In [1]:
import json
from statistics import mean, median
from tldextract import extract
from urllib.parse import urlparse


In [2]:
date = "2025-08-07-08-56-01"

num_origins_per_origin = []
num_origins_same_etld_as_origin = []
num_origins_different_etld_as_origin = []
num_origins_invalid = []
bsp_origins_invalid = set()

with open(f"../data/wellknown/webauthn/{date}.json", "r") as f:
    records = json.load(f)
    for r in records:
        origin = r["origin"]
        origins = r["data"]["origins"]

        etld = extract(origin).registered_domain

        num_origins_per_origin.append(len(origins))

        origins_invalid = 0
        origins_same_etld_as_origin = 0
        origins_different_etld_as_origin = 0
        for o in origins:
            e = extract(o)
            p = urlparse(o)
            if not e.domain or not e.suffix or not p.scheme or not p.scheme in ["http", "https"]:
                origins_invalid += 1
                bsp_origins_invalid.add(o)
            else:
                if e.registered_domain == etld:
                    origins_same_etld_as_origin += 1
                else:
                    origins_different_etld_as_origin += 1
        num_origins_same_etld_as_origin.append(origins_same_etld_as_origin)
        num_origins_different_etld_as_origin.append(origins_different_etld_as_origin)
        num_origins_invalid.append(origins_invalid)


print(f"Number of origins per origin (mean): {mean(num_origins_per_origin)}")
print(f"Number of origins per origin (median): {median(num_origins_per_origin)}")
print(f"Number of origins per origin (max): {max(num_origins_per_origin)}")
print(f"Number of origins per origin (min): {min(num_origins_per_origin)}")
print(f"Number of origins per origin (sum): {sum(num_origins_per_origin)}")

print()
print(f"Number of origins same etld as origin (total): {sum(num_origins_same_etld_as_origin)}")
print(f"Number of origins same etld as origin (domains with at least one): {sum([1 if x > 0 else 0 for x in num_origins_same_etld_as_origin])}")

print()
print(f"Number of origins different etld as origin (total): {sum(num_origins_different_etld_as_origin)}")
print(f"Number of origins different etld as origin (domains with at least one): {sum([1 if x > 0 else 0 for x in num_origins_different_etld_as_origin])}")

print()
print(f"Number of origins invalid (total): {sum(num_origins_invalid)}")
print(f"Number of origins invalid (domains with at least one): {sum([1 if x > 0 else 0 for x in num_origins_invalid])}")

print()
print(f"Number of invalid origins: {len(bsp_origins_invalid)}")
print(f"Invalid origins: {bsp_origins_invalid}")


Number of origins per origin (mean): 12.299435028248588
Number of origins per origin (median): 4
Number of origins per origin (max): 102
Number of origins per origin (min): 0
Number of origins per origin (sum): 2177

Number of origins same etld as origin (total): 399
Number of origins same etld as origin (domains with at least one): 119

Number of origins different etld as origin (total): 1752
Number of origins different etld as origin (domains with at least one): 113

Number of origins invalid (total): 26
Number of origins invalid (domains with at least one): 12

Number of invalid origins: 24
Invalid origins: {'', 'http://localhost:3000', 'android:apk-key-hash:mn1QymQTD256aybtmgWh8qD8Wy1U2KXsSfz0Cv48914', 'capacitor://coca.xyz', 'https://mfa-eu-p.srv.allianz:9987', 'https://mfa-eu-p.srv.allianz:8945', 'http://127.0.0.1', 'http://localhost:3001', '6T6Q4L44T8.com.basewallet.app-ios', 'http://127.0.0.1:5173', 'metri.xyz', 'android:apk-key-hash:B3qSXT2A2D34G20mHBIk3CPVd7O029wPryhJKp7lfis'