What changed
brand-watch-domain-risk and its shared backend whois-lookup add a found boolean to the response. When the RDAP registry reports a domain as unregistered, the endpoint now returns 200 { found: false, flags: ["not_registered"], ... } instead of a 404.
For a brand-watch use case, an unregistered lookalike domain is a legitimate result: it tells you the domain is available for someone else to register, not that the lookup failed. Registered domains keep returning full registration data with found: true.
Why
The previous 404 treated "not registered" as an error, which meant a paid call could settle and then fail on exactly the kind of domain this endpoint exists to check. The fix makes not-found a normal, answerable outcome.