viz_redirection_chain_to

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

This report contains following information

Overall statistics
1. Number of domains detected
2. Number of domains detected by Google Safe Browsing
3. IP address behind entry-level domains
4. date of collection
Top 10 domain statistics
1. count (number of redirection paths that contain this domain)
2. tier (1 is entry-level domain, 2 is intermediate hop, 3 is final landing domain)
3. registar
4. organization
Top 10 IP statistics
1. count
2. location (city, country, region)
3. hostname
4. organization
Consolidated redirection path
1. green: tier one domain
2. yellow: tier two domain
3. red: tier three domain

	num_domain	num_links	num_full_url	num_safebrowsing_malicious	num_vt_malicious	date	ip	user_agent
0	248	248	1099	0	18	2021-04-21	74.63.241.23	Safari

	tier	domain	count	registrar	name_servers	org
0	tier_1	microcephaly.us	1	Communi Gal Communications Ltd.	ns2.commonmx.com	None
1	tier_1	epayfaucets.com	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0159169997
2	tier_1	tsimokh.name	1	None	None	None
3	tier_1	rissospacificos.com	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
4	tier_1	ecovillages.us	1	Communi Gal Communications Ltd.	ns2.commonmx.com	None
5	tier_1	canon-support.us	1	Dynadot LLC	ns2.commonmx.com	None
6	tier_1	detox-cleanse.us	1	Communi Gal Communications Ltd.	ns2.commonmx.com	None
7	tier_1	pecl.net	1	GoDaddy.com, LLC	NS1.COMMONMX.COM	None
8	tier_1	styling.name	1	None	None	None
9	tier_1	blatle.net	1	TUCOWS, INC.	NS1.COMMONMX.COM	Contact Privacy Inc. Customer 0158496796
10	tier_2	1496.rawlexi.com	118	GoDaddy Online Services Cayman Islands LTD	NS-128.AWSDNS-16.COM	None
11	tier_2	americanlisted.com	113	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
12	tier_2	click.expmediadirect.com	64	None	None	None
13	tier_2	9nl.es	63	None	None	None
14	tier_2	newre-conversions.clickmeter.com	63	REGISTER S.P.A.	NS-1498.AWSDNS-59.ORG	REDACTED FOR PRIVACY
15	tier_2	trk.jometer.com	63	Amazon Registrar, Inc.	NS-129.AWSDNS-16.COM	Whois Privacy Service
16	tier_2	api.l5srv.net	63	GoDaddy.com, LLC	NS53.DOMAINCONTROL.COM	Domains By Proxy, LLC
17	tier_2	rqhere2.com	63	None	None	None
18	tier_2	nizephoros-pom.com	17	Amazon Registrar, Inc.	NS-1192.AWSDNS-21.ORG	Whois Privacy Service
19	tier_2	managerformula.com	16	None	None	None
20	tier_2	rd.centrumjobs.com	7	GoDaddy.com, LLC	NS-1527.AWSDNS-62.ORG	Domains By Proxy, LLC
21	tier_2	click.appcast.io	7	101Domain GRS Ltd	NS-85.AWSDNS-10.COM	None
22	tier_2	systems.job.com	3	GoDaddy Online Services Cayman Islands LTD	CASS.NS.CLOUDFLARE.COM	None
23	tier_2	aristo-hag.com	3	Amazon Registrar, Inc.	NS-1226.AWSDNS-25.ORG	Whois Privacy Service
24	tier_2	rd.hpjalerts.com	3	GoDaddy.com, LLC	NS-1342.AWSDNS-39.ORG	Domains By Proxy, LLC
25	tier_2	click.appcast.io_LOOP_1	2	None	None	None
26	tier_2	api.apptap.com	2	Amazon Registrar, Inc.	NS-1256.AWSDNS-29.ORG	Whois Privacy Service
27	tier_2	noclick.connexity.com	2	MarkMonitor, Inc.	NS-1235.AWSDNS-26.ORG	Connexity, Inc.
28	tier_2	rd.bizrate.com	2	None	None	None
29	tier_2	rd.connexity.net	2	MarkMonitor Inc.	NS-1190.AWSDNS-20.ORG	None
30	tier_3	upward.careers	63	GoDaddy.com, LLC	ns21.domaincontrol.com	Domains By Proxy, LLC
31	tier_3	peakprestige.club	63	None	None	None
32	tier_3	google.com	38	MarkMonitor, Inc.	NS1.GOOGLE.COM	Google LLC
33	tier_3	s3.amazonaws.com	17	None	None	None
34	tier_3	neuvoo.com	6	MarkMonitor Inc.	NS-1302.AWSDNS-34.ORG	None
35	tier_3	americanlisted.com	6	ilait AB	NS1.TELECOM3.NET	Integration 3 Group AB
36	tier_3	findatruckerjob.com	3	GoDaddy.com, LLC	NS63.DOMAINCONTROL.COM	Domains By Proxy, LLC
37	tier_3	wayfair.com	2	MarkMonitor Inc.	A1-100.AKAM.NET	None
38	tier_3	rd.bizrate.com	1	None	None	None
39	tier_3	click.appcast.io_LOOP_1	1	None	None	None
40	tier_3	rd.hpjalerts.com	1	GoDaddy.com, LLC	NS-1342.AWSDNS-39.ORG	Domains By Proxy, LLC
41	tier_3	vitalydesign.com	1	GoDaddy.com, LLC	NS11.DOMAINCONTROL.COM	Vitaly Design Ltd.
42	tier_3	amazon.com	1	None	None	None
43	tier_3	us.tideri.com	1	united domains AG	NS.UDAG.DE	None

	ip	city	region	org	postal	country_name	tier	count	hostname	anycast
0	207.244.67.215	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	31	nan	nan
1	207.244.67.216	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	28	nan	nan
2	207.244.67.214	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	25	nan	nan
3	207.244.67.218	Washington	Washington, D.C.	AS30633 Leaseweb USA, Inc.	20045	United States	tier_1	22	nan	nan
4	104.243.45.178	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	14	nan	nan
5	104.243.45.179	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	12	nan	nan
6	206.221.176.184	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	12	nan	nan
7	104.243.45.190	New York City	New York	AS23470 ReliableSite.Net LLC	10004	United States	tier_1	11	nan	nan
8	82.192.82.227	Amsterdam	North Holland	AS60781 LeaseWeb Netherlands B.V.	1012	Netherlands	tier_1	5	nan	nan
9	185.107.56.198	Rotterdam	South Holland	AS43350 NForce Entertainment B.V.	3012	Netherlands	tier_1	4	nan	nan
10	198.54.112.216	San Jose	California	AS22612 Namecheap, Inc.	95103	United States	tier_2	118	nan	nan
11	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	6	240.61.209.35.bc.googleusercontent.com	nan
12	198.134.116.30	New York City	New York	AS27257 Webair Internet Development Company Inc.	10013	United States	tier_2	64	nan	nan
13	67.227.173.37	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_2	63	nan	nan
14	167.99.3.175	North Bergen	New Jersey	AS14061 DigitalOcean, LLC	07047	United States	tier_2	63	nan	nan
15	54.197.247.190	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	34	ec2-54-197-247-190.compute-1.amazonaws.com	nan
16	54.235.205.204	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	32	ec2-54-235-205-204.compute-1.amazonaws.com	nan
17	23.21.53.13	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	31	ec2-23-21-53-13.compute-1.amazonaws.com	nan
18	23.21.166.45	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	29	ec2-23-21-166-45.compute-1.amazonaws.com	nan
19	99.84.126.52	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	18	server-99-84-126-52.ewr52.r.cloudfront.net	nan
20	99.84.126.65	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	16	server-99-84-126-65.ewr52.r.cloudfront.net	nan
21	99.84.126.24	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	14	server-99-84-126-24.ewr52.r.cloudfront.net	nan
22	99.84.126.63	Newark	New Jersey	AS16509 Amazon.com, Inc.	07175	United States	tier_2	14	server-99-84-126-63.ewr52.r.cloudfront.net	nan
23	34.197.176.2	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	6	ec2-34-197-176-2.compute-1.amazonaws.com	nan
24	18.235.67.128	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	6	ec2-18-235-67-128.compute-1.amazonaws.com	nan
25	52.72.29.7	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	5	ec2-52-72-29-7.compute-1.amazonaws.com	nan
26	54.208.107.202	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	4	ec2-54-208-107-202.compute-1.amazonaws.com	nan
27	209.15.13.136	Toronto	Ontario	AS13768 Aptum Technologies	M5N	Canada	tier_2	4	nan	nan
28	23.200.0.5	Edison	New Jersey	AS20940 Akamai International B.V.	08817	United States	tier_2	4	a23-200-0-5.deploy.static.akamaitechnologies.com	nan
29	52.203.101.113	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_2	3	ec2-52-203-101-113.compute-1.amazonaws.com	nan
30	67.227.172.40	Lansing	Michigan	AS32244 Liquid Web, L.L.C	48901	United States	tier_3	63	nan	nan
31	172.67.134.113	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	34	nan	True
32	104.21.25.179	San Francisco	California	AS13335 Cloudflare, Inc.	94107	United States	tier_3	29	nan	True
33	172.217.12.132	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_3	9	lga34s19-in-f4.1e100.net	nan
34	172.217.11.36	New York City	New York	AS15169 Google LLC	10004	United States	tier_3	7	lga25s61-in-f4.1e100.net	nan
35	172.217.165.132	Los Angeles	California	AS15169 Google LLC	90009	United States	tier_3	7	lax30s03-in-f4.1e100.net	nan
36	35.209.61.240	Council Bluffs	Iowa	AS15169 Google LLC	51502	United States	tier_3	6	240.61.209.35.bc.googleusercontent.com	nan
37	172.217.10.228	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_3	5	lga25s59-in-f4.1e100.net	nan
38	172.217.7.4	Clinton Corners	New York	AS15169 Google LLC	12514	United States	tier_3	4	lga25s56-in-f4.1e100.net	nan
39	172.217.10.100	Clifton	New Jersey	AS15169 Google LLC	07015	United States	tier_3	3	lga34s15-in-f4.1e100.net	nan
40	142.250.64.68	Westbury	New York	AS15169 Google LLC	11590	United States	tier_3	3	lga34s30-in-f4.1e100.net	nan
41	54.242.20.247	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	2	ec2-54-242-20-247.compute-1.amazonaws.com	nan
42	52.216.154.46	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
43	52.217.83.70	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
44	52.217.100.190	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
45	52.216.227.115	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
46	52.217.162.248	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
47	23.43.253.154	Newark	New Jersey	AS16625 Akamai Technologies, Inc.	07175	United States	tier_3	2	a23-43-253-154.deploy.static.akamaitechnologies.com	nan
48	52.21.31.105	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	2	ec2-52-21-31-105.compute-1.amazonaws.com	nan
49	54.144.219.72	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	2	ec2-54-144-219-72.compute-1.amazonaws.com	nan
50	52.217.202.56	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	2	s3-1.amazonaws.com	nan
51	52.216.178.181	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
52	54.163.119.112	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-54-163-119-112.compute-1.amazonaws.com	nan
53	192.138.218.207	Seattle	Washington	AS14332 Connexity, Inc.	98111	United States	tier_3	1	rd.bizrate.com	nan
54	100.37.135.2	New York City	New York	AS701 MCI Communications Services, Inc. d/b/a Verizon Business	10004	United States	tier_3	1	pool-100-37-135-2.nycmny.fios.verizon.net	nan
55	54.231.40.226	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
56	52.216.245.254	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan
57	52.22.57.118	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-52-22-57-118.compute-1.amazonaws.com	nan
58	34.196.177.100	Ashburn	Virginia	AS14618 Amazon.com, Inc.	20149	United States	tier_3	1	ec2-34-196-177-100.compute-1.amazonaws.com	nan
59	52.216.141.30	Ashburn	Virginia	AS16509 Amazon.com, Inc.	20149	United States	tier_3	1	s3-1.amazonaws.com	nan

Aggregated redirection graph of domains located on current IP address.¶

The redirection flows from left to right
Leftmost domains are initial domains hosted on current IP
Rightmost domains are final landing domains we were able to crawl

Screenshot of high-occurrence final landing domains¶

Zhouhan Chen, NYU Center for Data Science, zc1245@nyu.edu, Personal Website

Malware Discoverer Github Homepage.

Daily Threat Intelligence Report¶

Aggregated redirection graph of domains located on current IP address.¶

Screenshot of high-occurrence final landing domains¶

Have other ideas? / Want to subscribe to get threat intelligence report? / Contact¶