DomainTools Reports

The DomainTools Report: Spring 2023 Edition

Large-Scale Patterns of Malicious Online Infrastructure

In the Spring 2023 edition of the DomainTools Report, we again focus on concentrations of malicious activity by the six categories we last studied in the Fall of 2021 edition: Top Level Domain (TLD), IP Autonomous System Number (ASN), Name server ASN, Domain Registrar, Country of Hosting, and SSL Certificate Issuer. For each category, we provide a Top Ten list sorted by signal strength (a measure of the concentration of malicious activity). Many of the items on these lists will look familiar to practitioners, but the report holds some surprises as well.

We identify these “hotspots” of malicious activity in part to point investigators and researchers toward forensic data points that will be useful in helping make sense of Internet infrastructure of unknown quality or nature. 

This paper includes:

  • The methodology for the research
  • A series of “Top Ten” tables for each of the six features studied
  • Findings: expected, and unexpected, patterns in the data

Related Content

DomainTools Reports

The DomainTools Report: Spring 2024 Edition

Read more
DomainTools Report: Fall 2021 Edition Background
DomainTools Report

DomainTools Report: Fall 2021 Edition

Download Now
Background with vertical turquoise lines
DomainTools Report

Domain Blooms: New Method of Detecting Trending Bad Domains

Download Now
DomainTools Logo
Pricing Contact Login Support Request a Demo

© 2024 DomainTools

DomainTools® and DomainTools™ are owned by DomainTools, all rights reserved.

Privacy Policy    |    California Privacy Notice
Do Not Sell My Personal Information    |    Terms of Service    |    Sitemap