FightPhishing/ SOC · WAR ROOM

Home Threat Intel Fraud Watch Scam Check

LIVE · 20 FEEDSv2026.04.21

THREAT INTEL // PROFESSIONAL

War Room

Loading live phishing & credential-theft intelligence…

SHIFTΔ 08:51 UTC

URLS…

SEVERITYMONITORING

ORIGINS…

Loading……

—

Loading……

—

Loading……

—

Loading……

—

Loading……

—

Loading……

—

ATTACK ORIGIN · LIVE GEOINTEL

LOADING

THREAT INTEL // PROFESSIONAL

War Room

Live phishing & credential-theft intelligence · aggregated from 16 sources · nothing hidden, everything surfaced

SHIFTΔ 08:51 UTC

URLS917,202

SEVERITYACTIVE

ORIGINS8 COUNTRIES

Indicators (7d)LIVE

21.9K

Active campaignsTRACKED

4

Feeds healthyCHECK

15/16

Domains flaggedTOTAL

502.4K

URLs trackedTOTAL

917.2K

Checks servedLIFETIME

32

ATTACK ORIGIN · LIVE GEOINTEL

ROTATE · HOVER TO PAUSE

Defense · detections0

Live · Last 7 days

◆ OFFENSE LEADING +22300%

Offense · novel threats223

-60m-45m-30m-15mNOW

CAMPAIGN TRACKING

ISO-WEEK

OTHER-CAMPAIGN

2026-W22

ecommerce · ecommerce2,336 IOCs · ACTIVE

CLEARFAKE-CAMPAIGN

2026-W22

entertainment · entertainment869 IOCs · ACTIVE

UNKNOWN-MALWARE-CAMPAIGN

2026-W22

social_media · social_media231 IOCs · MONITORING

COBALT-STRIKE-CAMPAIGN

2026-W22

technology · technology199 IOCs · MONITORING

IOC FEED · LIVE

08:29:30

valla-construction-dpqlcoamuywn.edgeone[.]app/

URL

81

08:29:19

l1report-dpow4jjk0ig6.edgeone[.]dev/

URL

85

08:29:14

gfrr-auto-update-site-dpxltjgrti7n.edgeone[.]dev/

URL

87

08:29:04

grubby-orange-e8iukjnd-dpvkdzgsfpi8.edgeone[.]app/

URL

84

08:29:03

diancan-dpmp0rilowh0.edgeone[.]dev/

URL

83

08:28:55

penapixelstoriessangau-dpfixv5wp6at.edgeone[.]app/

URL

83

08:28:37

deltaggghs-dp9sulnx8bhv.edgeone[.]app/

URL

86

08:28:30

riwayat-dpg9ohfanjm6.edgeone[.]app/

URL

81

08:28:19

remaining-orange-wihzz7kz-dpr2n40b42jx.edgeone[.]app/

URL

85

08:28:18

comunidadjoven-injuv-kilat-dpyj521gkzbr.edgeone[.]dev/

URL

87

MITRE ATT&CK · OBSERVED TTPs

7D WINDOW

Recon

Resource Dev

Initial Access

Execution

Cred. Access

Collection

Def. Evasion

T1598

Phishing for Inf…

T1583.001

Domains

T1566

Phishing

T1204.001

Malicious Link

T1110

Brute Force

T1056.003

Web Portal Capture

T1036

Masquerading

T1598.003

Spearphishing Li…

T1585.002

Email Accounts

T1566.001

Spearphishing At…

T1036.005

Match Legitimate…

T1566.002

Spearphishing Link

T1078

Valid Accounts

THREAT ACTORS

CLUSTER

Unknown-focused .com cluster

critical.comactive

ACTIVE 45d · 71,310 indicators

Unknown-focused .dev cluster

critical.devactive

ACTIVE 45d · 25,353 indicators

Unknown-focused .co cluster

critical.coinactive

ACTIVE 45d · 6,049 indicators

TARGET GEOGRAPHY

TLD-INFERRED

RU

2,986

CN

2,118

IN

1,774

PL

1,590

GB

1,510

DE

1,358

CO

1,041

FR

976

FEED HEALTH

AUTO-REFRESH 30s

AlienVault OTX51m ago

CISA KEV2h ago

Elder Scam Sources2h ago

MISP OSINT1h ago

MalwareBazaar51m ago

OpenPhish21m ago

PhishStatsnever

PhishTank51m ago

Phishing.Database (GitHub)49m ago

RSS Feeds21m ago

Shadowserver51m ago

Spamhaus DROP3h ago

ThreatFox51m ago

URLScan.io21m ago

URLhaus51m ago

disposable-email-domains4h ago

DOMAIN LOOKUP

GET /api/check-url