Malicious domains are key to the success of nearly all popular attack vectors, supporting malware distribution, command and control (C2) server hosting and traffic distribution. One increasing trend is that many malicious domains are only used for a very short period of time; hackers favor the practice because they can easily evade detection and also keep their expenses low with domains so cheap to register. In this paper we propose a solution to the problem that predicts malicious domains so they can be proactively blocked before or right at the point of their initial use.