Introduction
Here we summarize the total activity over all time for the top 25 ASN's related to Command and Controls for botnets. This report is a duplicate of the pages we have here.
Note that all timestamps are in UTC+0.
Fields
| Field | Description |
| ASN | Autonomous Systems NUmber used for BGP routing |
| Number | Total number of seen C&C's over all time |
| Details | ASN Description |
| Closed | How many of the total C&C's are closed and shutdown |
| CC DDoS | How many DDoS's did those C&C's initiate |
| CC Scans | How many scans did those C&C's initiate |
| CC CHosts | Number of systems C&C's from this ASN compromised other systems |
| TGT DDoS | The number of times this ASN was targeted for a DDoS |
| TGT Scans | Number of times this ASN was targeted for a scan and exploit |
| TGT CHosts | Number of systems that were compromised within this ASN |
| URL's | Number of URL's that were either malicious, or seen from some malicious activity |
Sample
Sorted by Total Number of Command and Control Servers
"ASN","Number","Details","Closed","CC DDoS","CC Scans","CC CHosts","TGT DDoS","TGT Scans","TGT CHosts","URLs" 23522,1284,"IPNAP-ES - GigeNET","44%",14023,47661,207543,13926,310,0,421 3265,1264,"XS4ALL - NL XS4ALL","10%",0,0,0,169,2509,784,1600 30058,615,"FDCSERVERS - FDCservers.net","54%",23470,16949,339,8089,1001,0,22524 35908,484,"VPLSNET - VPLS Inc. d/b/a Krypt Technologies","5%",978,1,0,20762,1727,0,8979 174,481,"COGENT - Cogent/PSI","17%",355,6169,1888,2358,21529,111,53154 790,437,"EUNETFI - EUnet Finland","0%",0,0,0,105,4487,15,262 25700,424,"25700 - SWIFT VENTURES Inc","9%",5,7064,0,592,662,1,15828 31800,422,"DALNET - DALnet","1%",0,0,0,1669,12,0,0 41075,410,"ATW - AS ATW Internet Kft.","1%",7,701,4,24,10,0,100 25761,396,"STAMINUS-COMM - Staminus Communications","5%",1295,46853,1165,30178,757,0,14175 16276,369,"OVH - OVH","34%",701,4868,1100,8745,1338,219,25409 12989,349,"HWNG - Highwinds Network Group, Inc.","0%",0,0,0,93,234,0,4004 14037,336,"AS-RVB-1 - RackVibe LLC","11%",177,2842,1171,3372,0,0,488 46844,333,"ST-BGP - SHARKTECH INTERNET SERVICES","26%",1038,2004,1296,40624,0,0,1055 31669,316,"ITSS - AS IT - SOLID SOLUTIONS","0%",0,0,0,2,47,0,2 13768,306,"PEER1 - Peer 1 Network Inc.","16%",6715,328,0,4350,11509,46,235403 13301,306,"UNITEDCOLO - AS Autonomous System of unitedcolo.de","66%",30444,5972271,23818,534,367,6,5421 5,297,"SYMBOLICS - Symbolics, Inc.","100%",0,0,0,0,0,0,0 17048,274,"AWKNET - Awknet Communications, LLC","23%",1175,31402,10846,11351,0,0,1424 21844,270,"THEPLANET-AS - ThePlanet.com Internet Services, Inc.","44%",6142,1598,239,32824,746,19,346967 33569,267,"ALLHOSTSHOP - ALLHOSTSHOP.COM","1%",14,0,0,118,298,0,99 8001,239,"NET-ACCESS-CORP - Net Access Corporation","54%",20519,5352,5,45994,848,1,21036 30217,232,"DESYNC - Desync Networks","1%",6,237,0,186,1529,34,1332 23352,225,"SERVERCENTRAL - Server Central Network","8%",691,154,0,1076,1896,0,475989 13213,225,"UK2NET - AS UK-2 Ltd Autonomous System","48%",593,6104,79,776,6068,3,566 25176,208,"AC - NET LaNet Vasterbotten Data och Tele AB","0%",0,0,0,7,2191,21,107 28753,208,"NETDIRECT - AS NETDIRECT Frankfurt, DE","44%",24302,42639,6,10343,993,13,482751
Sorted by Rate of Highest Closed Number of Command and Control Servers
"ASN","Number","Details","Closed","CC DDoS","CC Scans","CC CHosts","TGT DDoS","TGT Scans","TGT CHosts","URLs" 5,297,"SYMBOLICS - Symbolics, Inc.","100%",0,0,0,0,0,0,0 12832,104,"LYCOS - EUROPE Lycos Europe GmbH","100%",3103,1565,4444,351,930,0,8019 24989,84,"IXEUROPE-DE-FRANKFUR - ASN IX Europe Germany AS","100%",915,47406,902,171,529,1,681 25232,49,"VZD - LR Valsts Zemes Dienests","100%",87,278,0,42,30449,0,84 19048,47,"CORIO - Corio, Inc.","100%",0,0,0,6,766,482,0 20228,47,"PACNET-MX - Pacnet, S.A. de C.V.","100%",0,0,0,0,33,0,2115 4686,46,"BEKKOAME - BEKKOAME INTERNET INC.","100%",0,2,0,0,559,0,132 26496,44,"PAH-INC - GoDaddy.com, Inc.","100%",1,0,0,12453,4516,26,14960 20773,42,"HOSTEUROPE - AS AS of Hosteurope Germany / Cologne","100%",13086,32097,532,7221,734,80,1286 26228,32,"SERVEPATH - ServePath, LLC","100%",1143,6,0,1252,472,25,4160 5603,31,"SIOL - NET Telekom Slovenije d.d.","100%",288,2266,3030,917,507,423,77 31365,27,"SGSTELEKOM - SGS Telekom Autonomous System","100%",168,1,0,181,60,0,377 3561,25,"SAVVIS - Savvis","100%",3149,28055,55490,3883,10225,6,78236 9155,25,"QualityNet - AS number","100%",190,72,0,1998,755,217,112 1785,21,"AS-PAETEC-NET - PaeTec Communications, Inc.","100%",208,4598,0,100,9635,112,3624 21050,19,"FAST - TELCO Fast Telecommunications Company W.L.L.","100%",20,488,1,869,6130,50,1019 22439,18,"VRTSERVERS - Vrtservers, Inc","100%",0,0,0,80,21,11,2660 13601,17,"ASN-INNERHOST - Peer 1 Dedicated Hosting","100%",7,57924,278,630,783,0,154 2828,17,"XO-AS15 - XO Communications","100%",19,2981,0,83,7755,362,9670 17506,16,"UCOM - UCOM Corp.","100%",661,25846,13107,38,3061,427,13782 25229,16,"VOLIA - AS Kyivski Telekomunikatsiyni Merezhi LLC","100%",3639,41,0,896,291,29,34 31530,16,"SERVERCREW - AS Autonomes System","100%",85,2,0,114,3830,0,28 29737,16,"WOW-INTERNET - WideOpenWest Finance LLC","100%",721,365031,0,76,14026,17,43 9848,16,"GNGAS - Enterprise Networks","100%",205,195,0,7,3782,26,4961 9498,16,"BBIL - AP BHARTI Airtel Ltd.","100%",0,0,0,692,102277,1095,2392 34779,16,"T-2 - AS AS set propagated by T-2, d.o.o.","100%",27,95,19,236,1156,76,79 9394,15,"CRNET - CHINA RAILWAY Internet(CRNET)","100%",44614,4,0,158,13869,2600,4009
Sorted by Rate of Lowest Closed of Command and Control Servers
"ASN","Number","Details","Closed","CC DDoS","CC Scans","CC CHosts","TGT DDoS","TGT Scans","TGT CHosts","URLs" 790,437,"EUNETFI - EUnet Finland","0%",0,0,0,105,4487,15,262 12989,349,"HWNG - Highwinds Network Group, Inc.","0%",0,0,0,93,234,0,4004 31669,316,"ITSS - AS IT - SOLID SOLUTIONS","0%",0,0,0,2,47,0,2 25176,208,"AC - NET LaNet Vasterbotten Data och Tele AB","0%",0,0,0,7,2191,21,107 22653,204,"GLOBALCOMPASS - Cyber Wurx LLC","0%",0,0,0,81,299,10742,880 41164,185,"GET - NO GET Norway","0%",0,0,0,25,3124,3,4 35028,180,"MULTIPLAY - Multiplay AS Number","0%",0,0,0,11,26,0,0 39369,179,"PORT80 - Port80 AB, Sweden","0%",0,0,0,15,5082,40,1298 224,127,"UNINETT - UNINETT, The Norwegian University & Research Network","0%",0,0,0,17,549,132,13 15694,74,"ATMAN - ATMAN Autonomous System","0%",0,0,0,11,164,76,879 40431,65,"TRAVAIL-SYSTEMS - Travail Systems, INC","0%",0,0,0,0,0,0,30 40395,61,"VIRTBIZ-DALLAS - VIRTBIZ Internet Services","0%",0,0,0,32,0,0,2 35366,58,"ISPPRO - AS ISPpro Internet KG","0%",6,443,2,83,69,1,7 32787,56,"PROLEXIC - Prolexic Technologies, Inc.","0%",0,0,0,7392,978,23,4616 39546,53,"MG - AS ISP MG","0%",6967,0,0,4,6,0,0 16557,47,"COLOSOLUTIONS - Colo Solutions, Inc.","0%",0,0,0,83,1513,0,543 4436,46,"AS-NLAYER - nLayer Communications, Inc.","0%",0,0,0,73,797,0,28793 3701,43,"NERONET - Oregon Joint Graduate Schools of Engineering","0%",0,0,0,0,17,10,1119 36375,41,"UMICH-AS-5 - University of Michigan","0%",0,73,2,17,104,58,9 37898,37,"BARTOK - NET digitiminimi, inc.","0%",13,7183,0,0,18,0,0 29117,36,"IRC - HISPANO http://www.irc-hispano.es/","0%",0,0,0,0,8,0,0 45514,34,"TELEMEDIA-SMB-AS - AP Bharti Airtel Ltd., TELEMEDIA Services, for SMB customers","0%",10159,8,0,0,0,1,1 35425,34,"BYTEMARK - AS Bytemark Computer Consulting Ltd","0%",0,0,0,75,67,2,12 11305,31,"P1DH-1-ASN - Peer 1 Dedicated Hosting","0%",4,1,0,229,932,0,1180 23028,31,"TEAM-CYMRU - Team Cymru Inc.","0%",0,0,0,0,497,7,0 35592,30,"COOLHOUSING - AS COOLHOUSING Autonomous System","0%",0,3508,0,42,424,1,277 9192,30,"LLEIDANET - Lleida - Catalonia - Spain","0%",0,4,0,0,0,0,27
<< | Reports | >>
