viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	163	161	600	0	16	2021-04-21	64.32.8.68	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	freemoneysystem.net	1	Interlakenames.com LLC	NS1.DNSNUTS.COM	The Management Group II
1	tier_1	clipxplore.com	1	SouthNames Inc.	NS1.DNSNUTS.COM	The Management Group II
2	tier_1	albumkings.net	1	Snoqulamiedomains.com LLC	NS1.DNSNUTS.COM	The Management Group II
3	tier_1	drmommyonline.com	1	DevilDogDomains.com, LLC	NS1.DNSNUTS.COM	The Management Group II
4	tier_1	buysql.com	1	Long Drive Domains LLC	NS1.DNSNUTS.COM	None
5	tier_1	beritatrendz.com	1	Nameselite, LLC	NS1.DNSNUTS.COM	None
6	tier_1	dakmm.com	1	Private Domains, Incorporated	NS1.DNSNUTS.COM	None
7	tier_1	alchemicalpsychology.com	1	enom1033, Inc.	NS1.DNSNUTS.COM	None
8	tier_1	kahimyang.info	1	Allearthdomains.com LLC	NS1.DNSNUTS.COM	['The Management Group II', 'Statutory Masking Enabled']
9	tier_1	download-wallpaper.net	1	eNom461, Incorporated	NS1.DNSNUTS.COM	The Management Group II
10	tier_2	1496.rawlexi.com	76	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
11	tier_2	americanlisted.com	70	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
12	tier_2	9nl.es	30	None	None	None
13	tier_2	newre-conversions.clickmeter.com	30	REGISTER S.P.A.	NS-1498.AWSDNS-59.ORG	REDACTED FOR PRIVACY
14	tier_2	trk.jometer.com	28	Amazon Registrar, Inc.	NS-129.AWSDNS-16.COM	Whois Privacy Service
15	tier_2	api.l5srv.net	28	GoDaddy.com, LLC	NS53.DOMAINCONTROL.COM	Domains By Proxy, LLC
16	tier_2	click.appcast.io	23	101Domain GRS Ltd	NS-85.AWSDNS-10.COM	None
17	tier_2	careerbliss.com	15	GoDaddy.com, LLC	NS10.DNSMADEEASY.COM	Domains By Proxy, LLC
18	tier_2	trk.careerbliss.com	15	GoDaddy.com, LLC	NS10.DNSMADEEASY.COM	Domains By Proxy, LLC
19	tier_2	aristo-hag.com	11	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
20	tier_2	track.vcdc.com	10	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
21	tier_2	click.appcast.io_LOOP_1	10	None	None	None
22	tier_2	btpnav.com	10	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
23	tier_2	nizephoros-pom.com	6	Amazon Registrar, Inc.	NS-1192.AWSDNS-21.ORG	Whois Privacy Service
24	tier_2	managerformula.com	6	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
25	tier_2	us.expand-backend.mindmatch.ai	3	None	None	None
26	tier_2	linkup.com	3	GoDaddy.com, LLC	NS-102.AWSDNS-12.COM	JobDig
27	tier_2	linkup.com_LOOP_1	3	None	None	None
28	tier_2	linkup.com_LOOP_2	3	None	None	None
29	tier_2	click.expmediadirect.com	2	NAMECHEAP INC	NS1.LINODE.COM	Privacy service provided by Withheld for Privacy ehf
30	tier_3	upward.careers	28	GoDaddy.com, LLC	ns21.domaincontrol.com	Domains By Proxy, LLC
31	tier_3	google.com	11	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google LLC
32	tier_3	irl.com	11	GoDaddy.com, LLC	NS-106.AWSDNS-13.COM	Domains By Proxy, LLC
33	tier_3	careerbliss.com	8	GoDaddy.com, LLC	NS10.DNSMADEEASY.COM	Domains By Proxy, LLC
34	tier_3	s3.amazonaws.com	6	MarkMonitor Inc.	R1.AMAZONAWS.COM	None
35	tier_3	americanlisted.com	6	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
36	tier_3	juju.com	3	Network Solutions, LLC	NS-1111.AWSDNS-10.ORG	Juju Inc.
37	tier_3	linkedin.com	2	MarkMonitor, Inc.	DNS1.P09.NSONE.NET	LinkedIn Corporation
38	tier_3	us.allthetopbananas.com	2	ENOM, INC.	DANE.NS.CLOUDFLARE.COM	REDACTED FOR PRIVACY
39	tier_3	click.joveo.com	2	Go Canada Domains, LLC	NS-1256.AWSDNS-29.ORG	Domains By Proxy, LLC
40	tier_3	albeebaby.com_LOOP_1	1	None	None	None
41	tier_3	click.appcast.io_LOOP_1	1	None	None	None
42	tier_3	savatree.com	1	GoDaddy.com, LLC	AURORA.NS.CLOUDFLARE.COM	SavATree
43	tier_3	jobs.intuit.com	1	MarkMonitor, Inc.	A1-182.AKAM.NET	Intuit Inc.
44	tier_3	joblift.com	1	INWX GmbH & Co. KG	NS-CLOUD-E1.GOOGLEDOMAINS.COM	REDACTED FOR PRIVACY
45	tier_3	neuvoo.com	1	None	None	None
46	tier_3	click.appcast.io_LOOP_2	1	None	None	None
47	tier_3	caregivers.careinhomes.com	1	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Redacted for Privacy Purposes
48	tier_3	11167218.searchiqnet.com	1	GoDaddy.com, LLC	NS57.DOMAINCONTROL.COM	Domains By Proxy, LLC
49	tier_3	manhattanjobs.com	1	ENOM, INC.	DNS1.NAME-SERVICES.COM	REDACTED FOR PRIVACY
50	tier_3	us.mindmatch.ai	1	None	None	None
51	tier_3	runnewest-bestextremelyfile.best	1	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
52	tier_3	jobs.compassgroupcareers.com	1	Network Solutions, LLC	NS-1431.AWSDNS-50.ORG	Compass Group USA Inc.
53	tier_3	jobs.bswhealth.com	1	Network Solutions, LLC	NS03.BAYLORHEALTHCARE.COM	Baylor Health Care System
54	tier_3	us.tideri.com	1	united domains AG	NS.UDAG.DE	None
55	tier_3	slotocash.im	1	None	dane.ns.cloudflare.com.	None
56	tier_3	amazonhvh.thejobnetwork.com	1	GoDaddy.com, LLC	NS-1356.AWSDNS-41.ORG	RealMatch
57	tier_3	jobs.jobget.com	1	Amazon Registrar, Inc.	NS-1314.AWSDNS-36.ORG	Whois Privacy Service

	ip	hostname	city	region	org	postal	country_name	tier	count	anycast
0	64.32.8.68	customer.sharktech.net	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	19	nan
1	64.32.8.67	customer.sharktech.net	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	14	nan
2	64.32.8.70	customer.sharktech.net	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	14	nan
3	185.107.56.59	nan	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	13	nan
4	185.107.56.58	nan	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	10	nan
5	64.32.8.69	customer.sharktech.net	Los Angeles	California	AS46844 Sharktech	90009	United States	tier_1	9	nan
6	185.107.56.60	nan	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	9	nan
7	185.107.56.57	nan	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	9	nan
8	198.54.112.216	nan	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	77	nan
9	35.209.61.240	240.61.209.35.bc.googleusercontent.com	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	6	nan
10	207.38.44.116	cbsmtp1.careerbliss.com	Los Angeles	California	AS5693 Latisys-Irvine, LLC	90009	United States	tier_3	8	nan
11	67.227.173.37	nan	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_2	28	nan
12	54.197.247.190	ec2-54-197-247-190.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	19	nan
13	100.37.135.2	pool-100-37-135-2.nycmny.fios.verizon.net	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	3	nan
14	54.235.205.204	ec2-54-235-205-204.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	17	nan
15	23.21.53.13	ec2-23-21-53-13.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	13	nan
16	23.21.166.45	ec2-23-21-166-45.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	11	nan
17	99.84.114.17	server-99-84-114-17.ewr52.r.cloudfront.net	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	11	nan
18	167.233.8.197	static.197.8.233.167.clients.your-server.de	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	10	nan
19	209.15.13.136	nan	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	10	nan
20	100.25.52.1	ec2-100-25-52-1.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	8	nan
21	52.72.29.7	ec2-52-72-29-7.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	8	nan
22	3.234.0.165	ec2-3-234-0-165.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	8	nan
23	99.84.114.53	server-99-84-114-53.ewr52.r.cloudfront.net	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	8	nan
24	52.3.4.129	ec2-52-3-4-129.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	7	nan
25	99.84.114.65	server-99-84-114-65.ewr52.r.cloudfront.net	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	6	nan
26	34.197.176.2	ec2-34-197-176-2.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	4	nan
27	34.120.235.106	106.235.120.34.bc.googleusercontent.com	Kansas City	Missouri	AS15169 Google LLC	64121	United States	tier_2	3	True
28	67.227.172.40	nan	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_3	28	nan
29	207.38.44.116	cbsmtp1.careerbliss.com	Los Angeles	California	AS5693 Latisys-Irvine, LLC	90009	United States	tier_3	8	nan
30	172.217.10.100	lga34s15-in-f4.1e100.net	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_3	6	nan
31	35.209.61.240	240.61.209.35.bc.googleusercontent.com	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	6	nan
32	172.217.12.164	lga25s62-in-f4.1e100.net	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_3	3	nan
33	54.205.240.192	ec2-54-205-240-192.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	3	nan
34	100.37.135.2	pool-100-37-135-2.nycmny.fios.verizon.net	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	3	nan
35	52.216.240.38	s3-1.amazonaws.com	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	nan
36	13.107.42.14	nan	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	2	True
37	3.211.162.98	ec2-3-211-162-98.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	2	nan
38	67.207.81.229	nan	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	2	nan
39	52.217.82.166	s3-1.amazonaws.com	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	nan
40	64.227.12.111	nan	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	2	nan
41	52.203.36.44	ec2-52-203-36-44.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	2	nan
42	172.217.10.228	lga25s59-in-f4.1e100.net	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_3	2	nan
43	104.26.12.236	nan	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	True
44	99.84.114.67	server-99-84-114-67.ewr52.r.cloudfront.net	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	nan
45	52.216.105.125	s3-1.amazonaws.com	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	nan
46	141.193.213.20	nan	Austin	Texas	AS209242 Cloudflare London, LLC	78701	United States	tier_3	1	True
47	172.232.19.104	a172-232-19-104.deploy.static.akamaitechnologies.com	Newark	New Jersey	AS20940 Akamai International B.V.	07175	United States	tier_3	1	nan
48	35.190.64.22	22.64.190.35.bc.googleusercontent.com	Kansas City	Missouri	AS15169 Google LLC	64121	United States	tier_3	1	True
49	34.232.57.217	ec2-34-232-57-217.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	nan
50	104.26.13.236	nan	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	True
51	52.22.228.123	ec2-52-22-228-123.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	nan
52	209.132.243.15	nan	Los Angeles	California	AS7296 Alchemy Communications, Inc.	90009	United States	tier_3	1	nan
53	67.207.80.24	nan	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_3	1	nan
54	52.73.87.228	ec2-52-73-87-228.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	nan
55	68.168.84.196	196.84.168.68.static.dbsintl.net	Norristown	Pennsylvania	AS17378 TierPoint, LLC	19403	United States	tier_3	1	nan
56	104.21.50.192	nan	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	True
57	52.20.53.118	ec2-52-20-53-118.compute-1.amazonaws.com	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	nan

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶