New features
Report lookalike domains with Google Safe Browsing
Google Safe Browsing is a free service provided by Google that keeps track of malicious websites and domains that could be harmful to anyone using a web browser. When an internet user clicks to access a site that has been reported to Google Safe Browsing, a warning message will display letting the user know that this is a malicious site and to proceed with caution.
From today, the lookalike details page in OnDOMAIN includes a specific card to report lookalike domains to Google Safe Browsing. This can be considered a lighter takedown but is NOT a replacement for a full takedown as the malicious domain may still be accessible and live unless a full takedown is requested.
To find out how to report a domain to Google Safe Browsing, read the detailed knowledge base article.
Report lookalike domains to the NCSC
Alongside the Google Safe Browsing reporting of lookalike domains, we have also added a way to report domains to the National Cyber Security Centre of the UK Government.
This process is similar to the one for Google Safe Browsing. To find out more about it, please refer to the detailed knowledge base article.
Improvements
Better background for logo previews
Logos that have been uploaded to OnDOMAIN can be previewed from the Logos page table by clicking on the eye icon.
In some instances, logos that were mainly white or pure white were invisible in the preview area due to the white background behind the logo.
The preview background has been replaced with a gray & white checkerboard that will help you visualize the actual logo, regardless of its color.
New subdomains table design
The details page of an owned domain (accessible from the Domains page) shows a table with the subdomains that OnDOMAIN has discovered to date.
We have redesigned this table to match the overall styling within the application and to make it more explicit when no entries are present in the table.
In addition, the filters and other table controls match the ones from the other tables present in the Domains and the Activity pages.
Clearer detection reason for potential assets
Any domains discovered by OnDOMAIN that are categorized as potential assets of your company can be completely unrelated (in terms of naming) to the domains you added to your Domains page.
For those domains in the Activity page that are categorized as potential assets, a more specific tooltip will appear when hovering over the domain name, as seen in the following screenshots:
OnDOMAIN relies on Private Name Servers as one of many data sources for potential asset detection (unless you disable some or all of them from the Settings page). Potential assets discovered through Private Name Servers will display the following information in the tooltip:
The lookalike details page will also display the detection reason on the top right corner, as seen in the following screenshot:
OnDOMAIN checks for different DNS signals to identify potential domain assets that could belong to your company, as indicated by the tooltip. Some DNS signals are quite specific and will be displayed in the tooltip itself when available.
Fixes
Smoother performance
We have reworked the OnDOMAIN web application so that it refreshes data more consistently and performs at more optimal levels when it comes to requesting data and updating the information displayed in the UI.
The overall work has resulted in a smoother user experience when applying actions within OnDOMAIN (such as classifying lookalike domains or starting a takedown) and when transitioning across the different pages.