More phishy url checks

We got a question from a user on why we don't do phishy checks on other Top Level Domains (TLDs) for the domains in the assets. That's a good one. We already did phishy checks on all permutations of your domains. That includes some other tlds, but not all, so this makes quite a good addition.

This week's update includes just that: ShadowTrackr now checks if your domain is up and phishy on the 10 most common TLDs used for phishing. So, if your asset is shadowtrackr.com, we'll monitor shadowtrackr.info, shadotrackr.net, and a bunch of others. You can view the results for any of your domains from the link on the domain page:

shadowtrackr.com/usr/phishy_urls?url=shadowtrackr.com

That page now also includes an overview of potential phishy domains that are not yet registered. This is to give you a better chance to register the bad ones yourself before the scammers and phishers do.

We already introduced the option to add your own custom phishy urls to our monitoring. If you have dozens of domains and want to add a specific TLD for all of them, that might be a lot of work. Just contact us and we'll add your TLD to the standard monitoring.

Security.txt, UX and performance update

This week's update has quite some impact on three fronts. The first is that there is quite a performance update. The GUI is notably faster and more snappy.

The second is that the User Experience has improved. There are copy icons next to almost all ip addresses, urls, and hashes. Most of these are clickable and lead you to some other page in the GUI, meaning they are hard to copy. Typically you do want to copy them for checks in other systems, and that has become much easier now. Some layouts have improved, and on the website and certificate pages there is an external link icon allowing you to easily open the website in a new tab for visual inspection. There is an external link icon for the security.txt files too.

The third and last is the improved syntax check on security.txt. For every website, there are three new fields available: security_txt_exists, security_txt_valid, and security_txt_errors. To help you find your way around these, there are two new reports available in the report library: the "Security.txt validation report" showing all websites with a problematic security.txt file, and the "Missing security.txt report" showing all websites that do not have a security.txt file.

Updated GUI and phishy urls

Two big items in this update. The first is the updated GUI. The goal was improved clarity and usability. Contrast has improved, icons and badges were added, asset pages have sticky headers, and things generally look smoother.

The second one are the phishy urls. There was a bug in there that kept detecting a phishy url as new if it was a permutation of two of your assets. Only one could be registered. That is fixed now, and the code had a major review. Phishy urls that redirect to the original url or one of your other assets are now clearly labeled. Babydomains are also clearly labeled if detected, as are reserved domains and redirects to marketing sites.

You can directly add a phishy_url to your assets if you bought it (from the action menu in the right top), and it's even possible to add your own phishy_urls that you want ShadowTrackr to monitor for you. Most should be detected by our algorithm, but some language specific urls (singulars/plurals) can be hard to generate.