viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	277	288	1216	0	15	2021-04-07	74.63.241.23	Android

	tier	domain	count	registrar	name_servers	org
0	tier_1	teamice.us	1	Communi Gal Communications Ltd.	ns2.commonmx.com	None
1	tier_1	girlystuff.info	1	Dynadot, LLC	NS1.COMMONMX.COM	None
2	tier_1	uhmanoa.net	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
3	tier_1	studiojimbo.io	1	Dynadot, LLC	NS1.COMMONMX.COM	None
4	tier_1	786.name	1	None	None	None
5	tier_1	misopan.net	1	DYNADOT, LLC	NS1.COMMONMX.COM	None
6	tier_1	yume-baken.com	1	CommuniGal Communication Ltd.	NS1.COMMONMX.COM	None
7	tier_1	editimage.org	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	Virtua Drug Ltd
8	tier_1	mooncake.us	1	Communi Gal Communications Ltd.	ns2.commonmx.com	None
9	tier_1	aashagupta.com	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0158839965
10	tier_2	rugab-ans.com	123	Amazon Registrar, Inc.	NS-1165.AWSDNS-17.ORG	Whois Privacy Service
11	tier_2	btpnav.com	103	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
12	tier_2	atnpx.com	77	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
13	tier_2	click.expmediadirect.com	62	None	None	None
14	tier_2	api.apptap.com	62	Amazon Registrar, Inc.	NS-1256.AWSDNS-29.ORG	Whois Privacy Service
15	tier_2	redirect.viglink.com	62	Amazon Registrar, Inc.	NS1.VIGLINK.COM	Whois Privacy Service
16	tier_2	link.sylikes.com	62	MarkMonitor, Inc.	NS-1063.AWSDNS-04.ORG	Connexity, Inc.
17	tier_2	rd.bizrate.com	56	None	None	None
18	tier_2	rd.connexity.net	45	None	None	None
19	tier_2	api.mplayit.com	42	Amazon Registrar, Inc.	NS-1236.AWSDNS-26.ORG	Whois Privacy Service
20	tier_2	ad.doubleclick.net	21	None	None	None
21	tier_2	media-px.com	15	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
22	tier_2	trackyourmpg.com	11	GoDaddy Online Services Cayman Islands LTD	HUGH.NS.CLOUDFLARE.COM	None
23	tier_2	btpnative.com	10	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnative.com
24	tier_2	infopicked.com	10	None	None	None
25	tier_2	62881.click.validclick.net	5	Safenames Ltd	NS1.FULLMAILBOX.COM	None
26	tier_2	62843.click.validclick.net	5	Safenames Ltd	NS1.FULLMAILBOX.COM	None
27	tier_2	62885.click.validclick.net	4	Safenames Ltd	NS1.FULLMAILBOX.COM	None
28	tier_2	servedby.flashtalking.com	4	MESH DIGITAL LIMITED	NS1.P09.DYNECT.NET	Flashtalking, Inc.
29	tier_2	rd.connexity.net_LOOP_1	4	None	None	None
30	tier_3	robogarden.io	63	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	None
31	tier_3	kbb.com	25	CSC CORPORATE DOMAINS, INC.	PDNS164.ULTRADNS.BIZ	Autotrader.com
32	tier_3	storystudio.sfgate.com	18	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.
33	tier_3	frontgate.com	13	Network Solutions, LLC	NS1.HSN.NET	Cornerstone Brands, Inc.
34	tier_3	overstock.com	10	MarkMonitor, Inc.	DNS1.P01.NSONE.NET	Overstock.com, Inc - TMA606142
35	tier_3	venus.com	9	GoDaddy.com, LLC	NS0.DNSMADEEASY.COM	Venus Fashion, Inc.
36	tier_3	rd.bizrate.com	7	None	None	None
37	tier_3	opticsplanet.com	7	GoDaddy.com, LLC	NS1.ECENTRIA.COM	ECENTRIA IPH, LLC
38	tier_3	berettausa.com	6	Network Solutions, LLC	NS1.AMERICANEAGLE.COM	Beretta USA Corp
39	tier_3	m.placesiteb.xyz	6	Sav.comLLC	HUGH.NS.CLOUDFLARE.COM	Privacy Protection
40	tier_3	socalhondadealers.com	4	None	None	None
41	tier_3	m.gladplacespin.xyz	4	Epik LLC	MARJORY.NS.CLOUDFLARE.COM	Anonymize, Inc.
42	tier_3	ballarddesigns.com_LOOP_1	2	None	None	None
43	tier_3	neuvoo.com	1	MarkMonitor, Inc.	NS-1302.AWSDNS-34.ORG	Talent.com
44	tier_3	b.playspind.xyz	1	Sav.comLLC	HUGH.NS.CLOUDFLARE.COM	Privacy Protection
45	tier_3	win2.trustedpush.com	1	None	None	None
46	tier_3	godaddy.com	1	GoDaddy.com, LLC	A1-245.AKAM.NET	Go Daddy Operating Company, LLC
47	tier_3	hrblock.com	1	MarkMonitor, Inc.	NS3.HRBLOCK.COM	HRB Innovations Inc.
48	tier_3	frontgate.com_LOOP_1	1	None	None	None
49	tier_3	media-px.com	1	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
50	tier_3	birkenstock.com	1	PSI-USA, Inc. dba Domain Robot	A.NS14.NET	BIRKENSTOCK SALES GMBH
51	tier_3	eharmony.com	1	None	None	None
52	tier_3	overstock.com_LOOP_1	1	None	None	None
53	tier_3	fanatics.com_LOOP_1	1	None	None	None
54	tier_3	harryanddavid.com_LOOP_1	1	None	None	None
55	tier_3	win3.trustedpush.com	1	None	None	None
56	tier_3	invictastores.com_LOOP_1	1	None	None	None
57	tier_3	lampsplus.com_LOOP_1	1	None	None	None
58	tier_3	welry.com	1	Amazon Registrar, Inc.	NS-1079.AWSDNS-06.ORG	Whois Privacy Service
59	tier_3	opticsplanet.com_LOOP_1	1	None	None	None

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	30	nan	nan
1	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	28	nan	nan
2	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	26	nan	nan
3	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	22	nan	nan
4	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	18	nan	nan
5	206.221.176.184	Newark	New Jersey	AS23470 ReliableSite.Net LLC	07175	United States	tier_1	17	nan	nan
6	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	17	nan	nan
7	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	14	nan	nan
8	82.192.82.227	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	2	nan	nan
9	185.107.56.200	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	2	nan	nan
10	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	7	rd.bizrate.com	nan
11	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	115	nan	nan
12	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	62	nan	nan
13	192.138.218.139	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_2	45	rd.connexity.net	nan
14	104.26.10.53	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_2	42	nan	True
15	34.197.67.232	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	37	ec2-34-197-67-232.compute-1.amazonaws.com	nan
16	34.225.128.119	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	36	ec2-34-225-128-119.compute-1.amazonaws.com	nan
17	52.206.141.190	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	34	ec2-52-206-141-190.compute-1.amazonaws.com	nan
18	52.205.177.114	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	33	ec2-52-205-177-114.compute-1.amazonaws.com	nan
19	104.26.11.53	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_2	27	nan	True
20	3.226.37.31	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	26	ec2-3-226-37-31.compute-1.amazonaws.com	nan
21	52.72.29.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	24	ec2-52-72-29-7.compute-1.amazonaws.com	nan
22	18.235.67.128	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	22	ec2-18-235-67-128.compute-1.amazonaws.com	nan
23	34.197.176.2	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	22	ec2-34-197-176-2.compute-1.amazonaws.com	nan
24	34.207.43.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	21	ec2-34-207-43-7.compute-1.amazonaws.com	nan
25	52.206.108.38	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	19	ec2-52-206-108-38.compute-1.amazonaws.com	nan
26	204.44.79.214	Los Angeles	California	AS8100 QuadraNet Enterprises LLC	90014	United States	tier_2	18	204.44.79.214.static.quadranet.com	nan
27	54.208.107.202	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	18	ec2-54-208-107-202.compute-1.amazonaws.com	nan
28	172.67.134.220	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_2	14	nan	True
29	173.192.101.24	Dallas	Texas	AS36351 SoftLayer Technologies Inc.	75270	United States	tier_2	10	18.65.c0ad.ip4.static.sl-reverse.com	nan
30	172.67.172.143	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	47	nan	True
31	23.44.217.143	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	25	a23-44-217-143.deploy.static.akamaitechnologies.com	nan
32	98.129.228.57	Dallas	Texas	AS33070 Rackspace Hosting	75270	United States	tier_3	18	nan	nan
33	104.21.80.8	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	16	nan	True
34	184.87.71.113	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	10	a184-87-71-113.deploy.static.akamaitechnologies.com	nan
35	104.77.221.88	New York City	New York	AS16625 Akamai Technologies, Inc.	10004	United States	tier_3	10	a104-77-221-88.deploy.static.akamaitechnologies.com	nan
36	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	9	pool-100-37-135-2.nycmny.fios.verizon.net	nan
37	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	7	rd.bizrate.com	nan
38	152.195.32.168	Ashburn	Virginia	AS15133 MCI Communications Services, Inc. d/b/a Verizon Business	20147	United States	tier_3	7	nan	True
39	23.73.224.199	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_3	6	a23-73-224-199.deploy.static.akamaitechnologies.com	nan
40	104.18.78.149	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	5	nan	True
41	184.85.12.70	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	5	a184-85-12-70.deploy.static.akamaitechnologies.com	nan
42	23.73.235.8	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_3	4	a23-73-235-8.deploy.static.akamaitechnologies.com	nan
43	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	3	pool-100-37-135-2.nycmny.fios.verizon.net	nan
44	35.174.35.73	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	3	ec2-35-174-35-73.compute-1.amazonaws.com	nan
45	104.18.80.149	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	2	nan	True
46	104.18.82.149	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	2	nan	True
47	54.242.20.247	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-54-242-20-247.compute-1.amazonaws.com	nan
48	99.84.114.90	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-114-90.ewr52.r.cloudfront.net	nan
49	184.87.68.204	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a184-87-68-204.deploy.static.akamaitechnologies.com	nan
50	23.73.228.188	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_3	1	a23-73-228-188.deploy.static.akamaitechnologies.com	nan
51	104.21.6.127	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
52	23.38.170.24	Newark	New Jersey	AS20940 Akamai International B.V.	07175	United States	tier_3	1	a23-38-170-24.deploy.static.akamaitechnologies.com	nan
53	104.16.8.138	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
54	34.207.4.240	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-34-207-4-240.compute-1.amazonaws.com	nan
55	104.18.79.149	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
56	104.18.81.149	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
57	99.84.114.35	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-114-35.ewr52.r.cloudfront.net	nan
58	54.236.76.250	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-54-236-76-250.compute-1.amazonaws.com	nan
59	140.174.12.80	Union City	Georgia	AS393259 Yottaa, Inc	30291	United States	tier_3	1	nan	nan

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶