RDAP checks, and whois index renamed to domains
07 July 2025
There has been a major update in the way domain registrations are tracked. RDAP is useful and has become more common, but not all Top Level Domains support it yet. So, we now use both at ShadowTrackr.
An index to store RDAP data should of course not be called
whois, and a common index named
domains is the obvious choice. Due to the new RDAP monitoring and migration you might see a lot of domains related events for today.
All data, including custom reports, are automatically migrated. So, no action required.
If you do see errors or problems, please let me know and I'll hunt them down.
More phishy url checks
30 June 2025
We got a question from a user on why we don't do phishy checks on other Top Level Domains (TLDs) for the domains in the assets. That's a good one. We already did phishy checks on all permutations of your domains. That includes some other tlds, but not all, so this makes quite a good addition.
This week's update includes just that: ShadowTrackr now checks if your domain is up and phishy on the 10 most common TLDs used for phishing. So, if your asset is shadowtrackr.com, we'll monitor shadowtrackr.info, shadotrackr.net, and a bunch of others. You can view the results for any of your domains from the link on the domain page:
shadowtrackr.com/usr/phishy_urls?url=shadowtrackr.com
That page now also includes an overview of potential phishy domains that are not yet registered. This is to give you a better chance to register the bad ones yourself before the scammers and phishers do.
We already introduced the option to add your own custom phishy urls to our monitoring. If you have dozens of domains and want to add a specific TLD for all of them, that might be a lot of work. Just contact us and we'll add your TLD to the standard monitoring.
Security.txt, UX and performance update
02 June 2025
This week's update has quite some impact on three fronts. The first is that there is quite a performance update. The GUI is notably faster and more snappy.
The second is that the User Experience has improved. There are copy icons next to almost all ip addresses, urls, and hashes. Most of these are clickable and lead you to some other page in the GUI, meaning they are hard to copy. Typically you do want to copy them for checks in other systems, and that has become much easier now. Some layouts have improved, and on the website and certificate pages there is an external link icon allowing you to easily open the website in a new tab for visual inspection. There is an external link icon for the security.txt files too.
The third and last is the improved syntax check on security.txt. For every website, there are three new fields available: security_txt_exists, security_txt_valid, and security_txt_errors. To help you find your way around these, there are two new reports available in the report library: the "Security.txt validation report" showing all websites with a problematic security.txt file, and the "Missing security.txt report" showing all websites that do not have a security.txt file.