In line with WhoisXML API’s commitment to improving its service offerings, we released the following products and feature upgrades in Q1 and Q2 2023:

• Early DGA Detection Feed: To launch our threat prediction intelligence product line, we introduced Early DGA Detection Feed, a daily list of new domains likely created using domain generation algorithms (DGAs), along with their WHOIS details for deeper context. Threat actors typically use algorithmically created domains in zero-day attacks, phishing campaigns, spamming, and other malicious activities. Being able to filter and block them as they get registered can help organizations avoid becoming cyber attack victims.

• Early Warning Phishing Feed: Another threat prediction data source is the newly launched Early Warning Phishing Feed that detects newly registered domains (NRDs) that closely resemble those of popular brands and contain commonly used text strings. The feed comes in two file types—all cybersquatting NRDs registered on a given day and bulk-registered cybersquatting NRDs. With Early Warning Phishing Feed, we aim to help security teams thwart phishing, counterfeiting, and other attacks that aim to discredit popular brands.

• Threat Intelligence Data Feeds: We launched new threat intelligence feeds that provide security teams access to updated and prefiltered indicators of compromise (IoCs) involved in phishing, malware distribution, botnet activities, malicious command and control (C&C), spamming, suspicious and malicious Tor usage, and other activities.

• Premium DNS: Our DNS Database offering has gotten bigger with the addition of the Premium DNS Database, making it what we expect to be the largest passive DNS database in the market today with the highest number of unique, fully qualified domain names (FQDNs). This premium product version still covers the same DNS record types as our Standard DNS Database, namely, A, AAAA, MX, NS, TXT, CNAME, SOA, and PTR records.

• Free Email Domains: Free email services often get abused and used in various malicious campaigns. We thus launched Free Email Domains Data Feed to help network administrators and marketing teams implement stricter email filtering and verification policies. This extensive list of free email domains is regularly updated to include new free email services.

• CIDR Notation: As part of our effort to continuously improve the quality of our data, we enriched our IP intelligence with CIDR notation, specifically for IP Geolocation Data Feed. This addition can provide deeper context into IP data, enabling users to glean insights into the grouping and routing properties of IP addresses.

• gTLD and ccTLD coverage expansion: Our development team significantly improved our data aggregation mechanics, enabling us to gain more visibility into gTLDs and ccTLDs, expanding our data coverage for various domain products, such as Newly Registered Domains 2.0 and Real-Time Domain Registration Streaming.

Stay tuned for more product and feature improvements in the coming quarters.