Spot a phishing URL? Report it once and we relay it to Google Safe Browsing, Cloudflare, and other security providers.
We'll verify it and relay to all major providers.
No account needed. We don't track you.
How it works
You shouldn't have to fill out five forms to report one phishing site. LooksPhishy takes your single report, verifies it, and relays it everywhere that matters.
Every URL is checked against threat intelligence feeds before relay. No false positives wasting provider time.
Reports are queued and dispatched in seconds. Background workers handle the fan-out so nothing blocks or drops.
Every line of code is public. Audit it, fork it, self-host it. This is a community tool, not a product.
Email forwarding
Got a phishing email? Don't bother copying the URL. Forward the entire email to this@looksphishy.org and we'll handle the rest.
---------- Forwarded message ----------
From: security@bankofamerica-verify.com
Subject: Verify your account immediately
Dear Customer, your account has been limited. Please verify your identity at http://bankofamerica-verify.com/login
For developers
Use the API to report URLs from your own security tooling, browser extensions, or abuse pipelines.
curl -X POST https://api.looksphishy.org/report \
-H "Content-Type: application/json" \
-d '{"url": "https://suspicious-site.com/login"}'Public reporting endpoint. No sign-up, no rate limit headaches.
Submit multiple URLs in one request for bulk reporting.
Get notified when your report has been verified and relayed.