HostExploit is pleased to present the Q1 2010 report on the Top 50 Bad Hosts and Networks. Using our own data, supplied by SiteVet.com, together with Open Security partners, HostExploit has compiled an updated HE Index of the worst internet hosting players around the world.
Findings in the report are based on data generated by public ASes (Autonomous Systems) exchanging routing information with each other over the public internet. ‘Bad’ activity in this context includes traffic generated by botnets, spam, MALfi, phishing, malware, exploits and the control centers that manage these activities.
By using a unique combination of actuarially-weighted mathematical equations, a bespoke ‘badness’ rating is created showing the worst hosting organizations for cyber-criminal activity. Consideration is given to the size of each network and related potential for malware distribution where larger servers should have the means to track cyber-criminal activity more effectively.
Hosting UA in Odessa one of the main data centers and hosts in Ukraine is offline, due to a major fire.
AS41665 HOSTING-AS National Hosting Provider, UA, with 144,384 IP addresses and ranked #4 on the HostExploit Top Bad Hosts report in December 2009 out of 34,000 ASNs (autonomous systems / hosts) compared for serving badness on the Internet. Although in the forthcoming HostExploit Top Bad Hosts report, Hosting UA had demonstrated some improvement over the first quarter 2010 - see forthcoming report, March 2010.
Hello, and welcome to our new website!
As is always the way, there were a couple of issues when transferring the site across, so apologies if you ran into any problems over the last couple of days.
Please feel free to send us any comments on any issues you are experiencing or any recommendations.
Previously, we have concentrated on releasing full cybercrime reports, many of which have had big contributions in the downfall of some pretty bad hosts. Often when we are researching, we have some good evidence but perhaps not good enough to put into a full report. So, from now we will be regularly posting blogs as this is an easy way for us to put some of our findings out there.
Writing blogs will also help us get our findings out there that little bit quicker, and hopefully others in the community can build on issues we blog on. Stay tuned in the next few days for a followup report to 2009's Top 50 Bad Hosts - this time we will be reporting on 2010 Q1 and the fun and games that the community has been having with Troyak.
HostExploit is proud to announce the “winners” of the Bad Internet Host of 2009 awards, alongside the definitive Top 50 Bad Hosts and Networks report. The findings are powered by the newly-created HE Index - a numerical representation of internet badness.
The report comprises an exhaustive analysis of the Internet hosting industry (servers and Autonomous Systems) by the researchers at HostExploit, with community input and data from 16 authorative community sources. The result is a definitive list of the worst commercial servers around the globe, in terms of server badness. Detailed reports on each of the top 150 bad servers can be viewed on SiteVet.com.
The report analyses the wide range of crimes which affect all of our lives, and through the use of sophisticated math and our researchers’ vast experience, HostExploit has been able to produce what is perhaps the most definitive list to date and an easy-to-understand badness index. Beyond this, the report analyses the effects by country, the worst culprits within cybercrime categories (i.e. spam, malicious software, malware, botnet serving, Zeus, etc.), the attack vectors for specific cybercriminal activities and much more.
Legitimate businesses may wish to reconsider hosting a web site with a hosting service which has a high HE Index. In addition to supporting a hosting service that has a disproportionate amount of malicious activity, there is the risk of being blacklisted by having your web site on such a server.
However, it is not all bad news; part of the project also provides examples of the cleanest hosts around the world to demonstrate how such Internet badness can be avoided by commercial servers.
In providing this report, the emphasis was to review servers that could be considered medium to large scale commercial operations, with a few exceptions. The report highlights the issues which face the internet community due to the lack of accountability required of internet service providers whose servers are utilized for cybercrime.
This new report is available for a free PDF download at hostexploit.com - the producers of community reports exposing RBN (Russian Business Network), Atrivo, McColo and Real Host, and a foremost source of rogue and malicious network activity analysis on the Internet.
As a test of its capabilities during BETA development, SiteVet has produced data on the world's worst web hosts (specifically, Autonomous Systems). This data was produced for HostExploit in conjunction with the report released this month.
The top bad hosts are shown below; click each one for further details and break down reports brought to you by SiteVet. You can also take the demo tour to find out what Sitevet will be able to do for you.
As SiteVet moves out of BETA development, detailed reports will be available for every active AS this will coincide with HostExploit becoming a conclusive source for information on the worst and best hosts globally and the respective reasons.
|HE Rank||HE Index||AS Number||Name||Country|
|1||269.9||AS30407||VELCOM - Rcp.net||CANADA|
|2||225.7||AS23522||IPNAP-ES - GigeNET||UNITED STATES|
|4||159.5||AS41665||HOSTING-AS National Hosting Provider, Hosting.UA||UKRAINE|
|5||158.7||AS4134||CHINANET - BACKBONE No.31,Jin-rong Street||CHINA|
|6||151.7||AS49637||ZHM-AS PE Zavalnuk Vladislav Mihailovich||KAZAKHSTAN|
|7||147.9||AS32613||IWEB-AS - iWeb Technologies Inc.||CANADA|
|8||142.2||AS10929||Netelligent Hosting Services Inc||CANADA|
|9||140.3||AS28753||NETDIRECT AS NETDIRECT Frankfurt, DE||GERMANY|
|10||135.4||AS49314||NEVAL PE Nevedomskiy Alexey Alexeevich||RUSSIAN FEDERATION|
|12||122.8||AS23456||RESERVED-AS assigned by IANA||UNKNOWN/NOT APPLICABLE|
|13||120.3||AS48445||FAVN Favorit Network SL||SPAIN|
|14||116.3||AS21607||DEPLOYLINUX - DeployLinux Consulting, Inc||UNITED STATES|
|15||116.3||AS14280||NETNATION - NetNation Communications Inc||CANADA|
|16||114||AS21844||THEPLANET-AS - ThePlanet.com Internet Services, Inc.||UNITED STATES|
|17||113.6||AS48031||NOVIKOV-AS IP Novikov Aleksandr Leonidovich||RUSSIAN FEDERATION|
|18||112.6||AS15135||EVERYDNS ASN||UNITED STATES|
|19||111.7||AS21740||DemandMedia AS DemandMedia eNom||UNITED STATES|
|21||111.5||AS30083||SERVER4YOU - Hosting Solutions International, Inc.||UNITED STATES|
|22||110.8||AS16265||LEASEWEB LEASEWEB AS||UNITED STATES|
|23||109.2||AS32181||ASN-ECOMD-COLOQUEST - GigeNET||UNITED STATES|
|24||105.6||AS3595||GNAXNET-AS - Global Net Access, LLC||UNITED STATES|
|25||104.5||AS23352||SERVERCENTRAL - Server Central Network||UNITED STATES|
|27||102.1||AS30058||FDCSERVERS - FDCservers.net||UNITED STATES|
|28||101.5||AS19969||JOESDATACENTER (AKA AARONSNET)||UNITED STATES|
|29||100.7||AS8206||JUNIK-RIGA-LV JUNIKNET Autonomous System||LATVIA|
|30||100.5||AS24940||HETZNER-AS Hetzner Online AG RZ-Nuernberg||GERMANY|
|31||100.3||AS32244||LIQUID-WEB-INC - Liquid Web, Inc.||UNITED STATES|
|32||97.1||AS9121||TTNET TTNET AUTONOMOUS SYSTEM||TURKEY|
|33||95||AS41671||SERVER-UA-AS SERVER.UA UKRAINE DEDICATED SERVICE||UKRAINE|
|34||91.6||AS3257||TISCALI-BACKBONE Tiscali Intl Network BV Formerly Nacamar Data Communications, Germany||GERMANY|
|35||91.5||AS8560||ONEANDONE-AS 1&1 Internet AG (SCHLUND)||GERMANY|
|36||90.3||AS29629||INETWORK-AS IEUROP AS||FRANCE|
|37||90.1||AS44042||ROOT root eSolutions||LUXEMBOURG|
|38||90||AS9929||China-Netcom-Corporation China Netcom Corporation||CHINA|
|39||90||AS44349||MEDLAIF-AS PP Medlaif||UKRAINE|
|40||89.2||AS43689||DANKON-AS Dankon Ltd.||RUSSIAN FEDERATION|
|41||89.2||AS4837||CHINA169 - BACKBONE CNCGROUP China169 Backbone||CHINA|
|42||88.8||AS15149||EZZINET Ezzi.net (A Service of AccessIT)||UNITED STATES|
|44||86.4||AS6849||UKRTELNET JSC UKRTELECOM,||UKRAINE|
|45||86||AS19318||NJIIX-AS-1 - NEW JERSEY INTERNATIONAL INTERNET EXCHANGE LLC||UNITED STATES|
|46||85||AS16557||COLOSOLUTIONS - Colo Solutions, Inc.||UNITED STATES|
|47||84.9||AS35908||VPLSNET - VPLS Inc. d/b/a Krypt Technologies||UNITED STATES|
|48||84.7||AS35118||SMARTLOGIC-AS SmartLogic Ltd||RUSSIAN FEDERATION|
|50||83||AS26496||PAH-INC - GoDaddy.com, Inc.||UNITED STATES|
Page 4 of 7
World Hosts Report - March 2013HostExploit is pleased to present the March 2013 World Hosts Report, in collaboration...
White Paper: The New gTLDs – Security by DesignCyberDefcon has released a new white paper, The New gTLDs – Security...
Familiar Hosts & Open ResolversHostExploit is pleased to present the Q3 2012 World Hosts Report, in collaboration...