viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	275	285	1204	0	14	2021-04-11	74.63.241.23	Android

	tier	domain	count	registrar	name_servers	org
0	tier_1	storyowl.co	1	Communigal Communication Ltd	ns2.commonmx.com	None
1	tier_1	kalyanamandap.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
2	tier_1	telexfree.co	1	Communigal Communication Ltd	ns2.commonmx.com	None
3	tier_1	global-logistics.co	1	Communigal Communication Ltd	ns2.commonmx.com	None
4	tier_1	evanzhang.me	1	GoDaddy.com, LLC	None	None
5	tier_1	bemember.me	1	GoDaddy.com, LLC	None	None
6	tier_1	freedom-251.in	1	Dynadot LLC	ns1.commonmx.com	None
7	tier_1	voyeurcam.co	1	Communigal Communication Ltd	ns2.commonmx.com	None
8	tier_1	naarockers.cc	1	Domainshop LLC	NS1.COMMONMX.COM	None
9	tier_1	stgeorges.co.in	1	Dynadot LLC	ns1.commonmx.com	None
10	tier_2	aristo-hag.com	101	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
11	tier_2	btpnav.com	82	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnav.com
12	tier_2	atnpx.com	73	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
13	tier_2	click.expmediadirect.com	64	NAMECHEAP INC	NS1.LINODE.COM	Privacy service provided by Withheld for Privacy ehf
14	tier_2	api.apptap.com	64	Amazon Registrar, Inc.	NS-1256.AWSDNS-29.ORG	Whois Privacy Service
15	tier_2	redirect.viglink.com	64	Amazon Registrar, Inc.	NS1.VIGLINK.COM	Whois Privacy Service
16	tier_2	link.sylikes.com	63	MarkMonitor, Inc.	NS-1063.AWSDNS-04.ORG	Connexity, Inc.
17	tier_2	rd.bizrate.com	55	None	None	None
18	tier_2	rd.connexity.net	53	None	None	None
19	tier_2	api.mplayit.com	47	Amazon Registrar, Inc.	NS-1236.AWSDNS-26.ORG	Whois Privacy Service
20	tier_2	ad.doubleclick.net	34	None	None	None
21	tier_2	invictastores.com	9	GoDaddy.com, LLC	DUKE.NS.CLOUDFLARE.COM	None
22	tier_2	trackyourmpg.com	9	None	None	None
23	tier_2	rd.connexity.net_LOOP_1	8	None	None	None
24	tier_2	nizephoros-pom.com	8	Amazon Registrar, Inc.	NS-1192.AWSDNS-21.ORG	None
25	tier_2	get.popplunder.com	8	NAMECHEAP INC	DNS1.REGISTRAR-SERVERS.COM	Privacy service provided by Withheld for Privacy ehf
26	tier_2	trustedpush.com	8	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	Privacy service provided by Withheld for Privacy ehf
27	tier_2	win1.trustedpush.com	8	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	Privacy service provided by Withheld for Privacy ehf
28	tier_2	win2.trustedpush.com	6	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	Privacy service provided by Withheld for Privacy ehf
29	tier_2	btpnative.com	5	1API GmbH	NS1.DNSIMPLE.COM	Registrant of btpnative.com
30	tier_3	kbb.com	55	CSC CORPORATE DOMAINS, INC.	PDNS164.ULTRADNS.BIZ	Autotrader.com
31	tier_3	robogarden.io	17	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	None
32	tier_3	theory.com	13	CSC CORPORATE DOMAINS, INC.	NS0.DNSMADEEASY.COM	Theory LLC
33	tier_3	storystudio.sfgate.com	12	CSC CORPORATE DOMAINS, INC.	NS1.HEARSTNP.COM	Hearst Communications, Inc.
34	tier_3	overstock.com	10	MarkMonitor, Inc.	DNS1.P01.NSONE.NET	Overstock.com, Inc - TMA606142
35	tier_3	rd.bizrate.com	9	None	None	None
36	tier_3	invictastores.com_LOOP_1	9	None	None	None
37	tier_3	berettausa.com	6	Network Solutions, LLC	NS1.AMERICANEAGLE.COM	None
38	tier_3	venus.com	5	GoDaddy.com, LLC	NS0.DNSMADEEASY.COM	Venus Fashion, Inc.
39	tier_3	m.placesiteb.xyz	5	Sav.comLLC	HUGH.NS.CLOUDFLARE.COM	Privacy Protection
40	tier_3	overstock.com_LOOP_1	4	None	None	None
41	tier_3	win4.trustedpush.com	4	NAMECHEAP INC	NS-1142.AWSDNS-14.ORG	Privacy service provided by Withheld for Privacy ehf
42	tier_3	m.gladplacespin.xyz	3	Epik LLC	MARJORY.NS.CLOUDFLARE.COM	Anonymize, Inc.
43	tier_3	filter.onwardclick.com	2	NAMECHEAP INC	NS1.ENCONTEXT.COM	Privacy service provided by Withheld for Privacy ehf
44	tier_3	adameve.com	2	Network Solutions, LLC	A1-75.AKAM.NET	None
45	tier_3	venus.com_LOOP_1	2	None	None	None
46	tier_3	beyourxfriend.com	2	GoDaddy.com, LLC	NS0.DNSMADEEASY.COM	None
47	tier_3	win2.trustedpush.com	2	NameCheap, Inc.	NS-1142.AWSDNS-14.ORG	None
48	tier_3	horny-honey.online	1	NAMECHEAP INC	NS-19.AWSDNS-02.COM	None
49	tier_3	theory.com_LOOP_1	1	None	None	None
50	tier_3	equinoxadvertising.com_LOOP_1	1	None	None	None
51	tier_3	myhugesavings.com	1	Amazon Registrar, Inc.	NS-1358.AWSDNS-41.ORG	None
52	tier_3	trk.careerbliss.com	1	GoDaddy.com, LLC	NS10.DNSMADEEASY.COM	Domains By Proxy, LLC
53	tier_3	search.discoverweb.com	1	GoDaddy.com, LLC	NINA.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
54	tier_3	atnpx.com	1	GoDaddy.com, LLC	BECKY.NS.CLOUDFLARE.COM	Domains By Proxy, LLC
55	tier_3	wayfair.com	1	MarkMonitor, Inc.	A1-100.AKAM.NET	Wayfair, LLC
56	tier_3	m.fastmapc.xyz	1	Sav.comLLC	HUGH.NS.CLOUDFLARE.COM	Privacy Protection
57	tier_3	shop.diesel.com	1	BARBERO & Associates Ltd	NS3.OTB.NET	REDACTED FOR PRIVACY
58	tier_3	aristo-hag.com	1	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	None
59	tier_3	fanatics.com	1	MarkMonitor, Inc.	A1-147.AKAM.NET	Fanatics Inc.

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	31	nan	nan
1	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	27	nan	nan
2	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	19	nan	nan
3	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	19	nan	nan
4	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	16	nan	nan
5	206.221.176.184	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	13	nan	nan
6	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	13	nan	nan
7	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	9	nan	nan
8	74.63.241.22	Dallas	Texas	AS46475 Limestone Networks, Inc.	75270	United States	tier_1	4	22-241-63-74.static.reverse.lstn.net	nan
9	82.192.82.225	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	3	nan	nan
10	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	9	nan	nan
11	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	89	nan	nan
12	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	64	nan	nan
13	192.138.218.139	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_2	53	rd.connexity.net	nan
14	34.197.67.232	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	47	ec2-34-197-67-232.compute-1.amazonaws.com	nan
15	52.205.177.114	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	39	ec2-52-205-177-114.compute-1.amazonaws.com	nan
16	3.226.37.31	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	34	ec2-3-226-37-31.compute-1.amazonaws.com	nan
17	34.225.128.119	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	30	ec2-34-225-128-119.compute-1.amazonaws.com	nan
18	172.67.74.77	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_2	29	nan	True
19	54.208.107.202	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-54-208-107-202.compute-1.amazonaws.com	nan
20	52.206.141.190	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	25	ec2-52-206-141-190.compute-1.amazonaws.com	nan
21	52.206.108.38	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	23	ec2-52-206-108-38.compute-1.amazonaws.com	nan
22	104.26.10.53	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_2	23	nan	True
23	104.26.11.53	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
24	172.217.3.102	Westbury	New York	AS15169 Google LLC	11590	United States	tier_2	21	lga34s18-in-f6.1e100.net	nan
25	99.84.114.90	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	19	server-99-84-114-90.ewr52.r.cloudfront.net	nan
26	18.235.67.128	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	17	ec2-18-235-67-128.compute-1.amazonaws.com	nan
27	34.207.43.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	17	ec2-34-207-43-7.compute-1.amazonaws.com	nan
28	52.72.29.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	16	ec2-52-72-29-7.compute-1.amazonaws.com	nan
29	204.44.79.214	Los Angeles	California	AS8100 QuadraNet Enterprises LLC	90014	United States	tier_2	12	204.44.79.214.static.quadranet.com	nan
30	23.44.217.143	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	55	a23-44-217-143.deploy.static.akamaitechnologies.com	nan
31	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	26	pool-100-37-135-2.nycmny.fios.verizon.net	nan
32	172.67.172.143	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	12	nan	True
33	104.77.221.88	New York City	New York	AS16625 Akamai Technologies, Inc.	10004	United States	tier_3	10	a104-77-221-88.deploy.static.akamaitechnologies.com	nan
34	23.73.239.49	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_3	10	a23-73-239-49.deploy.static.akamaitechnologies.com	nan
35	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	9	nan	nan
36	98.129.228.57	Dallas	Texas	AS33070 Rackspace Hosting	75270	United States	tier_3	6	nan	nan
37	23.73.224.199	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_3	6	a23-73-224-199.deploy.static.akamaitechnologies.com	nan
38	151.101.0.200	San Francisco	California	AS54113 Fastly	94107	United States	tier_3	6	nan	True
39	104.21.80.8	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	5	nan	True
40	23.73.235.8	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_3	4	a23-73-235-8.deploy.static.akamaitechnologies.com	nan
41	104.18.80.149	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	4	nan	True
42	104.18.79.149	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	3	nan	True
43	184.85.22.65	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	3	a184-85-22-65.deploy.static.akamaitechnologies.com	nan
44	173.239.53.32	New York City	New York	AS27257 Webair Internet Development Company Inc.	10004	United States	tier_3	2	nan	nan
45	23.73.247.78	Edison	New Jersey	AS16625 Akamai Technologies, Inc.	08817	United States	tier_3	2	a23-73-247-78.deploy.static.akamaitechnologies.com	nan
46	45.33.8.244	Richardson	Texas	AS63949 Linode, LLC	75080	United States	tier_3	2	li962-244.members.linode.com	nan
47	99.84.47.53	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-47-53.ewr52.r.cloudfront.net	nan
48	184.85.12.70	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a184-85-12-70.deploy.static.akamaitechnologies.com	nan
49	104.18.81.149	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
50	54.71.200.88	Boardman	Oregon	AS16509 Amazon.com, Inc.	97818	United States	tier_3	1	ec2-54-71-200-88.us-west-2.compute.amazonaws.com	nan
51	207.38.44.116	Los Angeles	California	AS5693 Latisys-Irvine, LLC	90009	United States	tier_3	1	cbsmtp1.careerbliss.com	nan
52	172.67.144.251	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
53	104.26.11.53	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
54	23.41.189.99	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a23-41-189-99.deploy.static.akamaitechnologies.com	nan
55	104.18.78.149	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
56	104.17.8.188	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	1	nan	True
57	54.208.107.202	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-54-208-107-202.compute-1.amazonaws.com	nan
58	184.87.65.240	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	1	a184-87-65-240.deploy.static.akamaitechnologies.com	nan
59	99.84.114.98	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_3	1	server-99-84-114-98.ewr52.r.cloudfront.net	nan

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶