viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	234	237	830	0	16	2021-04-09	74.63.241.23	Chrome

	tier	domain	count	registrar	name_servers	org
0	tier_1	jkgschool.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
1	tier_1	maxo.pro	1	None	None	None
2	tier_1	evanzhang.me	1	None	None	None
3	tier_1	gaben.us	1	Communigal Communication Ltd	ns2.commonmx.com	None
4	tier_1	studiojimbo.io	1	None	None	None
5	tier_1	la2tatcom.com	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0159165625
6	tier_1	mooncake.us	1	Communigal Communication Ltd	ns2.commonmx.com	None
7	tier_1	l2s.cc	1	DYNADOT LLC	NS1.COMMONMX.COM	None
8	tier_1	tophost.pro	1	None	None	None
9	tier_1	verid.org	1	None	None	None
10	tier_2	rqhere2.com	104	None	None	None
11	tier_2	click.expmediadirect.com	101	None	None	None
12	tier_2	btpnav.com	45	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
13	tier_2	1496.rawlexi.com	39	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
14	tier_2	americanlisted.com	35	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
15	tier_2	9nl.es	19	None	None	None
16	tier_2	newre-conversions.clickmeter.com	19	REGISTER S.P.A.	NS-1498.AWSDNS-59.ORG	REDACTED FOR PRIVACY
17	tier_2	trk.jometer.com	17	Amazon Registrar, Inc.	NS-129.AWSDNS-16.COM	Whois Privacy Service
18	tier_2	api.l5srv.net	14	GoDaddy.com, LLC	NS53.DOMAINCONTROL.COM	Domains By Proxy, LLC
19	tier_2	aristo-hag.com	7	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
20	tier_2	clk.rtpdn12.com	6	None	None	None
21	tier_2	rtbstream.com	6	1API GmbH	NS1.DNSIMPLE.COM	Registrant of rtbstream.com
22	tier_2	ads35.adtelligent.com	5	DANESCO TRADING LTD	NS.ANYCASTNS1.ORG	Vertamedia,LLC
23	tier_2	dsp35.adtelligent.com	5	DANESCO TRADING LTD	NS.ANYCASTNS1.ORG	Vertamedia,LLC
24	tier_2	aldb1.mysearch.space	5	None	None	None
25	tier_2	externals-1953518744.us-east-1.elb.amazonaws.com	5	MarkMonitor, Inc.	R1.AMAZONAWS.COM	Amazon.com, Inc.
26	tier_2	search.snjsearch.com	5	GoDaddy.com, LLC	NS73.DOMAINCONTROL.COM	Domains By Proxy, LLC
27	tier_2	track.vcdc.com	5	Key-Systems GmbH	GUY.NS.CLOUDFLARE.COM	c/o whoisproxy.com
28	tier_2	click.appcast.io	5	None	None	None
29	tier_2	whatjobs.com	3	123-Reg Limited	VIDA.NS.CLOUDFLARE.COM	None
30	tier_3	healthideal.club	61	None	None	None
31	tier_3	healthyspirit.info	28	None	None	None
32	tier_3	naturalsymud.club	15	None	None	None
33	tier_3	us.tideri.com	14	united domains AG	NS.UDAG.DE	None
34	tier_3	upward.careers	14	GoDaddy.com, LLC	ns21.domaincontrol.com	Domains By Proxy, LLC
35	tier_3	bing.com	5	MarkMonitor, Inc.	DNS1.P09.NSONE.NET	Microsoft Corporation
36	tier_3	americanlisted.com	3	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
37	tier_3	click.appcast.io	2	None	None	None
38	tier_3	ram21.proasdf.com	2	GoDaddy.com, LLC	NS61.DOMAINCONTROL.COM	Domains By Proxy, LLC
39	tier_3	click.appcast.io_LOOP_1	2	None	None	None
40	tier_3	signup.finddreamjobs.com	2	GoDaddy.com, LLC	ALEXIS.NS.CLOUDFLARE.COM	Find Dream Jobs
41	tier_3	1.contentgate.uno	1	None	None	None
42	tier_3	google.com_LOOP_1	1	None	None	None
43	tier_3	driverfixersoftware.com	1	TLDS L.L.C. d/b/a SRSPlus	NINA.NS.CLOUDFLARE.COM	None
44	tier_3	opticsplanet.com	1	GoDaddy.com, LLC	NS1.ECENTRIA.COM	ECENTRIA IPH, LLC
45	tier_3	rd.bizrate.com	1	MarkMonitor, Inc.	NS-1189.AWSDNS-20.ORG	Meredith Corporation
46	tier_3	search.discoverweb.com	1	GoDaddy.com, LLC	NINA.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
47	tier_3	higher-hire.com	1	Name.com, Inc.	NS1GMZ.NAME.COM	Everlong Media, LLC
48	tier_3	reebok.com	1	CSC CORPORATE DOMAINS, INC.	NS1.NETNAMES.NET	Reebok International, Ltd.
49	tier_3	wayfair.com	1	MarkMonitor, Inc.	A1-100.AKAM.NET	Wayfair, LLC
50	tier_3	saferealestatesearch.com	1	GoDaddy.com, LLC	NS63.DOMAINCONTROL.COM	Domains By Proxy, LLC
51	tier_3	2.contentgate.uno	1	None	None	None

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	27	nan	nan
1	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	24	nan	nan
2	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	20	nan	nan
3	206.221.176.184	Newark	New Jersey	AS23470 ReliableSite.Net LLC	07175	United States	tier_1	17	nan	nan
4	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	16	nan	nan
5	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	9	nan	nan
6	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	6	nan	nan
7	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	6	nan	nan
8	82.192.82.225	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	6	nan	nan
9	37.48.65.150	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	3	nan	nan
10	167.99.3.175	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_2	104	nan	nan
11	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	103	nan	nan
12	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	52	nan	nan
13	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	39	nan	nan
14	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	3	240.61.209.35.bc.googleusercontent.com	nan
15	67.227.173.37	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_2	14	nan	nan
16	23.21.166.230	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	12	ec2-23-21-166-230.compute-1.amazonaws.com	nan
17	54.235.205.204	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	12	ec2-54-235-205-204.compute-1.amazonaws.com	nan
18	99.84.114.53	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	8	server-99-84-114-53.ewr52.r.cloudfront.net	nan
19	54.197.247.190	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	7	ec2-54-197-247-190.compute-1.amazonaws.com	nan
20	23.21.53.13	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	7	ec2-23-21-53-13.compute-1.amazonaws.com	nan
21	173.239.53.32	New York City	New York	AS27257 Webair Internet Development Company Inc.	10004	United States	tier_2	6	nan	nan
22	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	1	nan	nan
23	209.205.202.42	New York City	New York	AS55081 24 SHELLS	10004	United States	tier_2	5	static-42-202-205-209.24shells.net	nan
24	209.205.202.43	New York City	New York	AS55081 24 SHELLS	10004	United States	tier_2	5	static-43-202-205-209.24shells.net	nan
25	35.162.164.74	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_2	5	ec2-35-162-164-74.us-west-2.compute.amazonaws.com	nan
26	99.84.114.65	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	5	server-99-84-114-65.ewr52.r.cloudfront.net	nan
27	178.62.225.201	Amsterdam	North Holland	AS14061 DigitalOcean, LLC	1012	Netherlands	tier_3	2	nan	nan
28	167.233.8.197	Nürnberg	Bavaria	AS24940 Hetzner Online GmbH	90402	Germany	tier_2	5	static.197.8.233.167.clients.your-server.de	nan
29	34.207.43.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	4	ec2-34-207-43-7.compute-1.amazonaws.com	nan
30	104.21.59.182	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	37	nan	True
31	172.67.182.64	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	24	nan	True
32	35.246.171.123	Frankfurt am Main	Hesse	AS15169 Google LLC	60311	Germany	tier_3	14	123.171.246.35.bc.googleusercontent.com	nan
33	67.227.172.40	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_3	14	nan	nan
34	104.21.30.32	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	14	nan	True
35	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	14	pool-100-37-135-2.nycmny.fios.verizon.net	nan
36	172.67.219.181	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	8	nan	True
37	104.21.38.63	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	7	nan	True
38	172.67.150.117	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	4	nan	True
39	204.79.197.200	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	3	a-0001.a-msedge.net	True
40	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	3	240.61.209.35.bc.googleusercontent.com	nan
41	13.107.21.200	Redmond	Washington	AS8068 Microsoft Corporation	98052	United States	tier_3	2	nan	True
42	178.62.225.201	Amsterdam	North Holland	AS14061 DigitalOcean, LLC	1012	Netherlands	tier_3	2	nan	nan
43	162.243.10.151	New York City	New York	AS14061 DigitalOcean, LLC	10011	United States	tier_3	2	nan	nan
44	104.17.47.14	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	2	nan	True
45	52.3.4.129	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-52-3-4-129.compute-1.amazonaws.com	nan
46	104.21.83.108	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
47	100.25.52.1	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-100-25-52-1.compute-1.amazonaws.com	nan
48	152.195.32.168	Ashburn	Virginia	AS15133 MCI Communications Services, Inc. d/b/a Verizon Business	20147	United States	tier_3	1	nan	True
49	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	1	nan	nan
50	104.21.95.133	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
51	23.44.210.223	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_3	1	a23-44-210-223.deploy.static.akamaitechnologies.com	nan
52	23.41.189.99	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a23-41-189-99.deploy.static.akamaitechnologies.com	nan
53	134.122.9.169	Clifton	New Jersey	AS14061 DigitalOcean, LLC	07014	United States	tier_3	1	nan	nan

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶