TMCnet Feature
August 17, 2020

What Can a List of Newly Registered Domains Do for Enterprises?

Enterprises are currently besieged with a bazillion of data sources promising to make their operations more efficient and secure. Of course, companies don’t have to use everything that’s out there. They have to evaluate their needs to determine which type of data provides value, and what consumption model is right for them. One data source that can be an enterprise staple is a list of newly registered domains.

Why do we say so?

Domain names are one of the things that make the Internet work. If someone is launching a business, he/she needs a domain name before anything else. If a brick-and-mortar business wants to expand its reach, having a domain name is the first step toward achieving that goal. On the flip side, threat actors also need domain names to launch cyberattacks.

In this post, we illustrate how newly registered domains can help in two key business processes—cybersecurity and market analysis. But first, let us delve into where such a list can be found.

Where to Get a List of Newly Registered Domains

Hundreds of thousands of domains are registered every day. So a daily feed of newly registered domains makes domain intelligence gathering more effective. That’s why the number of newly registered domains a provider can detect is a primary factor when determining which provider to pick.

Another factor is the number of top-level domains (TLDs) covered. WhoisXML API’s Newly Registered & Just Expired Domains Database, for example, supports 1,250 gTLDs, including major ones like .com, .net., and .org. It provides users daily access to about 100,000 newly registered domains as well as 100,000 recently expired domains.

Another provider, Domains Index, can supply a daily list of 85,000 newly registered domains, covering over 1,200 gTLDs and ccTLDs. These figures are roughly the same as that of JsonWHOIS, another newly registered domains database provider.

You may also obtain a list of newly registered domains from IQwhois. Its database contains 80,000 freshly registered and recently expired domain names along with their relevant WHOIS data.

Lastly, there’s Domain Name Stat, whose database contains 90,000 newly registered domains daily. You may also choose to include only the recently expired domains.

Two Main Use Cases of Newly Registered Domains

To demonstrate the importance of monitoring newly registered domains in cybersecurity and market analysis, we downloaded WhoisXML API’s Newly Registered & Just Expired Domains Database for 20 July for analysis. Here are the two use cases we analyzed.


As most workers are forced to work remotely due to the coronavirus pandemic, one of the applications that gained momentum is Zoom. The database we downloaded detected 58 Zoom-inspired domain names that warrant investigation, as some of them could be associated with cybersquatting or malicious activities.

It’s wise to monitor domains that mimic that of the cloud-based teleconferencing software, so employees and users are not prone to phishing attacks that use malicious Zoom lookalike links.

Consider the domain zoom20[.]com, for example. A DNS Lookup returns an A record pointing to the IP address 34[.]102[.]136[.]180.

The IP address was reported 27 times on AbuseIPDB for a variety of reasons, including reward fraud, spam, and malware links. Organizations using this list of newly registered domains can then warn their remote staff against this particular copycat domain.

2.Market Analysis

An updated list of newly registered domains can help make market analyses more relevant. Enterprises that belong to the marketing sector, for example, could glean some insights from the newly registered domains database we downloaded as it contains 231 domain names that include the string “marketin” and that’s only on a single day.

There could be hundreds of new entrants looking to join the multi-billion industry daily, and so, organizations have to remain competitive.

If a company specializes in content marketing, it can monitor its competitors with the help of a newly registered domains database. For one, the 20 July database detected three domains containing the string “contentmar” (content marketing). It also includes three domain names that contain the string “contentcr” (content creation).


A list of newly registered domains is relatively easy to come by, but you have to consider factors, such as the number of new domains it can provide daily. The number of TLDs the database supports matters, too, as there are hundreds of TLDs to choose from.

An accurate and up-to-date newly registered domains data feed can ramp up the quality of an enterprise’s cybersecurity posture. At the same time, it can be a valuable addition to market analysis data.

About the Author

Jonathan Zhang is the founder and CEO of WhoisXML API—a domain and IP data intelligence provider that empowers all types of cybersecurity enterprises to build better products and achieve greater network security with the most comprehensive domain, IP, DNS, and cyber threat intelligence feeds.  WhoisXML API also offers a variety of APIs, tools, and capabilities, including Threat Intelligence Platform (TIP) and Domain Research Suite (DRS).

» More TMCnet Feature Articles


» More TMCnet Feature Articles