September 2017 Web Server Survey

In the September 2017 survey we received responses from 1,805,060,730 sites and 6,798,101 web-facing computers, reflecting a gain of 4.49 million sites and 84,800 computers. This is the largest number of web-facing computers in history, and cloud computing has helped fuel this growth considerably. The top three cloud hosting providers—Amazon, Alibaba and DigitalOcean—now account for nearly 22% of all web-facing computers, as well as more than a third of this month's net computer growth.

nginx has dominated this month's computer growth once again, with an additional 49,900 computers taking its market share up to 22.2%. This puts it within 20,000 computers of Microsoft's 22.5% share, giving nginx a realistic chance of taking second place by next month. Meanwhile, Apache remains far ahead in the lead with 2.88 million web-facing computers giving it a 42.3% share of the market.

While more than half of the websites in the survey are using Microsoft web server software, relatively few of these are active sites. Discounting link farms, domain holding pages and other automatically generated content, Microsoft accounts for only 7.3% of all active sites, while Apache leads with 44.9%, and nginx follows with 20.7%. Microsoft's active sites share has never exceeded Apache's, and ever since it peaked at 38% in early 2009, it has experienced a general decline.

Microsoft's presence within the top million websites has also been steadily declining – in 2008, it had a 20% share, but this has since dwindled to less than 10%. Today, 9.73% of the top million sites use Microsoft web server software (mostly IIS – Internet Information Services), while Apache leads with 38.9%. However, Apache has also been experiencing a general decline since 2011, while nginx has continued to muscle its way in. A further 1,299 nginx-powered sites made their way into the top million this month, lifting nginx's share to 29.4%.

Web-facing operating systems

Apache has been the most commonly installed web server for many years, but which underlying operating systems are used by the world's web facing computers?

By far the most commonly used operating system is Linux, which runs on more than two-thirds of all web-facing computers. This month alone, the number of Linux computers increased by more than 91,000; and again, this strong growth can largely be attributed to cloud hosting providers, where Linux-based instances are typically the cheapest and most commonly available.

It is difficult to distinguish different Linux distributions by examining their TCP/IP characteristics, but inferences can be made from other clues, such as Server headers. The Linux distribution can be positively identified in around 30% of cases, and of these 1.39 million Linux computers, just over half are running Ubuntu Linux, nearly a quarter are running CentOS, and around fifth are running Debian Linux.

Microsoft is next up, with 26.8% of all web-facing computers running various versions of Windows Server. Interestingly, this is higher than Microsoft's web server share (22.5%), and can be explained by around 20% of Windows computers being used to run other web server software – such as Apache and nginx – rather than its native Microsoft IIS web server. Conversely, around 51,000 Linux computers expose Microsoft IIS web servers to the internet – in these cases, the Linux frontends are typically acting as load balancers or reverse proxies to backend Windows computers running IIS.

Windows Server 2008 is the most commonly used version of the Windows Server family of operating systems – it currently runs on 971,000 web-facing computers, and this is followed by Windows Server 2012, which is installed on 505,000.

Windows and Linux are essentially the "big two" when it comes to web-facing operating systems. FreeBSD was once notorious for its reliability and impressively large uptimes when used as a server platform; indeed, Netcraft's infrastructure made extensive use of it in the past, but it is now a relatively niche operating system compared with its heyday. Today it is used by only 1.3% of web-facing computers, more than half of which are being used to run the Apache web server.

Total number of websites

Web server market share

DeveloperAugust 2017PercentSeptember 2017PercentChange
Microsoft912,072,08550.65%927,540,45451.39%0.73
Apache356,768,92819.81%329,105,83218.23%-1.58
nginx280,659,49815.59%315,530,74617.48%1.89
Google20,680,1071.15%20,906,8491.16%0.01
Continue reading

Posted by Netcraft on 11th September, 2017 in Web Server Survey

Share on LinkedIn Share on Google+ Submit to Hacker News Submit to Reddit

Most Reliable Hosting Company Sites in August 2017

Rank Performance Graph OS Outage
hh:mm:ss		 Failed
Req%		 DNS Connect First
byte		 Total
1 Swishmail FreeBSD 0:00:00 0.000 0.139 0.058 0.116 0.156
2 Qube Managed Services Linux 0:00:00 0.000 0.138 0.058 0.116 0.116
3 One.com Linux 0:00:00 0.004 0.196 0.037 0.104 0.104
4 EveryCity SmartOS 0:00:00 0.004 0.107 0.064 0.290 0.290
5 Pair Networks FreeBSD 0:00:00 0.004 0.243 0.071 0.141 0.141
6 ReliableServers.com Linux 0:00:00 0.009 0.171 0.005 0.157 0.157
7 SimpleServers Linux 0:00:00 0.009 0.105 0.005 0.142 0.142
8 Lightcrest unknown 0:00:00 0.009 0.172 0.020 0.048 0.146
9 Hyve Managed Hosting Linux 0:00:00 0.009 0.091 0.059 0.122 0.122
10 Rackspace F5 0:00:00 0.009 0.161 0.074 0.150 0.150

See full table

Swishmail had the most reliable hosting company website in August 2017. It responded to all of Netcraft's requests from several points around the internet, with not a single failure, and an average connect time of 57.6 milliseconds. The US-based company provides email and web hosting services based on FreeBSD, and this is its fourth appearance in the top ten so far this year.

There was an incredibly close battle for first place this month, as Qube Managed Services also managed to respond to all of Netcraft's requests, but its average connect time was fractionally longer at 57.7 milliseconds – less than 0.2 milliseconds slower than Swishmail's average. This puts Qube in second place, but only just. Impressively, this is Qube's seventh time in the top ten for 2017. It operates data centres in London, Zurich and New York, where it offers managed hosting, colocation, and cloud-based solutions.

In third place, with a single failed request, was One.com. Its average connect time was noticeably faster than those of Swishmail and Qube; but reliability trumps speed in this contest. This is One.com's fifth top-ten appearance this year, including another first place ranking in April. Founded in 2002, the company was established in Denmark, and offers a variety of internet services including 1-click WordPress installations, domain registrations, email hosting, and Office 365.

Five of this month's top-ten hosting companies used the Linux operating system for their main sites during August, while two used FreeBSD, one used SmartOS, and another used an F5 device. Conspicuous by its absence is Windows, which has not appeared in the top ten since January, despite being found on more than half of the 1.8 billion websites in our Web Server Survey.

Netcraft measures and makes available the response times of around thirty leading hosting providers' sites. The performance measurements are made at fifteen minute intervals from separate points around the internet, and averages are calculated over the immediately preceding 24 hour period.

From a customer's point of view, the percentage of failed requests is more pertinent than outages on hosting companies' own sites, as this gives a pointer to reliability of routing, and this is why we choose to rank our table by fewest failed requests, rather than shortest periods of outage. In the event the number of failed requests are equal then sites are ranked by average connection times.

Information on the measurement process and current measurements is available.

Posted by Netcraft on 4th September, 2017 in Hosting, Performance

Share on LinkedIn Share on Google+ Submit to Hacker News Submit to Reddit

August 2017 Web Server Survey

In the August 2017 survey we received responses from 1,800,566,882 sites and 6,713,340 web-facing computers. This represents a gain of 32.6 million sites (+1.84%) and 120,000 computers (+1.82%).

Continuing its consistently strong performance, nginx once more gained the most web-facing computers, increasing its total by 50,800 (+3.6%). Second-place Microsoft also gained computers (+5,000, +0.3%), albeit much more modestly. As a result, its market share dipped 0.34 percentage points. Apache gained 32,200 web-facing computers (+1.1%), but also saw its share fall, dropping 0.28 percentage points to 42.5%.

The gap in the market share of web-facing computers between nginx and Microsoft has narrowed to 1.13 percentage points. If current trends continue, the number 2 position should be well within nginx's reach before the end of 2017. However, with an almost 20-percentage-point lead over both nginx and Microsoft, market-leader Apache is unlikely to be dethroned anytime soon.

nginx also continues to gain market share amongst the million busiest sites, with 2,200 more top sites seen using the web server this month. Apache's dominant position continues to gradually erode, dropping by 1,700 sites in August. nginx is still a distant second, but for the first time is fewer than 100,000 sites behind. Third-place Microsoft also continues a gradual decline, and after losing a further 980 sites from the top million this month its market share now stands at 9.80%.

Turbulent times for .xyz

.xyz experienced the largest growth among all TLDs this month, gaining websites on over 761k unique domains (+22%). This brought the 7th largest TLD up to over 4 million domains hosting web content. However, it is unlikely to maintain this position for long, with the .xyz zone file losing over 44% of its registered domains shortly after the August survey ran.

The .xyz top-level domain was launched to the public in June 2014 and had reached almost 100,000 domains within the first 10 days after a Network Solutions promotion which gave free matching .xyz domains with each .com domain purchased. This was done on an opt-out basis, with the domains only being free for the first year, causing some confusion the following year when each domain became due for renewal at a cost of $38.

gen.xyz ran another promotion in June 2016 to celebrate its 2 year anniversary. For 2 days .xyz offered domains for just 2¢ (including the ICANN fee), leading to the TLD more than doubling in size after nearly 2.7 million domains were registered. Unsurprisingly, just over one year on, this has led to a dramatic drop in the number of registered .xyz domains; fewer than 1% of the domains created during the event are still registered.

Total number of websites

Web server market share

DeveloperJuly 2017PercentAugust 2017PercentChange
Microsoft940,029,82853.17%912,072,08550.65%-2.52
Apache315,188,48017.83%356,768,92819.81%1.99
nginx266,041,29615.05%280,659,49815.59%0.54
Google20,855,4241.18%20,680,1071.15%-0.03
Continue reading

Posted by Netcraft on 29th August, 2017 in Web Server Survey

Share on LinkedIn Share on Google+ Submit to Hacker News Submit to Reddit

Cloud Wars: Alibaba becomes 2nd largest hosting company

As the Cloud Wars heat up, the Chinese Alibaba Group has overtaken DigitalOcean to become the second largest hosting company in the world. Netcraft's July 2017 survey found nearly 432,000 web-facing computers hosted by Alibaba.

Alibaba has shown tremendous growth in 2017.

Open Sesame: Alibaba has shown tremendous growth in 2017.

Alibaba has clearly made significant progress in the web hosting battleground over the last five years. Its Aliyun cloud hosting service accounted for the majority of its web-facing computers in 2013, and made it the largest hosting company in China by 2015.

Since then, Aliyun's international website has been rebranded as Alibaba Cloud, and now offers even more features than before – seemingly in an attempt to take on the might of Amazon, which still reigns as the world's largest hosting company.

Cloud Wars: Episode II?

All three of the world's largest hosting companies – Amazon, Alibaba Group, and DigitalOcean – have achieved their positions by offering relatively low-cost cloud computing resources. While there is unavoidable overlap between the features offered by each company, a comparison of Amazon's pricelist and a list Alibaba Cloud's new offerings reveals some striking similarities.

For instance, Alibaba's general purpose virtual servers are known as Elastic Compute Service (ECS) instances, while Amazon Web Services offers similarly capable Elastic Compute Cloud (EC2) instances. Alibaba and Amazon also both offer private inter-instance networking, load balancing, auto scaling, cloud content delivery, and elastic IP addresses. Alibaba's ApsaraDB for RDS service provides features similar to Amazon's own Relational Database Service (Amazon RDS), and its Object Storage Service (OSS) is akin to Amazon's Simple Storage Service (S3).

This trend – where Alibaba Cloud appears to be implementing very similar features to those provided by Amazon Web Services – ought to be of great concern to Amazon. In a cloud hosting market with few distinguishing features amongst the leading providers, success could ultimately boil down to which one is cheapest.

Alibaba Cloud ready to grow its international customer base

Accessibility and ease of use can also play an important part in the success of a hosting provider, and Aliyun had some fundamental limitations that held back its earlier growth. Most notably, its virtual machines could only be hosted in China, which meant that they could not be bought by many customers outside China, and it was unsuitable for hosting websites that had an international audience.

Any customer who wanted to buy a virtual server at Aliyun had to go through an identity verification process that required them to be a national of China or one of a few other Asia-Pacific countries, or to represent a Chinese company. Also, all websites hosted in China were – and still are – required by law to obtain an ICP licence.

Flaky cross-border internet connectivity, along with potential interference by the Great Firewall of China, also made China a poor location to host any website that has an international audience. The aliyun.com website itself was also hosted in China, resulting in a very poor user experience from outside China – many international requests were unreasonably slow, and some did not succeed at all:

In September 2013, international requests to aliyun.com were often slow and occasionally timed out.

In September 2013, requests to aliyun.com from outside of China were often slow and occasionally timed out.

Alibaba Cloud has resolved these connectivity issues by opening overseas data centres and hosting the international version of its website – alibabacloud.com in Singapore. Singapore has numerous submarine cables that provide links throughout Asia, Australia, the Middle East, Europe and the US. This connectivity results in faster, more consistent international response times, with very few requests failing.

Alibaba Cloud's new data centers

In addition to its six data centers in mainland China, Alibaba Cloud now operates several others located in Hong Kong, Japan, Singapore, Australia, Dubai, Germany and the United States. It is also planning to open more in India and Indonesia by March 2018.

Currently available regions for Alibaba Cloud ECS instances.

Currently available regions for Alibaba Cloud ECS instances.

These additional hosting locations effectively eliminate the regulatory issues that were associated with hosting websites in China, and also resolve performance issues. Not only is the connectivity to these countries significantly more reliable, but a customer also has the opportunity to get faster connection times by choosing a data center that is closer to its primary audience.

To facilitate growth in the world market, https://www.alibabacloud.com/ automatically presents international visitors with an English-language version of the site. Logged-in users can control their products via an international version of Alibaba Cloud's control panel at https://home-intl.console.aliyun.com, and a ticket-based support system is also available in English. Previously, the Aliyun website, control panel and technical support were only available in Chinese.

Conversely, Amazon's support for Chinese customers has also improved, and after broadening its operating relationship with the Beijing Sinnet Technology Co., it has been able to comply with Chinese telecom regulations and simplify its billing and fapiao invoice processes.

Alibaba Cloud's new international site features interactive background animations, headline offers, and detailed information about each Alibaba Cloud product. However, there are still problems to be ironed out, which become evident before a user has even managed to create an account. For example, signing up for a free Alibaba Cloud account via the international site requires the prospective customer to verify his email address by entering a number that is sent to the address; however, no such emails were received by Netcraft following several signup attempts during July.

alibabacloud-verification

Clicking the "Not receiving an email?" link takes the user to a help page that advises, "If you still fail to receive an email, please contact us via support@alicloud.com." This merely routes the prospective customer down another frustrating dead-end: The server at alicloud.com does not accept SMTP connections, and Alibaba has failed to configure an MX record for the alicloud.com domain, and so any emails to this address will never be delivered.

Despite repeated attempts, it was not possible to summon help via the publicised support address.

Despite repeated attempts, it was not possible to summon help via the publicised support address.

Problems like these could immediately deter – or simply prevent – customers from signing up in the first place, although they may just be teething problems caused by Aliyun's international rebranding to Alibaba Cloud. This transition was still in progress while this article was being written, with some pages on https://intl.aliyun.com/ later redirecting to equivalent pages on https://www.alibabacloud.com.

Alibaba Cloud's enormous potential

Netcraft's July 2017 survey found that 93% of Alibaba's web-facing computers use IP addresses that are allocated to China, followed by 6% in the United States.

Considering how massive Alibaba Cloud is in China alone, it has enormous potential if it can attract similar levels of custom from the rest of the world. It is also a testament to how big a player China is on the internet – not only does it have more than twice as many internet users as the United States, but a company with most of its servers in China is now ranked #2 in the world.

Connectivity-wise, there seems to be no reason why Alibaba Cloud should not do well outside of China. For example, here is a performance chart of one of its smallest ECS instances hosted in Germany, collocated in a data center owned by Vodafone:

p-27993.369

Should Amazon be afraid?

Amazon currently hosts more than 836,000 web-facing computers, which is nearly twice as many as Alibaba Group; although Amazon has had a considerable head start over both DigitalOcean and Alibaba, which are both relative newcomers.

Amazon has been the largest hosting company since September 2012, before the first DigitalOcean droplet had even appeared in Netcraft's survey. While this goes to demonstrate the impressive speed of DigitalOcean's growth over the past four years, Amazon is now growing at an even faster pace:

top-three-hosting-companies

Although Alibaba is far from threatening Amazon's lead, its operations outside of China are arguably still in their infancy. In fact, the 402,000 web-facing computers it hosts from China-allocated IP addresses would alone be sufficient to make Alibaba the second largest hosting company in the world today.

By starting off in China, Alibaba has made significant progress and gained considerable experience in a market it understands well. Alibaba Cloud has used this experience to develop and refine its products, and time will tell if it is able to enjoy similar success across the global market.

Both Amazon and Alibaba have the financial might to drive future growth and develop (or copy) new cloud hosting innovations. Unlike DigitalOcean – which is purely a cloud hosting company – Amazon and Alibaba both attract billions of dollars of revenue from their online retail operations. These provide easily accessible surety for their hosting subdivisions, while DigitalOcean has been funded by lines of credit and investment capital.

Alibaba Cloud is finally price competitive

Another factor that held back Aliyun in the past was its relatively high pricing compared with its competitors. In 2013, its cheapest cloud instance was almost twice the cost of Amazon's cheapest, and the subsequent rise of DigitalOcean made Aliyun even less competitive. By 2015, DigitalOcean's $5/month droplets worked out less than a third of the cost of an equivalent instance at Aliyun.

But Alibaba Cloud has worked towards addressing these pricing discrepancies. Today, it is much more price competitive, with many services being cheaper than Amazon AWS. While it is difficult to make a direct comparison between competing specifications, Alibaba Cloud's regular pricing is also much closer to DigitalOcean's for some instance types – and some of its current promotional offers make it significantly cheaper.

In a move to capture new customers, one of Alibaba Cloud's headline promotional offers is an SSD cloud server for only $30 per year, which is 84% less than its regular pricing. These single-core instances come with 1GB memory, a 40GB SSD Cloud Disk, and 1TB/month data transfer, which gives them a higher spec than DigitalOcean's cheapest $60/year instances, while having the same amount of SSD storage as DigitalOcean's $240/year instances.

Alibaba Cloud accepts PayPal

Amazon AWS and Alibaba Cloud both accept credit cards as payment methods, but Alibaba also accepts PayPal, which is likely to work in its favour. Some people perceive PayPal payments to be less risky and more convenient, but Alibaba's history with PayPal raises the question of whether it will always remain a payment option at Alibaba Cloud.

For instance, Alibaba's international AliExpress online marketplace used to accept PayPal, but it no longer does. AliExpress customers are instead given a multitude of other payment options, which includes credit cards, bank transfers, Webmoney, Yandex.Money, and Western Union. Similarly, Amazon does not allow PayPal as a payment method – either for AWS or on its main online retail site – perhaps because it operates its own competing service in the form of Amazon Pay.

Notably, Alibaba also operates its own third-party online payment platform called Alipay, which is also a payment option on AliExpress, but not on Alibaba Cloud. It would be surprising if this payment method were not also made available on Alibaba Cloud in the future, as payments funded by a sufficient Alipay wallet balance would presumably be free to handle, or certainly cheaper to handle than a credit card payment. Alipay is still the primary payment method for Chinese cloud customers on cn.aliyun.com.

Alibaba's prior experience with several other payment methods on AliExpress also suggests that it could easily introduce additional payment methods for Alibaba Cloud in the future.

Who is using Alibaba Cloud?

Chinese companies are still the most prominent users of Alibaba Cloud, which is no surprise given that most of its web-facing computers are still hosted in China.

Although Alibaba has the second largest number of web-facing computers, it has a relatively low presence among the world's top million websites – only 6,560 are hosted by Alibaba, compared with 13,000 at DigitalOcean and 79,800 at Amazon. Alibaba's lower turnout is not too surprising, as many of the sites hosted in China are likely only intended for Chinese audiences, and therefore end up with a lower global rank.

Some of the highest ranked websites hosted in Alibaba's US data centers – and therefore more readily accessible by an international audience – belong to Alibaba Group companies. This includes several hostnames used by its AliExpress online retail service, which allows Chinese retailers to sell to international customers. Customers in mainland China are not allowed to buy from AliExpress; instead, they would use Alibaba's Taobao marketplace, which is hosted in China.

AliExpress is hosted in the US, so it can better target customers outside of China.

AliExpress is hosted in the US, so it can better target customers outside of China.

Other high-ranking sites hosted outside of mainland China include those operated by the academic publisher IVY, which specialises in the publication of international Chinese journals. China's biggest video site, Youku – which was acquired by Alibaba Group in 2016 – also has a reliable international presence by virtue of using the Alibaba Cloud CDN, which has 530 edge nodes around the world.

As with Amazon AWS, the cloud computing instances provided by Alibaba Cloud give customers plenty of control over not just what software is installed on them, but also which operating systems they use. This consequently results in a diverse ecosystem of operating systems within its cloud. Windows Server has always been big in China, and indeed, this is reflected by 37% of web-facing computers at Alibaba running Windows.

Alibaba Cloud also provides several Linux operating systems for its ECS instances, including various versions of Ubuntu, Debian, CoreOS, CentOS, FreeBSD, OpenSUSE, SUSE Linux, and its own Alibaba Cloud Linux; however, CentOS is the recommended distribution.

These Linux operating systems make up 58% of the web-facing Alibaba Cloud, and cost less than Windows instances, which incur a premium of roughly $5 per core per month to cover the cost of Windows licensing. For example, a 4-core Generation II ecs.n1.large instance costs $107.20/month when running Linux, or $127.94/month when running Windows Server 2016 Data Center Edition 64-bit English Edition.

Surprisingly, one of the Windows versions that was still available for new instances earlier this month was the end-of-life Windows Server 2003 R2, although customers had to explicitly acknowledge that they had understood the risks of running an operating system that is no longer supported by Microsoft, and agree to Alibaba's Agreement on Application for Continuing Using Windows Server 2003 Image Service. This agreement was only available in Chinese, again demonstrating that Alibaba Cloud has not yet fully transitioned to a global market.

Some important parts of the Alibaba Cloud web interface have not yet been translated to English.

Some important parts of the Alibaba Cloud web interface have not yet been translated to English.

Despite the risks of running unsupported operating systems, around 6% of the web-facing computers hosted by Alibaba are using Windows Server 2003. This proportion will soon decrease, as Alibaba made its Windows Server 2003 images unavailable to new ECS instances from 20 July 2017.

Cloudy Conclusions?

Alibaba Cloud has implemented many products and services that are similar to those provided by Amazon AWS, and it is now making a concerted effort to expand its cloud hosting operations outside of China by providing data centers in several other countries.

Despite an impressive feature set, Alibaba Cloud's growth outside China is not yet as impressive as it has been in China. Possible reasons for this include better promotional offers for new users at Amazon AWS, cheaper regular pricing (and simpler cloud instances) at DigitalOcean, and a website that is not completely ready for an international audience. Furthermore, developers who have already invested time and effort into launching services on AWS or DigitalOcean are unlikely to jump ship to a new and unfamiliar platform unless there are significant advantages.

Some prospective customers may simply be put off by the fact that Alibaba Group is a Chinese company. The Chinese government is notorious for censoring what its citizens can see on the internet, and so there may be fear and uncertainty over whether such control could also extend to customer content hosted by Alibaba in other countries.

Perhaps with more aggressive promotional offers, or successful case studies of non-Chinese companies using Alibaba Cloud, it may be able to accelerate its worldwide growth. The infrastructure is already in place, so it could ultimately be marketing that makes Alibaba Cloud a serious contender in the Cloud Wars. It has already overtaken DigitalOcean in terms of web-facing computers, and stands every chance of catching up with Amazon if it plays its cards right.

Netcraft's web survey techniques provide an independent view with a consistent methodology on the number of web-facing computers at each hosting location worldwide. For more information, see our Hosting Provider Server Count.

Posted by Paul Mutton on 22nd August, 2017 in Hosting

Share on LinkedIn Share on Google+ Submit to Hacker News Submit to Reddit

First fishy phishing sites sighted

Alliteration aside, Netcraft has found and blocked the first phishing site to be hosted on the homepage of a .fish generic top-level domain (gTLD).

Ripe for crappie puns: A single roe of malicious phishing content hosted on a .fish website.

While a few phishing sites have been found using the .fish and .fishing gTLDs before, parser.fish became the first to host malicious phishing content directly on its homepage. Fraudsters lured unsuspecting suckers to the fishy site, where a cheeky 99-char meta redirect sent them off to a separate phishing site hosted in Vietnam. This then attempted to steal online banking credentials by impersonating the French banking cooperative, BRED.

You didn't need to be a brain sturgeon to mullet over and decide this site smelt a bit fishy.

You didn't need to be a brain sturgeon to mullet over and decide this site smelt a bit fishy.

This is not the first time a fishy top-level domain has been used in a phishing attack, although it is pretty rare. Since the .fish and .fishing gTLDs were delegated to the internet back in 2014, there has been barely a whiff of phishing activity on them. In fact, there hasn't been much legitimate activity, either – Netcraft's top million websites contain only one .fish domain and just a sole .fishing domain, and the entire 1.8 billion site survey contains fewer than 6,000 websites that use a .fish or .fishing domain.

A week before blocking this attack, the parser.fish domain was also home to a Netflix phishing site, but this was hosted in a subdirectory on the site and has since been taken down. The parser.fish domain has been registered through Tucows, using its Contact Privacy domain privacy service to prevent the registrant's details being displayed publicly; but this could just be a red herring and doesn't necessarily mean it was registered with fraudulent intent. The fact that the phishing content has also already been removed from its homepage suggests that the site may simply have been compromised rather than having been created specifically for the porpoise of phishing.

The only other fishy phishes in history have been hosted on legitimate (but now defunct) websites that had also been compromised. Earlier this year, a subdirectory on www.vape.fish was found hosting an ANZ phishing site, while last year a different one was found on www.hot-spot.fishing, which used to sell Russian fishing supplies.

Posted by Paul Mutton on 21st August, 2017 in Around the Net, Domains, Security

Share on LinkedIn Share on Google+ Submit to Hacker News Submit to Reddit

Most Reliable Hosting Company Sites in July 2017

Rank Performance Graph OS Outage
hh:mm:ss		 Failed
Req%		 DNS Connect First
byte		 Total
1 Qube Managed Services Linux 0:00:00 0.000 0.135 0.063 0.124 0.124
2 Memset Linux 0:00:00 0.000 0.137 0.063 0.244 0.387
3 New York Internet FreeBSD 0:00:00 0.004 0.279 0.019 0.041 0.148
4 Bigstep Linux 0:00:00 0.004 0.132 0.063 0.129 0.129
5 XILO Communications Ltd. Linux 0:00:00 0.004 0.213 0.070 0.139 0.139
6 Netcetera Linux 0:00:00 0.004 0.092 0.079 0.159 0.160
7 www.dinahosting.com Linux 0:00:00 0.004 0.194 0.082 0.164 0.165
8 Hivelocity Linux 0:00:00 0.004 0.156 0.084 0.168 0.168
9 One.com Linux 0:00:00 0.008 0.190 0.037 0.106 0.106
10 Hyve Managed Hosting Linux 0:00:00 0.008 0.084 0.061 0.127 0.127

See full table

Qube Managed Services takes July 2017's top position for most reliable hosting company site, with its site successfully responding to all requests. Qube operates from three data centres — in the City of London, Zurich, and Manhattan, New York - offering managed hosting, colocation, and cloud-based solutions.

Memset's site also successfully responded to all requests in July, as it did in June. However, its average TCP connect time was less than a millisecond slower than Qube's, granting Memset second place in July. Memset is a UK-based hosting company with a 99.998% uptime over 3 years, and 100% uptime over the past 6 months.

New York Internet gained third place with only one failed request. New York Internet is the only hosting provider in July's top 10 list to use a non-Linux operating system to power its website, being powered instead by FreeBSD.

Hyve Managed Hosting continues its top 10 streak, now having been in the top 10 for six consecutive months.

Netcraft measures and makes available the response times of around thirty leading hosting providers' sites. The performance measurements are made at fifteen minute intervals from separate points around the internet, and averages are calculated over the immediately preceding 24 hour period.

From a customer's point of view, the percentage of failed requests is more pertinent than outages on hosting companies' own sites, as this gives a pointer to reliability of routing, and this is why we choose to rank our table by fewest failed requests, rather than shortest periods of outage. In the event the number of failed requests are equal then sites are ranked by average connection times.

Information on the measurement process and current measurements is available.

Posted by Netcraft on 4th August, 2017 in Hosting, Performance

Share on LinkedIn Share on Google+ Submit to Hacker News Submit to Reddit