Lock Abstract illustration
Image of The DomainTools Report 2017
DomainTools Reports

The DomainTools Report: Spring 2017 Edition

For the past few years, DomainTools has conducted research to unearth important patterns of malicious domains. Past research focused on comparing things like neutral and malicious domains based on domain age, relative badness based on the entropy of domains, and analysis of domain registrars and “hot spots” of malicious domains. In the most recent DomainTools supplement, published in the spring of 2017, we looked at TLDs (top level domains), privacy providers, free email providers, and IP geography to identify trends in nefarious activity.

We analyzed a corpus of active domains across the Internet—that is, out of the approximately 315 million domain names that are currently registered to identify patterns and help us pinpoint nefarious activity at a large scale. In ways that are similar to methodologies used by security analysts and threat hunters at smaller scales to expose threat actor infrastructure.

This white paper highlights concentrations of badness in:

  • Top level domains
  • Whois privacy services
  • Free email providers represented in registrant email fields
  • IP geographies

Related Content

DomainTools Reports

The DomainTools Report: Spring 2024 Edition

Read more
DomainTools Internet Intelligence | ESG Economic Validation
DomainTools Reports

The DomainTools Report: Spring 2023 Edition

Download Now
DomainTools Report: Fall 2021 Edition Background
DomainTools Report

DomainTools Report: Fall 2021 Edition

Download Now
DomainTools Logo
Pricing Contact Login Support Request a Demo

© 2024 DomainTools

DomainTools® and DomainTools™ are owned by DomainTools, all rights reserved.

Privacy Policy    |    California Privacy Notice
Do Not Sell My Personal Information    |    Terms of Service    |    Sitemap