34-225-128-119.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	10	nan
25	173.192.101.24	18.65.c0ad.ip4.static.sl-reverse.com	Dallas	Texas	AS36351 SoftLayer Technologies Inc.	75270	United States	tier_2	9	nan
26	34.197.67.232	ec2-34-197-67-232.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	9	nan
27	88.99.101.106	static.106.101.99.88.clients.your-server.de	Hohen Neuendorf	Brandenburg	AS24940 Hetzner Online GmbH	16540	Germany	tier_2	8	nan
28	100.37.135.2	pool-100-37-135-2.nycmny.fios.verizon.net	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	13	nan
29	204.79.197.200	a-0001.a-msedge.net	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	8	True
30	192.138.218.207	nan	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	8	nan
31	178.62.225.201	nan	Amsterdam	North Holland	AS14061 DigitalOcean, LLC	1012	Netherlands	tier_3	4	nan
32	34.192.40.54	ec2-34-192-40-54.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	4	nan
33	52.85.132.55	server-52-85-132-55.iad50.r.cloudfront.net	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	3	nan
34	104.17.224.18	nan	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	2	True
35	92.205.4.117	ip-92-205-4-117.ip.secureserver.net	Strasbourg	Grand Est	AS21499 Host Europe GmbH	67000	France	tier_3	2	nan
36	13.107.21.200	nan	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	2	True
37	23.59.250.74	a23-59-250-74.deploy.static.akamaitechnologies.com	Newark	New Jersey	AS20940 Akamai International B.V.	07175	United States	tier_3	2	nan
38	172.217.12.196	lga25s63-in-f4.1e100.net	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_3	1	nan
39	23.51.162.53	a23-51-162-53.deploy.static.akamaitechnologies.com	Philadelphia	Pennsylvania	AS16625 Akamai Technologies, Inc.	19099	United States	tier_3	1	nan
40	162.243.10.151	nan	New York City	New York	AS14061 DigitalOcean, LLC	10011	United States	tier_3	1	nan
41	24.157.42.211	189d2ad3.cst.lightpath.net	New York City	New York	AS6128 Cablevision Systems Corp.	10004	United States	tier_3	1	nan
42	96.16.29.13	a96-16-29-13.deploy.static.akamaitechnologies.com	New York City	New York	AS16625 Akamai Technologies, Inc.	10004	United States	tier_3	1	nan
43	99.84.176.94	server-99-84-176-94.iad89.r.cloudfront.net	Washington	Washington, D.C.	AS16509 Amazon.com, Inc.	20045	United States	tier_3	1	nan
44	23.33.138.137	a23-33-138-137.deploy.static.akamaitechnologies.com	New York City	New York	AS16625 Akamai Technologies, Inc.	10004	United States	tier_3	1	nan
45	151.101.1.151	nan	San Francisco	California	AS54113 Fastly	94107	United States	tier_3	1	True
46	88.80.185.92	li678-92.members.linode.com	London	England	AS63949 Linode, LLC	EC1A	United Kingdom	tier_3	1	nan
47	23.59.250.96	a23-59-250-96.deploy.static.akamaitechnologies.com	Newark	New Jersey	AS20940 Akamai International B.V.	07175	United States	tier_3	1	nan
48	104.22.71.250	nan	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	True
49	45.55.189.248	nan	Clifton	New Jersey	AS14061 DigitalOcean, LLC	07014	United States	tier_3	1	nan
50	52.85.132.46	server-52-85-132-46.iad50.r.cloudfront.net	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	nan
51	172.67.75.151	nan	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	True

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶