<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2180921&amp;fmt=gif">

When hosts on your network are accessing newly-registered domains, there’s a good chance bad things are heading your way. So, you’ll want to know as soon as possible if this is happening.

New from Stamus Labs - a collection of newly-registered domains that could be used for phishing or to host and control malware.

 

Every day, the Stamus Labs team collects all newly-registered domains and identifies those which appear to be algorithmically-generated (high-entropy) and those which use typosquatting and homoglyph techniques to mimic popular legitimate domains (phishing).

 

We package these into six feeds optimized for Clear NDR (community and enterprise) and Suricata 7 users and make them available for FREE.

 

Want to learn more? Our team has created several additional resources on this topic:

Six different NRD feeds are available from Stamus Labs

Newly-registered domains (unfiltered)

These lists contain all domains registered in the last 14 or 30 days (2 separate lists). 

Newly-registered high-entropy domains

These lists contain the high-entropy domains registered in the last 14 or 30 days (2 separate lists). 

Newly-registered phishing domains

These lists contain the suspected phishing domains registered in the last 14 or 30 days (2 separate lists). 

Request a free license to the Newly-Registered Domain feeds

Complete the the form to the right, and you will receive an email from Stamus Labs with a License Key for the feeds and instructions on how to use them.

 

NOTE: You must supply a valid email address to receive your key.

 

Report Issues and Get Support for the NRD Threat Intel Feed

To access README documentation, issues tracker and the threat intelligence wiki, please visit our GitHub page here >>

To ask questions, answer questions, or simply listen in, join our Discord community here >> Discord Logo (black) PNG-1

Check out additional open-source tools from Stamus Labs

Below are a few of the many open-source tools developed and maintained by Stamus Labs.

StamusLabs_SELKS_Card

Clear NDR™ - Community (formerly SELKS)

Learn More
StamusLabs_Suri4Analysts_Card

Suricata for Analysts

Learn More
StamusLabs_SuriRuleset_Card

Lateral Movement Ruleset

Learn More
StamusLabs_SplunkApp_Card

Splunk App

Learn More

ABOUT STAMUS NETWORKS

Stamus Networks is the global leader in Suricata-based network security and the creator of the innovative Clear NDR™ system. Designed to close visibility gaps and reduce alert fatigue, Clear NDR transforms raw network traffic into actionable security insights with unmatched transparency, customization, and effectiveness. Trusted by leading financial institutions, government agencies, and participants in NATO’s largest cybersecurity exercises, Stamus Networks delivers proven, high-performance network detection and response solutions. Stamus empowers security teams – delivering clarity amidst complexity – with greater control, fewer false positives, faster response times, and a more responsive, open approach than legacy vendors.

Indianapolis, USA Paris, France

Privacy

© 2014-2025 Stamus Networks, Inc. All rights Reserved.