Last 24 hours
Generated 2026-02-17 06:31:44 UTC
Top DNS Domains
Top Domains
15 rows
| Domain | Queries | Clients |
|---|---|---|
| login.microsoftonline.com | 84,291 | 423 |
| www.google.com | 72,847 | 384 |
| api.github.com | 64,291 | 198 |
| dns.google | 52,847 | 347 |
| outlook.office365.com | 48,291 | 312 |
| cdn.cloudflare.net | 42,384 | 284 |
| s3.amazonaws.com | 38,472 | 198 |
| ocsp.digicert.com | 34,827 | 423 |
| api.slack.com | 28,291 | 142 |
| graph.microsoft.com | 24,847 | 234 |
| update.googleapis.com | 18,472 | 312 |
| ntp.ubuntu.com | 14,291 | 247 |
| registry.npmjs.org | 12,847 | 84 |
| pypi.org | 8,472 | 42 |
| dl.google.com | 6,284 | 134 |
DNS Response Codes
| Response Code | Count | % |
|---|---|---|
| NOERROR | 1,284,372 | 84.2 |
| NXDOMAIN | 184,291 | 12.1 |
| SERVFAIL | 42,847 | 2.8 |
| REFUSED | 14,291 | 0.9 |
DGA Candidates
Hosts with a high percentage of NXDOMAIN responses, potentially indicating domain generation algorithm activity.
DGA Candidates
3 rows
| Source IP | Total Queries | NXDOMAIN Count | NXDOMAIN % |
|---|---|---|---|
| 10.1.8.50 | 4,284 | 2,847 | 66.5 |
| 10.169.112.51 | 2,847 | 1,284 | 45.1 |
| 10.6.19.21 | 1,847 | 623 | 33.7 |
DNS Tunneling Candidates
Queries with unusually long domain names that may indicate DNS tunneling.
DNS Tunneling Candidates
5 rows
| Source IP | Domain | Length | Queries |
|---|---|---|---|
| 10.1.8.50 | aGVsbG8gd29ybGQ.data.c2-exfil-tunnel.suspicious-domain.net | 72 | 847 |
| 10.1.8.50 | dGhpcyBpcyBhIHRlc3Q.beacon.c2-exfil-tunnel.suspicious-domain.net | 78 | 623 |
| 10.169.112.51 | _ldap._tcp.dc1.ad.corp.contoso.com._msdcs.corp.contoso.com | 68 | 284 |
| 10.1.8.13 | adrev-ingress.ad-rev-dev-production-us-east1.gke-svc.example.com | 74 | 142 |
| 10.6.19.21 | pplx-browser-binaries.a0adf9b772aecba4.r2.cloudflarestorage.com | 70 | 98 |