SURBL – Shortener Feed
  • continuous stream of shortener links that have been identified to be malicious, provides another additional layer of protection against protect against
  • ‘Shorts’ is a data set now available from SURBL
    – providing a feed of bad shortener links.

SURBL – shortener/redirector feed

Many shortened url’s are used to obfuscate and hide the intended ‘bad domain’, to avoid filtering, blocking, etc.

SURBL’s Shortener Feed – provides a dynamic and up to date list of current bad shortened domains.  These shortened domains ultimately direct to known bad / malicious sites – and should be scored, and managed accordingly.


  1. Zone transfer or DNS lookup to detect shorteners
  2. Rsync of currently abused shortener links 
  3. Ability for subscriber to submit new shorteners
  4. Ability for subscribers to submit shortener links currently being abused
Surbl feed samples