Focus on fresh domain candidates with suspicious lexical, registration, DNS, SSL, or infrastructure traits.
First Watch Malicious Domains Feed beta
First Watch Malicious Domains Feed for new threat candidates
Request First Watch Malicious Domains Feed beta access for newly observed suspicious domains, enrichment fields, and security-ready exports.
Product status
Available now
DomScan storefront, CT and RDAP source work, scoped custom export conversations, and early buyer intake.
In beta
Dataset slices are sold through beta access with competitive pricing, clear fields, and practical delivery formats.
Planned next
CZDS, zone files, selected ccTLDs, DNS, HTTP, IP, ASN, SSL, reputation, and security enrichment.
Dataset brief
What this page is actually for
A shorter buyer snapshot: useful signals, the best request shape, delivery, and pricing logic.
Best for fresh suspicious-domain candidates that need reason codes and enrichment before analysts decide action.
Prioritize customer-defined sectors, brands, TLDs, countries, or enrichment rules.
Fresh suspicious-domain exports with reason fields and source timestamps.
Beta pricing by monitored scope, cadence, and enrichment families.
Request this dataset slice
Tell us the target slice, volume, and freshness you need. We will respond with beta availability, export format, and a competitive early-access price.