{"id":23283538,"url":"https://github.com/phishing-database/phishing.database","last_synced_at":"2025-05-14T23:06:42.137Z","repository":{"id":37318840,"uuid":"130355456","full_name":"Phishing-Database/Phishing.Database","owner":"Phishing-Database","description":"Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.","archived":false,"fork":false,"pushed_at":"2025-05-14T21:49:33.000Z","size":288030,"stargazers_count":1273,"open_issues_count":20,"forks_count":11,"subscribers_count":42,"default_branch":"master","last_synced_at":"2025-05-14T23:06:22.970Z","etag":null,"topics":["domains","malware","malware-research","phishing","phishing-attacks","phishing-domains","phishing-reports","phishing-servers","phishing-sites","statistics","stats","validity"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Phishing-Database.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["funilrys","mitchellkrogza"],"ko_fi":"mitchellkrog","custom":["https://kb.mypdns.org/articles/MTX-A-3/DONATION"]}},"created_at":"2018-04-20T11:52:18.000Z","updated_at":"2025-05-14T21:49:36.000Z","dependencies_parsed_at":"2025-05-04T06:33:54.438Z","dependency_job_id":"403d062d-3a83-49f6-b7eb-09d1b2524402","html_url":"https://github.com/Phishing-Database/Phishing.Database","commit_stats":null,"previous_names":["phishing-database/phishing.database"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Phishing-Database%2FPhishing.Database","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Phishing-Database%2FPhishing.Database/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Phishing-Database%2FPhishing.Database/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Phishing-Database%2FPhishing.Database/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Phishing-Database","download_url":"https://codeload.github.com/Phishing-Database/Phishing.Database/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254243362,"owners_count":22038046,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["domains","malware","malware-research","phishing","phishing-attacks","phishing-domains","phishing-reports","phishing-servers","phishing-sites","statistics","stats","validity"],"created_at":"2024-12-20T01:07:42.361Z","updated_at":"2025-05-14T23:06:37.123Z","avatar_url":"https://github.com/Phishing-Database.png","language":"Shell","funding_links":["https://github.com/sponsors/funilrys","https://github.com/sponsors/mitchellkrogza","https://ko-fi.com/mitchellkrog","https://kb.mypdns.org/articles/MTX-A-3/DONATION","https://ko-fi.com/mitchellkrog)!","https://github.com/sponsors/funilrys)!"],"categories":[],"sub_categories":[],"readme":"\u003cimg src=\"https://github.com/Phishing-Database/assets/raw/master/phishing-logo.jpg\" alt=\"Phishing Domain Status Testing Repo\"/\u003e\n\n# Phishing Domain Database \u003ca href=\"https://twitter.com/PhishFindR\" \u003e\u003cimg src=\"https://img.shields.io/twitter/follow/PhishFindR.svg?style=social\u0026label=Follow\" /\u003e\u003c/a\u003e\n\n\nThe **Phishing.Database** project is a comprehensive and regularly updated repository designed to help the community identify and mitigate phishing threats.\n\nWe believe that threat intelligence on phishing, malware, and ransomware should always remain **free and open-source**. By openly sharing data about criminal activities, we aim to protect the internet users, help organizations mitigate threats, and contribute to a safer online environment for everyone by contributing to the global effort to identify and shutdown malicious sites. Unlike proprietary systems that sell access to phishing data, we focus and on transparency and collaboration for the greater good.\n\nJoin us in our mission to keep threat intelligence free and open-source by contributing to the project, sharing the data, and supporting the maintainers.\n\n---\n\n| **Repository** | **Become a Sponsor** |\n| :--------------------------------------------------------------------------------------------------------------------------------------------------------------: | :--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: |\n| ![GitHub License](https://img.shields.io/github/license/Phishing-Database/Phishing.Database?style=flat-square) | We're seeking sponsors to help us grow and strengthen our infrastructure. By sponsoring this project, you'll have the opportunity to showcase your logo and link here, gaining visibility and supporting an open-source initiative that benefits the community. \u003cbr\u003e 📧 Contact us at contact@phish.co.za to explore partnership opportunities. |\n| \u003ca href='https://twitter.com/PhishFindR'\u003e\u003cimg src='https://img.shields.io/twitter/follow/PhishFindR.svg?style=social\u0026label=Follow' alt='Follow @PhishFindR'\u003e\u003c/a\u003e | Help keep this project's infrastructure thriving by supporting the maintainers! |\n| | Support **@mitchellkrogza** on [Ko-fi](https://ko-fi.com/mitchellkrog)!\u003cbr\u003eSponsor **@funilrys** via [GitHub Sponsors](https://github.com/sponsors/funilrys)! |\n\n\n---\n\n#### Version: V.2025-04-10.17\n| :boom: Latest Threats\u003cbr/\u003e@ 17:40:24 | :boom: Active Threats\u003cbr/\u003eThursday 2025-04-10 | Total Links\u003cbr/\u003eDiscovered Today |\n| :---------------------------------------------------------------------------------------------------------------------------: | :-------------------------------------------------------------------------------------------------------------------------------: | :----------------------------------------------------------------------------------------------------------------------: |\n| :warning: [100431](https://github.com/Phishing-Database/Phishing.Database/blob/master/phishing-links-ACTIVE-NOW.txt) | :warning: [0](https://github.com/Phishing-Database/Phishing.Database/blob/master/phishing-links-ACTIVE-today.txt) | [646](https://github.com/Phishing-Database/Phishing.Database/blob/master/phishing-links-NEW-today.txt) |\n*****************************\n#### Total Phishing Domains Captured: [831281](https://phish.co.za/latest/ALL-phishing-domains.tar.gz) \u003c\u003c (FILE SIZE: 6.9M tar.gz)\n#### Total Phishing Links Captured: [1441438](https://phish.co.za/latest/ALL-phishing-links.tar.gz) \u003c\u003c (FILE SIZE: 29M tar.gz)\n\n---\n\n## DO NOT Clone The Repository\n\nThe repository undergoes a **history reset every 24 hours**, which will break your setup if you rely on cloning. breaking changes.\n\nTo ensure uninterrupted access to the data, please download the latest lists directly from the provided links below.\n\n---\n\n## File Sources\n\nThe links below will direct you to the latest data files for this project.\n\nThe checksums for the files are available in the [checksums repository](https://github.com/Phishing-Database/checksums).\n\n | File Name | Official Source | Checksums |\n | ----------------------------- | -------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n | ALL-phishing-domains.lst | [Download](https://phish.co.za/latest/ALL-phishing-domains.lst) | [md5](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-domains.lst.md5), [sha1](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-domains.lst.sha1), [sha256](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-domains.lst.sha256), [sha512](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-domains.lst.sha512) |\n | ALL-phishing-links.lst | [Download](https://phish.co.za/latest/ALL-phishing-links.lst) | [md5](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-links.lst.md5), [sha1](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-links.lst.sha1), [sha256](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-links.lst.sha256), [sha512](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-links.lst.sha512) |\n | ALL-phishing-domains.tar.gz | [Download](https://phish.co.za/latest/ALL-phishing-domains.tar.gz) | [md5](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-domains.tar.gz.md5), [sha1](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-domains.tar.gz.sha1), [sha256](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-domains.tar.gz.sha256), [sha512](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-domains.tar.gz.sha512) |\n | ALL-phishing-links.tar.gz | [Download](https://phish.co.za/latest/ALL-phishing-links.tar.gz) | [md5](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-links.tar.gz.md5), [sha1](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-links.tar.gz.sha1), [sha256](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-links.tar.gz.sha256), [sha512](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/ALL-phishing-links.tar.gz.sha512) |\n | phishing-domains-ACTIVE.txt | [Download](https://phish.co.za/latest/phishing-domains-ACTIVE.txt) | [md5](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-domains-ACTIVE.txt.md5), [sha1](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-domains-ACTIVE.txt.sha1), [sha256](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-domains-ACTIVE.txt.sha256), [sha512](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-domains-ACTIVE.txt.sha512) |\n | phishing-domains-INACTIVE.txt | [Download](https://phish.co.za/latest/phishing-domains-INACTIVE.txt) | [md5](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-domains-INACTIVE.txt.md5), [sha1](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-domains-INACTIVE.txt.sha1), [sha256](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-domains-INACTIVE.txt.sha256), [sha512](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-domains-INACTIVE.txt.sha512) |\n | phishing-domains-INVALID.txt | [Download](https://phish.co.za/latest/phishing-domains-INVALID.txt) | [md5](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-domains-INVALID.txt.md5), [sha1](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-domains-INVALID.txt.sha1), [sha256](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-domains-INVALID.txt.sha256), [sha512](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-domains-INVALID.txt.sha512) |\n | phishing-IPs-ACTIVE.txt | [Download](https://phish.co.za/latest/phishing-IPs-ACTIVE.txt) | [md5](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-IPs-ACTIVE.txt.md5), [sha1](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-IPs-ACTIVE.txt.sha1), [sha256](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-IPs-ACTIVE.txt.sha256), [sha512](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-IPs-ACTIVE.txt.sha512) |\n | phishing-IPs-INACTIVE.txt | [Download](https://phish.co.za/latest/phishing-IPs-INACTIVE.txt) | [md5](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-IPs-INACTIVE.txt.md5), [sha1](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-IPs-INACTIVE.txt.sha1), [sha256](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-IPs-INACTIVE.txt.sha256), [sha512](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-IPs-INACTIVE.txt.sha512) |\n | phishing-IPs-INVALID.txt | [Download](https://phish.co.za/latest/phishing-IPs-INVALID.txt) | [md5](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-IPs-INVALID.txt.md5), [sha1](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-IPs-INVALID.txt.sha1), [sha256](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-IPs-INVALID.txt.sha256), [sha512](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-IPs-INVALID.txt.sha512) |\n | phishing-links-ACTIVE.txt | [Download](https://phish.co.za/latest/phishing-links-ACTIVE.txt) | [md5](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-links-ACTIVE.txt.md5), [sha1](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-links-ACTIVE.txt.sha1), [sha256](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-links-ACTIVE.txt.sha256), [sha512](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-links-ACTIVE.txt.sha512) |\n | phishing-links-INACTIVE.txt | [Download](https://phish.co.za/latest/phishing-links-INACTIVE.txt) | [md5](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-links-INACTIVE.txt.md5), [sha1](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-links-INACTIVE.txt.sha1), [sha256](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-links-INACTIVE.txt.sha256), [sha512](https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-links-INACTIVE.txt.sha512) |\n\n_The files are updated regularly._\n\n---\n\n## Automated Testing\n\nThe testing of the domains and URLs is automated using the awesome [PyFunceble Testing Suite](https://github.com/funilrys/PyFunceble) written by Nissar Chababy _(AKA [@funilrys](https://github.com/funilrys))_. Over many years in development, this tool has become a robust and reliable source of domain and URL status. We use it in an automated environment which actively retests domains and URLs on a regular basis.\n\n### Who do we define an active status?\n\nWe define an active status as a domain or URL that is currently active and serving phishing content.\nThe status is determined by the HTTP status code returned by the server.\n\n#### Active Status Codes\n\n- 100, 101, 200, 201, 202, 203, 204, 205, 206\n\n#### Potentially Active Status Codes\n\n- 000, 300, 301, 302, 303, 304, 305, 307, 403, 405, 406, 407, 408, 411, 413, 417, 500, 501, 502, 503, 504, 505\n\n_Any of the status codes above are considered active until further investigation._\n\n### Potentially Inactive Status Codes\n\n- 400, 402, 403, 404, 409, 410, 412, 414, 415, 416\n\n---\n## Removal Requests\n\nIf your domain has been listed incorrectly due to hacking or other reasons, file a [False Positive Report](https://github.com/Phishing-Database/Phishing.Database/issues/new/choose) with proof of removal from other platforms (e.g., Phishtank, Openphish) to expedite processing.\n\n---\n\n## Contributing\n\nContributions are welcome and encouraged.\n\n### Data Contributions\n\nTo contribute, please submit follow the matrix below to identify the correct file and repository to submit your data.\n\n| Action | Data Type | File to Edit |\n| -------- | --------------------- | ----------------------------------------------------------------------------------------------- |\n| ➕ Add | Domain | [add-domain](https://github.com/Phishing-Database/phishing/blob/main/add-domain) |\n| ➕ Add | Domain (wildcard) | [add-wildcard-domain](https://github.com/Phishing-Database/phishing/blob/main/add-wildcard-domain) |\n| ➕ Add | Link | [add-link](https://github.com/Phishing-Database/phishing/blob/main/add-link) |\n| ➕ Add | IP | [IP-addr.list](https://github.com/Phishing-Database/phishing/blob/main/IP-addr.list) |\n| ➕ Add | IP (cidr) | [IP-addr.cidr.list](https://github.com/Phishing-Database/phishing/blob/main/IP-addr.cidr.list) |\n| ❌ Remove | False Positive Domain | [falsepositive.list](https://github.com/Phishing-Database/phishing/blob/main/falsepositive.list) |\n\n### Reporting Issues\n\nTo report an issue or a false positive, please submit a [new issue](https://github.com/Phishing-Database/Phishing.Database/issues/new/choose).\n\n---\n\n\n## Authors\n\n- Mitchell Krog ([@mitchellkrogza](https://github.com/mitchellkrogza)) - Support **@mitchellkrogza** on [Ko-fi](https://ko-fi.com/mitchellkrog)!\n\n- Nissar Chababy ([@funilrys](https://github.com/funilrys)) - Sponsor **@funilrys** via [GitHub Sponsors](https://github.com/sponsors/funilrys)!\n\n---\n\n## License\n\n```\nMIT License\n\nCopyright (c) 2018-2025 Mitchell Krog - @mitchellkrogza\nCopyright (c) 2018-2025 Nissar Chababy - @funilrys\nCopyright (c) 2018-2025 Phishing.Database Contributors - @Phishing-Database\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphishing-database%2Fphishing.database","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fphishing-database%2Fphishing.database","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphishing-database%2Fphishing.database/lists"}