Redleg Home

Is Flagged Phishing?

Checks for URLs from your domain that are flagged for Phishing


This tool is going to check if any URLs from your site are currently listed in a couple of Phishing DBs. If it finds any the tool will let you know if Google has the URL flagged for Social Engineering. It is also going to check the URL you enter to see if it is currently listed in Google’s Malware API, if Google has the URL flagged.

When you submit the tool will query the API to see if the URL is listed and respond with -


1. If you are checking a URL that is on a sub-domain - http(s):// - you should also check the main domain - http(s):// .
2. If you are collecting "user information", password, email over HTTP Google is going to flag as phishing. Any URL that collects "user information" must be HTTPS. You also need to 301 redirect HTTP to HTTPS.
3. Google’s Malware API will return "SOCIAL_ENGINEERING" if a URL is flagged for "traditional phishing" OR if the site is flagged for "deceptive content".
4. The tool is also going to try and check the IP your site is hosted on, If you are on shared hosting the URL may or may not be from your site.
5. If your search results are labeled "This site may be hacked" typically that is going to be some sort of spam hack and your site will not be listed in the Malware API, this utility will return null.
6. My phishing URLs database updates once an hour so there is no point in repeatedly checking your site every few minutes. Repeatedly checking a URL every few seconds will likely get you banned from using this tool!