I identified patterns and categorized them as strong positives, while continuing to search for new patterns and assigning scores based on factors such as TLD, host registrar, and registration duration.

The accuracy varies across categories, as some patterns cannot be linked to Canadian entities, but, most of the data is sourced from phishing feeds.

Thanks!

Great questions!

1) To my knowledge, there isn't a centralized phishing database specifically for Canadian entities, nor are there updated threat feeds available. My primary goal is to create a resource that is openly accessible and free for everyone. While I acknowledge that Microsoft’s threat intelligence is far superior to what I can offer (I used to work a lot with their security products), it comes at a high price and lacks the flexibility for inspection and use.

2) I shared this project on my personal Linkedin to gather feedback, as I haven't registered a company yet. I plan to enhance transparency in the future, but for now, it’s mainly a personal/nerd project. The third-party credited is Whoxy, they allow me to use their WHOIS records for free since my project is non-commercial, and I need to provide appropriate credit for that.

I hope this clarifies things!

It only tracks phishing related to Canadian entities (banks, utilities etc.). So it's not restricted to .ca (if that was your question!).

Hey, I don't rely on any agents, my approach primarily involves heuristic-based detection and fuzzing using various open data sources.