A continuously updated list of malicious, suspicious and high-risk domains collected from multiple intelligence sources. You can use the raw TXT feed for firewalls, SIEM, SOAR, DNS filtering and threat-blocking tools. Stay secure, stay informed and contribute if you identify new threats.
This repository is designed to help security teams, SOC analysts, researchers, and administrators block harmful domains at the network level.
Update of the Malicious-Domain List on 2026-01-24 09:14 IST
Total Malicious Domain's- 132550
🔥 Why This Repository?
Cybercriminals frequently register new domains for:
Phishing & credential harvesting Malware distribution Command-and-control (C2) servers Scam websites Fraudulent e-commerce Identity theft Banking fraud Social engineering campaigns
By maintaining a centralized list, we aim to:
Reduce exposure to malicious domains Enable automated blocking using RAW TXT feed Support firewall/SIEM/SOAR integrations
Help the community identify & report threats
🚨 Main Blocklist (RAW Link)
Use this link directly in:
Firewalls DNS filtering solutions Other security devices where IP blocking is possible within your environment
RAW TXT Feed:
https://raw.githubusercontent.com/amitambekar510/Malicious-Domain-Threat-List/refs/heads/main/Blacklisted_Malicious_Domain_Repo.txt https://raw.githubusercontent.com/amitambekar510/Malicious-Domain-Threat-List/refs/heads/main/Blacklisted_Malicious_Domain_Repo_aa.txt
🔄 Update Frequency
The domain list is updated:
Daily (whenever new intelligence is collected) Immediately for high-severity threats. You can follow commit history for update proofs.
🤝 Contribute New Malicious Domains
If you find suspicious/malicious domains, feel free to contribute!
✔️ Ways to Share:
Open an Issue Submit a Pull Request Connect with me on LinkedIn for direct sharing
👉 LinkedIn: https://www.linkedin.com/in/amitmilindambekar/