Typosquatting Data Feed | WhoisXML API
Products APIs Data feeds Web tools Domain Research & Monitoring Enterprise packages Cyber Threat Intelligence
WHOIS / WHOIS History
WHOIS / WHOIS History

Provide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.

DNS / DNS History
DNS / DNS History

Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.

IP Geolocation / IP Netblocks
IP Geolocation / IP Netblocks

Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Access our web-based solution to dig into and monitor all domain events of interest.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.

Research
Monitoring
White-Label
Enterprise API Packages
Enterprise API Packages

Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.

Enterprise Data Feed Packages
Enterprise Data Feed Packages

Downloadable domain, IP, and DNS datasets for efficient and unrestricted access to all of our intelligence sources within your network perimeter.

Enterprise Tools Packages
Enterprise Tools Packages

Access to our domain and threat intelligence tools in combo with package discounts for enterprise and government customers.

Security Intelligence (SI) Suite
Security Intelligence (SI) Suite

Offers complete access to WHOIS, IP, DNS, and subdomain data for product enrichment, threat hunting and more.

Premium API Services
Premium API Services

Enjoy priority data access with our premium API services topped with extra perks including dedicated team support, enterprise-grade infrastructure, and SLAs for full scalability and high performance.

Threat Intelligence Analysis
Threat Intelligence Analysis

Carry a complete threat intelligence analysis for a given domain or IP address and get access to a report covering 120+ parameters including IP resolutions, website analysis, SSL vulnerabilities, malware detection, domain ownership, mail servers, name servers, and more.

Threat Intelligence APIs
Threat Intelligence APIs

Gather threat intelligence via API calls covering Domain’s Infrastructure analysis, SSL Certificates Chain, SSL Configuration Analysis, Domain Malware Check, Connected Domains, and Domain Reputation Scoring.

Threat Intelligence Data Feeds
Threat Intelligence Data Feeds

Bolster enterprise security with our feeds covering Typosquatting domains, Disposable domains, Phishing URLs, Domain & IP reputation, Malicious URLs, Botnet C&C, and DDoS URLs.

×
Contact Us
Specifications Pricing Blog

Detect typosquatting and phishing domains as part of suspicious bulk registrations

Typosquatting Data Feed enables users to keep tabs on all suspiciously similar domain names possibly used in typosquating/phishing campaigns and registered on a given day, week, or month. The Enriched database version also lets you access the groups of detected domains with their corresponding WHOIS data.

Order database Download CSV sample
Easily detect all typosquatting domain names as soon as they are registered each day

Benefits

  • Comprehensive in nature

    Stay on top of all domains with telltale signs of typosquatting, phishing, and other forms of suspicious bulk registrations. Our feed gives a thorough daily, weekly, or monthly overview of all suspicious domain variants among all newly registered domains in our database.

  • Investigate without an initial clue

    No user input or initial clue is required to return groups of new domain name registrations that may be involved in typosquatting attacks and other brand misrepresentations.

  • Meaningful analysis

    With Typosquatting Data Feed, users can focus their attention directly on the most likely instances of domain typosquatting without having to spend time or effort screening all WHOIS registration data.

  • Early detection near-real time

    Groups of possible typosquatted domains are identified on the very day they become technically operational in the Domain Name System.

  • Convenient and easy

    Typosquatting Data Feed’s files are available in .csv format and categorized in sequential groups of similar-looking domain names with data fields that are easy to navigate and interpret.

  • Backed by incredible expertise

    Typosquatting Data Feed builds on 10+ years of expertise and WHOIS registration intel covering various gTLDs, ccTLDs, and some of the important ngTLDs.

  • Advanced processing and categorization

    Typosquatting Data Feed’s groups of similar domain names are detected and categorized using advanced mathematical techniques.

The Typosquatting Data Feed comes in two forms

The Typosquatting Data Feed comes in two forms

  • Basic

    The Basic Data Feed is a structured list of domain names containing typos. One domain per line.

    Download Basic sample

  • Enriched

    The Enriched database is an add-on to the Basic database and contains WHOIS records for each row.

    Download Enriched sample

Practical usage

Cybersecurity

Cybersecurity

  • Cybersecurity specialists can use the feed to monitor bulk domain name registrations indicative of typosquatting as part of URL phishing, spoofing, domain hijacking, and malware-supported attacks.
  • Get instant access to daily feeds of likely indicators of compromise (IOCs) in the domain space.
  • Inform customers, employees, and other relevant stakeholders about domain names that may be used to execute homograph, URL phishing, and malware-related attacks.
  • Use Typosquatting Data Feed along with different security solutions, including security information and event management (SIEM), security orchestration, automation and response (SOAR), and threat intelligence platforms (TIPs).
  • Correlate feeds with known malware and phishing blacklists and databases to further assess the likelihood and severity of malicious events and amplify detection efficiency.

Law enforcement

  • Identify the early symptoms of domain and company misrepresentations that may affect the public.
  • Investigate ongoing typosquatting and domain-related attacks on different sectors and types of organizations.
Law enforcement
Registrars & Domainers

Registrars & Domainers

  • Spot dangerous domain parking activities interfering with legitimate registrations.
  • Stay away from suspicious domain name groups while building your domain name portfolio.

Brand protection

  • Identify groups of domain names used for brandjacking and that may negatively impact your brand reputation and confuse customers and other audiences.
  • Take action against cybersquatters and fraudsters who aim to benefit from new product and service launches, settlement initiatives, and other high-profile activities.
  • Speed up dispute resolutions regarding your trademarks and intellectual property.
Brand protection
Media & research

Media & research

  • Researchers and media professionals can benefit from the feed to uncover emerging domain registration trends and newsworthy events.
  • Study bulk domain name registration patterns to uncover trends for future research.
  • Cover newsworthy domain activity every day.

Are you an active member of the security community and looking for new suspicious domains? Sign up for the Typosquatting Community Feed available exclusively to security professionals.

Trusted by
the smartest
companies

Typosquatting Data Feed | WhoisXML API

Are you ready to give the Typosquatting Data Feed a try?

Get access to thousands of typo domains detected daily right when they are registered.

Get started

You may be interested

US Internet Retailers Database
US Internet Retailers Database

Get access to the biggest US Internet Retailers Database.

Learn more
Domain Availability
Domain Availability

The most accurate domain availability checker offered on the market.

Learn more
Email Verification
Email Verification

Ensure the validity and quality of any email address.

Learn more
Newly Registered Domains
Newly Registered Domains

Keep track of the best business opportunities online.

Learn more
Newly Created Websites Data Feed
Newly Created Websites Data Feed

Get insights for the new business registered on the web.

Learn more
Reverse IP/DNS
Reverse IP/DNS

Find relations like ownership between hostnames and IPs.

Learn more
Domain Research Suite
Domain Research Suite

Enhance your domain research toolkit by our enterprise-grade web-based solution that helps you in searching...

Learn more
Subdomains Lookup
Subdomains Lookup

Discover subdomains related to the target domain name.

Learn more
All Registered Domains
All Registered Domains

Get a complete daily list of all the registered domains and zone files.

Learn more
Real-time Domain Registration
Real-time Domain Registration

Get data feeds of new registered domains along with their WHOIS data generated in real time.

Learn more
Reverse MX
Reverse MX

Reveal all the domains that use the same mail server.

Learn more
Website Categorization
Website Categorization

Define website category of the given domain.

Learn more
Website Contacts
Website Contacts

Get full contacts data of the given domain.

Learn more
Registrant Alert
Registrant Alert

Find out which domains were added or dropped by registrants, with given search criteria.

Learn more
Domain Reputation API
Domain Reputation API

Assess the domain's or IP addresses reputation and risk profile with a simple score based on a comprehensive...

Learn more
WHOIS Database Download
WHOIS Database Download

We provide complete and relevant domain WHOIS data which can be customized and easily integrated as per your business needs.

Learn more
Brand Alert
Brand Alert

Monitor exact matches, variations and common misspellings of your brand name & trademarks.

Learn more
WHOIS Search
WHOIS Search

Get well-parsed and normalized WHOIS information for any domain name, IP address or email.

Learn more
Typosquatting Data Feed
Typosquatting Data Feed

Easily detect all typosquatting domain names as soon as they are registered each day.

Learn more
IP Geolocation
IP Geolocation

Find out the exact physical location of any IP address, email or domain name.

Learn more
IP Netblocks
IP Netblocks

Find out which IP range the particular IP belongs to.

Learn more
Domains & Subdomains Discovery API
Domains & Subdomains Discovery API

Find domains and subdomains related by specific terms in their hostnames.

Learn more
Threat Intelligence Data Feeds
Threat Intelligence Data Feeds

Get the most relevant data to be ahead of emerging security threats.

Learn more
Reverse NS
Reverse NS

Find all domains that use the same name server.

Learn more
Screenshot Service
Screenshot Service

Instantly get a screenshot of any web page.

Learn more
Reverse WHOIS
Reverse WHOIS

Find connections between various domains, individuals and organizations.

Learn more
DNS Lookup Services
DNS Lookup Services

Identify who is hosting a particular domain name or website.

Learn more
Have questions?

We are here to listen. For a quick response, please select your request type or check our Contact us page for more information. By submitting a request, you agree to our Terms of Service and Privacy Policy.

Or shoot us an email to