Our Registry Data Feed helps registries pinpoint malicious domains among their TLDs. With this information, they can review, take action against and report on threats as required for their ICANN compliance with Specification 11, in particular item 3b:

Registry Operator will periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. Registry Operator will maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks.

Malware Patrol’s registry feed provides malicious domains for a variety of threat types. To make this data affordable and easy-to-use, we filter for and price according to your registry’s specific TLDs. We can also customize the fields to provide only the required data for your purposes.

The domains in this feed are derived from five of our Enterprise Threat Data Feeds:

• Anti-Mining
• C2s (Command & Control Servers) Addresses – malware & ransomware command servers
• DGAs – domains used by the malware & ransomware command-and-control structure
• Malware & Ransomware URLs
• Phishing URLs

By using this feed, registries can easily access information about malicious activities in their TLDs in order to take the appropriate actions to mitigate threats.