Check potentially dangerous websites.
One of the most frequent causes of large injections of spam into email systems is a compromise of web sites that contain malicious code.
Several organizations offer free online tools for looking up a potentially malicious website. Some of these tools provide historical information; others examine the URL in real time to identify threats:
- AbuseIPDB: Provides reputation data about the IP address or hostname
- BrightCloud URL/IP Lookup: Presents historical reputation data about the website
- CheckPhish: Checks whether the URL is a fraudulent site
- Desenmascara.me: Flags websitesĀ suspected of selling counterfeitĀ products
- FortiGuard lookup: Displays the URLā€™s history and category
- Google Safe Browsing: Look up the websiteā€™s current status
- hashdd: Provides historical data about IPs, URLs, etc.
- IBM X-Force Exchange: ProvidesĀ historical data about IPs, URLs, etc.
- Joe Sandbox URL Analyzer: ExaminesĀ the URL in real time
- Is It Hacked: Performs several checks in real time and consults some blacklists
- IsItPhishing:Ā Assesses the specified URL in real-time
- Kaspersky Threat Intel Portal: Looks up the IP, URL, or domain in a blacklist
- Norton Safe Web: Presents historical reputation data about the website
- Palo Alto Networks URL Filtering: Looks up the URL in a blacklist
- PhishTank: Looks up the URL in its database of known phishing websites
- Malware Domain List: Looks up recently-reported malicious websites
- MalwareURL: Looks up the URL in its historical list of malicious websites
- McAfee TrustedSource: Presents historical reputation data about the website
- MxToolbox: Queries multiple reputational sources for information about the IP or domain
- Open Threat Exchange: Presents diverse threatĀ intelligence data from AlienVault
- PassiveTotal: PresentsĀ passive DNS and other threat intelligence data
- Pulsedive: Presents historical data and queries for additional information
- Quttera ThreatSign: Scans the specified URL for the presence of malware
- Reputation Authority: Shows reputational data on specified domain or IP address
- Scamadviser: Checks whether the website is likely a shopping scam
- SecurityTrails: Provides current and historical domain or system data
- Sucuri SiteCheck: Scans the URL for malware in real-time and looks it up in several blacklists
- Talos Reputation Lookup:Ā Presents historical reputation data about the website
- Trend Micro Site Safety Center: Presents historical reputation data about the website
- Unmask Parasites: Looks up the URL in the Google Safe Browsing database
- urlscan.io: Examines the URL in real time and displays theĀ requests it issuesĀ to render the page
- URLVoidĀ andĀ IPVoid: Looks up the URL or IP in several blacklisting services
- VirusTotal: Looks up the URL in several databases of malicious sites
- ThreatMiner: Presents diverse threat intelligence data
- WebPulse Site Review: Looks up the website in BlueCoatā€™s database
- Zscaler Zulu URL Risk Analyzer: Examines the URL using real-time and historical techniques
- zveloLive: Looks up the website in its database of categories
Any on-line tools that should be on this list, but are missing?Ā Let me know. My other lists of on-line security resources outlineĀ Automated Malware Analysis ServicesĀ andĀ Blocklists of Suspected Malicious IPs and URLs.
(UpdatedĀ May 20, 2020, Lenny Zeltzer)