<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2180921&amp;fmt=gif">

When hosts on your network are accessing newly-registered domains, there’s a good chance bad things are heading your way. So, you’ll want to know as soon as possible if this is happening.

New from Stamus Labs - a collection of newly-registered domains that could be used for phishing or to host and control malware.

 

Every day, the Stamus Labs team collects all newly-registered domains and identifies those which appear to be algorithmically-generated (high-entropy) and those which use typosquatting and homoglyph techniques to mimic popular legitimate domains (phishing).

 

We package these into six feeds optimized for Clear NDR (community and enterprise) and Suricata 7 users and make them available for FREE.

 

Want to learn more? Our team has created several additional resources on this topic:

Six different NRD feeds are available from Stamus Labs

Newly-registered domains (unfiltered)

These lists contain all domains registered in the last 14 or 30 days (2 separate lists). 

Newly-registered high-entropy domains

These lists contain the high-entropy domains registered in the last 14 or 30 days (2 separate lists). 

Newly-registered phishing domains

These lists contain the suspected phishing domains registered in the last 14 or 30 days (2 separate lists). 

Request a free license to the Newly-Registered Domain feeds

Complete the the form to the right, and you will receive an email from Stamus Labs with a License Key for the feeds and instructions on how to use them.

 

NOTE: You must supply a valid email address to receive your key.

 

Report Issues and Get Support for the NRD Threat Intel Feed

To access README documentation, issues tracker and the threat intelligence wiki, please visit our GitHub page here >>

To ask questions, answer questions, or simply listen in, join our Discord community here >> Discord Logo (black) PNG-1

Check out additional open-source tools from Stamus Labs

Below are a few of the many open-source tools developed and maintained by Stamus Labs.

StamusLabs_SELKS_Card

Clear NDR™ - Community (formerly SELKS)

Learn More
StamusLabs_Suri4Analysts_Card

Suricata for Analysts

Learn More
StamusLabs_SuriRuleset_Card

Lateral Movement Ruleset

Learn More
StamusLabs_SplunkApp_Card

Splunk App

Learn More

ABOUT STAMUS NETWORKS ™

Stamus Networks believes that cyber defense is bigger than any single person, platform, company, or technology. That’s why we leverage the power of community to deliver the next generation of open and transparent network defense. Trusted by security teams at the world’s most targeted organizations, our flagship offering – Clear NDR™ – empowers cyber defenders to uncover and stop serious threats and unauthorized network activity before they harm their organizations. Clear NDR helps defenders see more clearly and act more confidently through detection they can trust with results they can explain.

Indianapolis, USA Paris, France

Privacy

© 2014-2025 Stamus Networks, Inc. All rights Reserved.