---
name: search-phishings
type: instructions
description: Free-text search across active phishing URLs, domains, and IP addresses.
---

# Search active phishings

## Purpose
Free-text substring search across the URL, domain, and IP address columns of
the active phishing feed. Use for queries like "show me sites containing
steamcommunity", "phishing on 1.2.3.4", or "anything with ingdirect in the URL".

## Endpoint
```
GET https://phishunt.io/api/v1/search.json?q=<query>&limit=<n>
```

## Parameters
- `q` - search string. Minimum 3 characters. Case-insensitive substring match.
- `limit` - 1-200 (default 50).

## Example
```bash
curl -sf 'https://phishunt.io/api/v1/search.json?q=instagram&limit=10' | jq '.count, .results[].url'
```

## Errors
- HTTP 400 with `{"error": "'q' must be at least 3 characters"}` for short queries.
