Product Blog

WhoisXML API analyzed 10.2+ million domains registered between 1 and 30 April 2026 that appeared in Newly Registered Domains to identify the most popular registrars, TLD extensions, and other global domain registration trends. This number rose by 14.1% from 8.9+ million NRDs last month.

We also determined the top TLD extensions used by 2.7+ million domains likely registered with malicious intent from the First Watch Malicious Domains Data Feed in April 2026. This number rose by 30.8% from the previous month.

Next, we studied the top TLD extensions of 1.11+ million confirmed malicious domains from the Threat Intelligence Data Feeds this month, which decreased by 2.0% from 1.13+ million in March.

Finally, we summed up our findings and provided links to the threat reports produced using DNS and domain intelligence sources during the period.

WhoisXML API analyzed 8.9+ million domains registered between 1 and 31 March 2026 that appeared in Newly Registered Domains to identify the most popular registrars, TLD extensions, and other global domain registration trends. This number rose by 1.7% from 8.7+ million NRDs last month.

We also determined the top TLD extensions used by 2.1+ million domains registered with malicious intent from the First Watch Malicious Domains Data Feed in March 2026. This number decreased by 11.6% from the previous month.

Next, we studied the top TLD extensions of 1.1+ million confirmed malicious domains from the Threat Intelligence Data Feeds this month, which rose by 4.8% from 1.0+ million in February.

Finally, we summed up our findings and provided links to the threat reports produced using DNS and domain intelligence sources during the period.

WhoisXML API analyzed 8.7+ million domains registered between 1 and 28 February 2026 that appeared in Newly Registered Domains to identify the most popular registrars, TLD extensions, and other global domain registration trends. This number dropped by 0.5% from 8.8+ million NRDs last month.

We also determined the top TLD extensions used by 2.3+ million domains registered with malicious intent from the First Watch Malicious Domains Data Feed in February 2026. This number increased by 5.4% from the previous month.

Next, we studied the top TLD extensions of 1.08+ million confirmed malicious domains from the Threat Intelligence Data Feeds this month, which dropped by 1.4% from 1.09+ million in January.

Finally, we summed up our findings and provided links to the threat reports produced using DNS and domain intelligence sources during the period.

WhoisXML API analyzed 8.8+ million domains registered between 1 and 31 January 2026 that appeared in Newly Registered Domains to identify the most popular registrars, TLD extensions, and other global domain registration trends. This number dropped by 14.0% from 10.2+ million NRDs last month.

We also determined the top TLD extensions used by 2.2+ million domains registered with malicious intent from the First Watch Malicious Domains Data Feed in January 2026.

Next, we studied the top TLD extensions of 1.0+ million confirmed malicious domains from the Threat Intelligence Data Feeds this month, which dropped by 2.3% from 1.1+ million in December.

Finally, we summed up our findings and provided links to the threat reports produced using DNS and domain intelligence sources during the period.

WhoisXML API analyzed 10.2+ million domains registered between 1 and 31 December 2025 to identify the most popular registrars, TLD extensions, and other global domain registration trends. This number rose by 16.9% from 8.7+ million NRDs last month.

We also determined the top TLD extensions used by 27.3+ billion domains from our DNS database’s A record full file dated 4 December 2025, indicating a 14.6% drop from November’s 31.9+ billion domains.

Next, we studied the top TLDs of 1.1+ million domains, up by 5.0% from 1.0+ million in November, detected as IoCs this month.

Finally, we summed up our findings and provided links to the threat reports produced using DNS and domain intelligence sources during the period.

WhoisXML API analyzed 8.7+ million domains registered between 1 and 30 November 2025 to identify the most popular registrars, top-level domain (TLD) extensions, and other global domain registration trends. This number dropped 8.7% from 9.6+ million last month.

We also determined the top TLD extensions used by 31.9+ billion domains from our DNS database’s A record full file dated 6 November 2025, indicating a 17.5% drop from October’s 38.7+ billion domains.

Next, we studied the top TLDs of 1.0+ million domains, down from 1.1+ million in October, detected as indicators of compromise (IoCs) this month.

Finally, we summed up our findings and provided links to the threat reports produced using DNS and domain intelligence sources during the period.

WhoisXML API analyzed 9.6+ million domains registered between 1 and 31 October 2025 to identify the most popular registrars, top-level domain (TLD) extensions, and other global domain registration trends.

We also determined the top TLD extensions used by 38.7+ billion domains from our DNS database’s A record full file dated 4 October 2025.

Next, we studied the top TLDs of 1.1+ million domains detected as indicators of compromise (IoCs) this month.

Finally, we summed up our findings and provided links to the threat reports produced using DNS and domain intelligence sources during the period.

WhoisXML API analyzed 8.7+ million domains registered between 1 and 30 September 2025 to identify the most popular registrars, top-level domain (TLD) extensions, and other global domain registration trends.

We also determined the top TLD extensions used by 42.1+ billion domains from our DNS database’s A record full file dated 4 September 2025.

Next, we studied the top TLDs of 1.0+ million domains detected as indicators of compromise (IoCs) this month.

Finally, we summed up our findings and provided links to the threat reports produced using DNS and domain intelligence sources during the period.