FightPhishing/ SOC · WAR ROOM

Home Threat Intel Fraud News Stay Safe

LIVE · 0 FEEDS

THREAT INTEL // PROFESSIONAL

War Room

Loading live phishing & credential-theft intelligence…

SHIFTΔ 01:32 UTC

URLS…

SEVERITYMONITORING

ORIGINS…

Loading……

—

Loading……

—

Loading……

—

Loading……

—

Loading……

—

Loading……

—

ATTACK ORIGIN · LIVE GEOINTEL

LOADING

THREAT INTEL // PROFESSIONAL

War Room

Live phishing & credential-theft intelligence · aggregated from 16 sources · nothing hidden, everything surfaced

SHIFTΔ 01:32 UTC

URLS972,047

SEVERITYACTIVE

ORIGINS8 COUNTRIES

Indicators (7d)LIVE

25.3K

Active campaignsTRACKED

4

Feeds healthyCHECK

14/16

Domains flaggedTOTAL

69.3K

URLs trackedTOTAL

972K

ATTACK ORIGIN · LIVE GEOINTEL

ROTATE · HOVER TO PAUSE

Defense · detections0

Live · Last 7 days

◆ OFFENSE LEADING +69200%

Offense · novel threats692

-60m-45m-30m-15mNOW

CAMPAIGN TRACKING

ISO-WEEK

ICLICKFIX-CAMPAIGN

2026-W25

entertainment · iclickfix3,870 IOCs · ACTIVE

MIXED-TARGETS

2026-W25

ecommerce · other2,102 IOCs · ACTIVE

CLEARFAKE-CAMPAIGN

2026-W25

social_media · clearfake656 IOCs · MONITORING

KIMSUKY-CAMPAIGN

2026-W25

technology · kimsuky615 IOCs · MONITORING

IOC FEED · LIVE

01:29:53

nadacerdasnetwork-dp5933lzt5ca.edgeone[.]app/

URL

80

01:29:49

fiscal-lavender-hkafmw8g-dpkftox03pc2.edgeone[.]app/

URL

85

01:29:40

quarrelsome-fuchsia-hix0r8pd-dpnlsi05c3wk.edgeone[.]app/

URL

80

01:29:39

definite-yellow-1hctsqln-dpoxu2k3d3vn.edgeone[.]app/

URL

86

01:29:38

tight-bronze-hfzjlbde-dp5aitkezuxi.edgeone[.]app/

URL

85

01:29:36

uusikasinotblog-dple53060zwc.edgeone[.]app/

URL

81

01:29:31

factory-scan-app-dp7jf6jtwk4w.edgeone[.]dev/

URL

83

01:29:29

critical-aqua-38l2whhm-dpzo4a16lhfq.edgeone[.]app/

URL

85

01:29:10

gamejivesitus-dprmjtfh2azs.edgeone[.]app/

URL

86

01:29:08

fundamental-cyan-nyg4exs4-dp00in9th13x.edgeone[.]app/

URL

81

MITRE ATT&CK · OBSERVED TTPs

7D WINDOW

Recon

Resource Dev

Initial Access

Execution

Cred. Access

Collection

Def. Evasion

T1598

Phishing for Inf…

T1583.001

Domains

T1566

Phishing

T1204.001

Malicious Link

T1110

Brute Force

T1056.003

Web Portal Capture

T1036

Masquerading

T1598.003

Spearphishing Li…

T1585.002

Email Accounts

T1566.001

Spearphishing At…

T1036.005

Match Legitimate…

T1566.002

Spearphishing Link

T1078

Valid Accounts

THREAT ACTORS

CLUSTER

Unknown-focused .com cluster

critical.comactive

ACTIVE 60d · 72,206 indicators

Unknown-focused .dev cluster

critical.devactive

ACTIVE 60d · 25,449 indicators

Unknown-focused .co cluster

critical.coinactive

ACTIVE 60d · 6,028 indicators

TARGET GEOGRAPHY

TLD-INFERRED

GB

229

DE

158

IN

145

CO

113

CN

113

FR

107

NL

84

RU

71

FEED HEALTH

AUTO-REFRESH 30s

AlienVault OTX1h ago

CISA KEV4h ago

Elder Scam Sources1h ago

MISP OSINT4h ago

MalwareBazaar1h ago

OpenPhish2m ago

PhishStatsauto-disabled

PhishTankdisabled

Phishing.Database (GitHub)1h ago

RSS Feeds2m ago

Shadowserver4h ago

Spamhaus DROP4h ago

ThreatFox32m ago

URLScan.io2m ago

URLhaus32m ago

disposable-email-domains21h ago

DOMAIN LOOKUP

GET /api/check-url

© 2026FightPhishing · Open data · CC-BYHow verdicts work