TLD Threat Intelligence

Flagged .download Domains

2 domains using the .download extension have been flagged by threat-intelligence feeds. The .download extension is among the most-abused top-level domains in published phishing-landscape data, which is why it appears frequently in scam infrastructure.

2
Flagged Domains
33
Avg Risk Score
Jul 3
Last Flagged

Flagged .download Domains

2 shown
DomainLast Seen
07vh2ie1.jozve.download Jul 3 appdownload.download Jun 8

Frequently Asked Questions

Are all .download websites scams?

No. The .download extension is among the most-abused top-level domains in published phishing-landscape data, which is why it appears frequently in scam infrastructure. Many legitimate sites use .download. This page lists only the specific .download domains flagged by threat-intelligence feeds — not the extension as a whole.

Why do scammers use .download domains?

Scammers favour cheap, fast-to-register extensions with slower abuse enforcement, because they expect the domain to be taken down within days. Registration cost and enforcement speed — not the extension's purpose — drive the choice.

How do I check if a specific .download site is safe?

Look it up here or on Google Safe Browsing and VirusTotal, and check its registration date with a WHOIS lookup. Very new domains imitating an established brand are a strong warning sign.

🔐Security Partner

Stop the next phishing attack before you click.

NordPass autofill only triggers on real domains. Fake login pages cannot trick it into entering your credentials.

Try NordPass →