viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	279	277	956	0	16	2021-04-07	74.63.241.23	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	teamice.us	1	Communigal Communication Ltd	ns2.commonmx.com	None
1	tier_1	girlystuff.info	1	Dynadot, LLC	NS1.COMMONMX.COM	None
2	tier_1	uhmanoa.net	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
3	tier_1	studiojimbo.io	1	Dynadot, LLC	NS1.COMMONMX.COM	None
4	tier_1	786.name	1	None	None	None
5	tier_1	misopan.net	1	DYNADOT, LLC	NS1.COMMONMX.COM	None
6	tier_1	yume-baken.com	1	Communigal Communication Ltd	NS1.COMMONMX.COM	None
7	tier_1	editimage.org	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	Virtua Drug Ltd
8	tier_1	mooncake.us	1	Communigal Communication Ltd	ns2.commonmx.com	None
9	tier_1	aashagupta.com	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0158839965
10	tier_2	click.expmediadirect.com	138	None	None	None
11	tier_2	rqhere2.com	138	None	None	None
12	tier_2	btpnav.com	47	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
13	tier_2	1496.rawlexi.com	43	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
14	tier_2	americanlisted.com	35	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
15	tier_2	9nl.es	16	None	None	None
16	tier_2	newre-conversions.clickmeter.com	16	REGISTER S.P.A.	NS-1498.AWSDNS-59.ORG	REDACTED FOR PRIVACY
17	tier_2	trk.jometer.com	15	Amazon Registrar, Inc.	NS-129.AWSDNS-16.COM	Whois Privacy Service
18	tier_2	api.l5srv.net	14	GoDaddy.com, LLC	NS53.DOMAINCONTROL.COM	Domains By Proxy, LLC
19	tier_2	nizephoros-pom.com	7	Amazon Registrar, Inc.	NS-1192.AWSDNS-21.ORG	Whois Privacy Service
20	tier_2	managerformula.com	6	None	None	None
21	tier_2	click.appcast.io	5	101Domain GRS Ltd	NS-85.AWSDNS-10.COM	None
22	tier_2	7587.rawlexi.com	4	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
23	tier_2	affilynx.g2afse.com	4	GoDaddy.com, LLC	NS-1393.AWSDNS-46.ORG	Aditec Solutions, UAB
24	tier_2	tracking.trkshark.cc	4	None	None	None
25	tier_2	apptrk.space	4	None	None	None
26	tier_2	joblift.com	3	INWX GmbH & Co. KG	NS-CLOUD-E1.GOOGLEDOMAINS.COM	REDACTED FOR PRIVACY
27	tier_2	click.appcast.io_LOOP_1	3	None	None	None
28	tier_2	api.apptap.com	3	Amazon Registrar, Inc.	NS-1256.AWSDNS-29.ORG	Whois Privacy Service
29	tier_2	redirect.viglink.com	3	Amazon Registrar, Inc.	NS1.VIGLINK.COM	Whois Privacy Service
30	tier_3	clearhealthaspect.info	61	None	None	None
31	tier_3	thehealthlevel.info	36	None	None	None
32	tier_3	livingyoung.info	25	None	None	None
33	tier_3	youthandcare.info	16	None	None	None
34	tier_3	us.tideri.com	15	united domains AG	NS.UDAG.DE	None
35	tier_3	upward.careers	14	GoDaddy.com, LLC	ns21.domaincontrol.com	Domains By Proxy, LLC
36	tier_3	americanlisted.com	8	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
37	tier_3	s3.amazonaws.com	6	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
38	tier_3	apple.global-info.space	3	None	None	None
39	tier_3	music.apple.com	1	CSC CORPORATE DOMAINS, INC.	A.NS.APPLE.COM	Apple Inc.
40	tier_3	jobs.dish.com	1	Network Solutions, LLC	NS-01.DISH.COM	Dish Network LLC
41	tier_3	managerformula.com	1	None	None	None
42	tier_3	robogarden.io	1	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	None
43	tier_3	click.expmediadirect.com	1	None	None	None
44	tier_3	socalhondadealers.com	1	DREAMHOST	NS1.DREAMHOST.COM	Proxy Protection LLC
45	tier_3	click.appcast.io	1	101Domain GRS Ltd	NS-85.AWSDNS-10.COM	None
46	tier_3	apple.service-care.space	1	None	None	None
47	tier_3	linkedin.com	1	MarkMonitor, Inc.	DNS1.P09.NSONE.NET	LinkedIn Corporation
48	tier_3	1496.rawlexi.com	1	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
49	tier_3	joblift.com_LOOP_1	1	None	None	None
50	tier_3	eharmony.com	1	None	None	None
51	tier_3	michaelkors.com	1	NOM-IQ Ltd dba Com Laude	A1-111.AKAM.NET	Michael Kors, L.L.C.
52	tier_3	albeebaby.com_LOOP_1	1	None	None	None
53	tier_3	open.app.jobrapido.com_LOOP_1	1	None	None	None
54	tier_3	maurices.com_LOOP_1	1	None	None	None
55	tier_3	welry.com	1	Amazon Registrar, Inc.	NS-1079.AWSDNS-06.ORG	Whois Privacy Service
56	tier_3	signup.finddreamjobs.com	1	GoDaddy.com, LLC	ALEXIS.NS.CLOUDFLARE.COM	Find Dream Jobs

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	32	nan	nan
1	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	27	nan	nan
2	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	24	nan	nan
3	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	21	nan	nan
4	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	19	nan	nan
5	206.221.176.184	Newark	New Jersey	AS23470 ReliableSite.Net LLC	07175	United States	tier_1	18	nan	nan
6	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	14	nan	nan
7	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	12	nan	nan
8	82.192.82.228	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	4	nan	nan
9	185.107.56.198	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	3	nan	nan
10	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	139	nan	nan
11	167.99.3.175	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_2	138	nan	nan
12	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	47	nan	nan
13	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_3	1	nan	nan
14	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	8	240.61.209.35.bc.googleusercontent.com	nan
15	67.227.173.37	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_2	14	nan	nan
16	23.21.166.230	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	10	ec2-23-21-166-230.compute-1.amazonaws.com	nan
17	54.235.205.204	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	8	ec2-54-235-205-204.compute-1.amazonaws.com	nan
18	23.21.53.13	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	8	ec2-23-21-53-13.compute-1.amazonaws.com	nan
19	54.197.247.190	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	6	ec2-54-197-247-190.compute-1.amazonaws.com	nan
20	99.84.114.53	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	6	server-99-84-114-53.ewr52.r.cloudfront.net	nan
21	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_2	6	rd.bizrate.com	nan
22	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	6	pool-100-37-135-2.nycmny.fios.verizon.net	nan
23	99.84.114.17	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	4	server-99-84-114-17.ewr52.r.cloudfront.net	nan
24	212.32.252.81	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_2	4	nan	nan
25	212.32.249.98	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_2	4	nan	nan
26	3.128.251.116	Hilliard	Ohio	AS16509 Amazon.com, Inc.	43026	United States	tier_2	4	ec2-3-128-251-116.us-east-2.compute.amazonaws.com	nan
27	34.207.43.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	4	ec2-34-207-43-7.compute-1.amazonaws.com	nan
28	172.232.19.138	Newark	New Jersey	AS20940 Akamai International B.V.	07175	United States	tier_2	4	a172-232-19-138.deploy.static.akamaitechnologies.com	nan
29	35.190.64.22	Kansas City	Missouri	AS15169 Google LLC	64121	United States	tier_2	3	22.64.190.35.bc.googleusercontent.com	True
30	104.21.60.64	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	41	nan	True
31	104.21.75.98	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	27	nan	True
32	172.67.192.183	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	20	nan	True
33	104.21.94.161	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	18	nan	True
34	35.246.171.123	Frankfurt am Main	Hesse	AS15169 Google LLC	60311	Germany	tier_3	15	123.171.246.35.bc.googleusercontent.com	nan
35	67.227.172.40	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_3	14	nan	nan
36	104.21.11.199	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	13	nan	True
37	172.67.220.94	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	9	nan	True
38	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	8	240.61.209.35.bc.googleusercontent.com	nan
39	172.67.138.17	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	7	nan	True
40	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	6	pool-100-37-135-2.nycmny.fios.verizon.net	nan
41	172.67.167.55	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	3	nan	True
42	104.21.78.145	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	3	nan	True
43	52.217.97.102	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
44	52.216.249.206	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
45	54.163.189.80	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-54-163-189-80.compute-1.amazonaws.com	nan
46	172.232.19.147	Newark	New Jersey	AS20940 Akamai International B.V.	07175	United States	tier_3	1	a172-232-19-147.deploy.static.akamaitechnologies.com	nan
47	104.21.80.8	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
48	35.174.35.73	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-35-174-35-73.compute-1.amazonaws.com	nan
49	3.234.0.165	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-3-234-0-165.compute-1.amazonaws.com	nan
50	52.216.186.21	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
51	104.21.77.6	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
52	13.107.42.14	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	1	nan	True
53	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_3	1	nan	nan
54	104.16.9.138	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
55	184.85.16.53	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a184-85-16-53.deploy.static.akamaitechnologies.com	nan
56	107.23.69.42	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-107-23-69-42.compute-1.amazonaws.com	nan
57	104.17.47.14	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
58	52.216.162.85	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶