How Hackers can use .zip domains for Social Engineering and Phishing attacks 

I'm glad to help! Best of luck on it!

Thanks for the support! I honestly appreciate it. Google Safe Browsing is actually good at flagging phishing sites. Besides hoping the user doesn't Chrome, I've found these tips to help. Not a guarantee but it will 'add' to having your site not get flagged (In addition to what you're doing) 1. Age a new domain for at least 30 days. Preferably 90 days. So buy a new domain but don't use it for phishing yet and let it 'be out there' for those days so it can gain some reputation on being not malicious. You can also buy expired domains. Which are domains that have been purchased before but we're not renewed and available to buy. 2. Evilginx sends headers with 'Evilginx'. You have to manually remove them in the GitHub repository. If not, sites can see those headers and immediately mark it malicious. There might be more signatures that aren't well known. 3. Check if your domain is already categorized. Sites like McAfee and Symantec have online checkers. If they aren't categorized, age them and try to put in a categorized request for it. If it is categorized it adds to the legitimacy of the site. Hope this helps

To Be Honest! I have already applied these along with traffic analysis and identifying ranges to be blocked on proxy, I am using a proxy setup with blacklist config from apache. Nothing seems to have worked for now. It’s fine as long as the link is not opened, once the link is opened, it’s flagged! I’m afraid, that there doesn’t seem to be a way out 😢

That's awesome to know! I appreciate the support from you!

No, you'll have to have your PC on the whole time your phishing campaign is live. If a target clicks your link while your PC is off, the phishing environment will be offline so they'll get a 'cannot find' error.

i tried getting all tools to defend still keep coming andcoming pls i woudl appreciate ur help any

Your personal PC at your house? Or PC at work?