Check a domain's registration age. Domains registered in the last few weeks are a top phishing indicator.
Free and anonymous. No account required.
This queries RDAP (the modern WHOIS) for the domain's registration date, registrar, and computes its age in days, returning a high/medium/low risk level.
Attackers register fresh domains for short-lived campaigns. A domain that is only days old, especially one resembling a known brand, is far more likely to be malicious.
A live RDAP lookup via rdap.org returns the registration event; the age is computed deterministically and bucketed (under 30 days high, under 90 days medium).
Domains under 90 days old warrant extra scrutiny; under 30 days is a strong phishing signal when combined with other indicators.
Some registries do not expose public RDAP data, in which case the age cannot be determined.
Connect your inbox and InboxWatch watches for these threats automatically. Free for your first 15 scans.
Connect your inbox