Skip to content
Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.
Shell TSQL Roff
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github
assets
dev-tools
input-source
phishing-domains
phishing-links-last-hour
phishing-links-today
phishing-links
whitelist.anti
whitelist.me
.travis.yml
LICENSE.md
README.md
phishing-domains-ACTIVE.txt
phishing-domains-INACTIVE.txt
phishing-domains-INVALID.txt
phishing-domains-NEW-last-hour.txt
phishing-domains-NEW-today.txt
phishing-links-ACTIVE-NOW.txt
phishing-links-ACTIVE-TODAY.txt
phishing-links-ACTIVE.txt
phishing-links-INACTIVE.txt
phishing-links-INVALID.txt
phishing-links-NEW-last-hour.txt
phishing-links-NEW-today.txt
requirements.txt

README.md

Phishing Domain Status Testing Repo

Phishing Domain Database Follow @PhishFindr


Version: 13713 (2019-09-16 10:12:24 SAST)

💥 Latest Threats
@ 10:12:24
💥 Active Threats
Monday 2019-09-16
Total Links
Discovered Today
⚠️ 15 ⚠️ 147 258

Phishing Domains Status Domain Count Percentage Last Tested Download
ACTIVE 58475 68 % 2019-08-20 18:42:42 +0200 Download
INACTIVE 16233 19 % 2019-08-20 18:42:42 +0200 Download
INVALID 94 0 % 2019-08-20 18:42:42 +0200 Download

  Phishing Links Status  Link Count   Percentage Last Tested Download
ACTIVE 65157 29 % 2019-08-19 00:53:09 +0200 Download
INACTIVE 122931 55 % 2019-08-19 00:53:09 +0200 Download
INVALID 149 0 % 2019-08-19 00:53:09 +0200 Download

Total Phishing Domains Captured: 86608

Total Phishing Links Captured: 222445


Purpose of this repo?

A Testing Repository for Phishing Domains, Web Sites and Threats. Above are results of Domains that have been tested to be Active, Inactive or Invalid. These Lists update hourly. This is just one of a number of extensive projects dealing with testing the status of harmful domain names and web sites. We test sources of Phishing attacks to keep track of how many of the domain names used in Phishing attacks are still active and functioning. We sort all domains from all sources into one list, removing any duplicates so that we have a clean list of domains to work with.


Define an Active Status

We define ACTIVE domains or links as any of the HTTP Status Codes Below. All the following HTTP status codes we regard as ACTIVE or still POTENTIALLY ACTIVE.

  • ACTIVE HTTP Codes
- 100
- 101
- 200
- 201
- 202
- 203
- 204
- 205
- 206
  • POTENTIALLY ACTIVE HTTP Codes
- 000
- 300
- 301
- 302
- 303
- 304
- 305
- 307
- 403
- 405
- 406
- 407
- 408
- 411
- 413
- 417
- 500
- 501
- 502
- 503
- 504
- 505
  • POTENTIALLY INACTIVE HTTP Codes
- 400
- 402
- 403
- 404
- 409
- 410
- 412
- 414
- 415
- 416

Criminals planting Phishing links often resort to a variety of techniques like returning a variety of HTTP failure codes to trick people into thinking the link is gone but in reality if you test a bit later it is often back.

Our System also tests and re-tests anything flagged as INACTIVE or INVALID.


How do you test?

We make use of the awesome PyFunceble Testing Suite written by Nissar Chababy. Over 2 years in development this testing tool really provides us with a reliable source of active and inactive domains and through regular testing even domains which are inactive and may become active again are automatically moved back to the active list. Read More about PyFunceble


Contributing

If you have a source list of phishing domains or links please consider contributing them to this project for testing? Simply send a PR adding your input source details and we will add the source.


Please Remove my Domain From This List !!

If your domain was listed as being involved in Phishing due to your site being hacked or some other reason, please file a False Positive report it unfortunately happens to many web site owners.

Make sure to include links in your report to where else your domain / web site was removed and whitelisted ie. Phishtank / Openphish or it might not be removed here at all.


Some Domains from Major reputable companies appear on these lists?

Lots of Phishing, Malware and Ransomware links are planted onto very reputable services. We automatically remove Whitelisted Domains from our list of published Phishing Domains.

We do NOT however remove these and enforce an Anti-Whitelist from our phishing links/urls lists as these lists help other spam and cybersecurity services to discover new threats and get them taken down. Please send a PR to the Anti-Whitelist file to have something important re-included into the Phishing Links lists. The Anti-Whitelist only filters through link (url) lists and not domain lists.


Keep Threat Intelligence Free and Open Source

We are firm believers that threat intelligence on Phishing, Malware and Ransomware should always remain free and open source. Open disclosure of any criminal activity such as Phishing, Malware and Ransomware is not only vital to the protection of every internet user and corporation but also vital to the gathering of intelligence in order to shut down these criminal sites. Selling access to phishing data under the guises of "protection" is somewhat questionable.

Buy me Coffee


Contributors


MIT License

Copyright (c) 2018 Mitchell Krog https://github.com/mitchellkrogza

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

You can’t perform that action at this time.