Solutions for
Internet Infrastructure
For over two decades, Netcraft has been providing hosting companies, domain registrars, and certificate authorities with invaluable insight into the integrity of their infrastructure.
Trusted by the industry
Since Netcraft first launched its anti-phishing system in 2005, over 173 million unique phishing sites have been detected and blocked. Our malicious site feeds are used throughout the internet infrastructure industry, which includes all the main web browsers and antivirus companies, firewall vendors, SSL certificate authorities, hosting companies, and domain registrars/registries.
Defeating cyber attacks with unmatched scale and effectiveness
Netcraftโs online brand protection operates 24/7 to discover phishing, fraud, scams, and cyber attacks through extensive automation, AI, machine learning, and human insight. Our disruption & takedown service ensures that malicious content is blocked and removed quickly and efficientlyโtypically within hours.
0%
of the worldโs phishing attacks taken down
0M+
threat reports and suspicious URLs analyzed every day
0M
cybercrime attacks blocked to date
0M+
attacks taken down and growing
Prevent your infrastructure being abused
Netcraft provide a detailed analysis of phishing and malware activity at any hosting company. In addition to the full list of fraudulent URLs, Netcraftโs insights allows analysis by registrar, name server, country, and phishing target, and provides historical trends to develop your threat intelligence.
Getting ahead of the threat
Netcraft’s Deceptive Domain Scores (and our other research tools) can form part of your preemptive cybersecurity controls, minimizing the likelihood of your infrastructure being compromised in the first place. Post incident, Netcraft’s platform of cybercrime alerting tools ensures instances of abuse of are swiftly detected, managed, and taken down.
Research and diligence for hosting companies
Netcraft provides extensive reports and analysis to provide independent insight into the security posture of hosting companies, which is invaluable for acquisition or investment diligence.
Cybercrime Alerts
Timely notifications to registrars and hosting companies if cybercriminals are using any aspect of their infrastructure.
Deceptive Domain Score
A tool for domain registrars, registries, and certificate authorities to determine the likelihood that a domain name will be used for fraudulent activities.
Threat Intelligence
Each day, millions of URLs are classified according to the various types of attacks to produce malicious site and threat intelligence feeds.
Hosting Provider Analysis
An independent, worldwide view, on the numbers of web servers, the rate of growth, the operating systems, and web server technology used at each hosting company.
Phishing and Malware Reports
Registrars, hosting providers, and ISPs are able to provide a footprint of their IP addresses, name servers, and WHOIS servers, so that when we validate a phishing report, they receive an alert if the phishing site is using any aspect of their infrastructure.
Frequently Asked Questions
Netcraft provides validated alerts when phishing sites are detected. This is essential for hosting companies and registrars who wish to maintain their reputation.
The Deceptive Domain Score is a means of quantifying the likelihood of a domain name being used for fraudulent activities, such as phishing campaigns.
Implementing a robust technical defense against abusive registration helps protect the TLD from fraud and maintain public trust. The Deceptive Domain Score can be used as part of this defense, making life more difficult for fraudsters and simultaneously protecting the registry and registrar against fraudulent payments.
Despite industry requirements for increased vetting of high-risk requests, many criminals obtain SSL certificates for fraudulent domain names. Certificate authorities can make use of the service to determine if a domain name is likely to be used for fraudulent purposes before issuing the certificate.
SSL certificates lend an additional air of authenticity to phishing sites, causing the victims’ browsers to display a padlock icon to indicate a secure connection. Consumers have been trained to ‘look for the padlock’ in their browser before submitting sensitive information to websites, such as passwords and credit card numbers.
The data submitted to a phishing site using TLS is protected from eavesdroppers. However, a displayed padlock alone does not imply that a site using TLS can be trusted, or is operated by a legitimate organization.
Insights
Blog
March 2025 Web Server Survey
In the March 2025 survey we received responses from 1,197,680,522 sites across 275,633,322 domains and 13,402,722 web-facing computers. This reflects … Read More
Learn More
Blog
February 2025 Web Server Survey
In the February 2025 survey we received responses from 1,180,650,484 sites across 274,656,941 domains and 13,480,350 web-facing computers. This reflects … Read More
Learn More
Blog
The Bleeding Edge of Phishing: darcula-suite 3.0 Enables DIY Phishing of Any Brand
Key Data Overview The criminals at darcula are back for more blood, and they mean business with one of the … Read More
Learn More
Schedule time with us
Learn more about Netcraft’s powerful brand protection, external threat intelligence and digital risk protection platform