Open source & free forever

Report once.
Protect everyone.

Spot a phishing URL? Report it once and we relay it to Google Safe Browsing, Cloudflare, and other security providers.

Report a phishing URL

We'll verify it and relay to all major providers.

No account needed. We don't track you.

How it works

One report. Five+ destinations.

You shouldn't have to fill out five forms to report one phishing site. LooksPhishy takes your single report, verifies it, and relays it everywhere that matters.

🐟

Your report

One suspicious URL

Google

Web Risk

Netcraft

Takedowns

Cloudflare

Abuse Reports

Registrar

Domain abuse

Hosting

Content abuse

The problem

Nobody's connecting the dots.

When you report a phishing site to Google, Cloudflare has no idea. Neither does the registrar. The site stays up on every platform you didn't report to.

Without LooksPhishy

Fill out Google's report form
Find the registrar via WHOIS, email them
Look up the hosting provider, email them too
Hope you didn't miss anyone

With LooksPhishy

Paste the URL. Done.
Automatically verified
Relayed to 5 providers simultaneously
Track the status in real time

Coverage

Where your report goes

Each report triggers multiple actions across different layers of the internet's security infrastructure.

Browser blocking

Google Web Risk flags the URL in Chrome, Firefox, Safari, and Android. 4+ billion devices protected.

Google Web Risk

Site takedown

Netcraft initiates takedown procedures with direct relationships to hosting providers worldwide.

Netcraft

CDN reporting

If the site is behind Cloudflare, the abuse report goes directly to their trust and safety team.

Cloudflare

Abuse emails

Automated abuse reports to the domain registrar and hosting provider, identified via RDAP lookups.

Registrar + Hosting

Email forwarding

Just forward the email.

Got a phishing email? Don't bother copying the URL. Forward the entire email to this@looksphishy.org and we'll handle the rest.

URLs are extracted from the email body and headers automatically
Works from any email client — Gmail, Outlook, Apple Mail, anything
Each URL is verified, then relayed to all providers

To: this@looksphishy.org

Subject: Fwd: Verify your account immediately

---------- Forwarded message ----------

From: security@bankofamerica-verify.com

Subject: Verify your account immediately

Dear Customer, your account has been limited. Please verify your identity at http://bankofamerica-verify.com/login

1 URL extracted · Verified · Relayed to all providers

Built on trust

Open source, non-profit, privacy-first.

Open source

The relay platform is fully open source. Audit how reports are processed and where they go.

No tracking

No cookies, no analytics, no fingerprinting. We don't track reporters. Your IP isn't stored with reports.

Auto-verified

Every URL is verified against threat intelligence before any report is sent. No false positives wasting provider time.

Report once. Protect everyone.