zerophish / console
Register Sign in
URL THREAT INTELLIGENCE · v0.5.0 · OPERATIONAL

The full anatomy of a phishing site,
one URL at a time.

ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.

scan
100 scans / day · free · typical scan 2–4 s ·
try
Result scan 0406a977
Scan another →
CACHED Showing previous scan from 15 d ago. Click Reanalyze to run a fresh scan.
SUSPICIOUS · LOW CONFIDENCE

Suspicious — review required

brand Unknown scan id 0406a977 duration 2.69s signals 0 failing / 12
Risk score 0.18
18 / 100 · Medium risk
Tags
URL anatomy mobimera.com
https :// mobimera . com /click ? key=7bc438a073a94ad7b5b61c48eb812a04&SUB_ID_SHORT=68a5102528243b3f39c6f5bb9918c454&COST_CPA=2.000000&CAMPAIGN_ID=1419454&PLACEMENT_ID=26582443&PUBLISHER_ID=2000617&ZONE_ID=4941353&REMOTE_LANGUAGE_CODE=en&BROWSER_NAME=Mobile%20Safari&USER_OS=iOS&USER_OS_VER=26.5&DEVICE_BRAND=Apple&DEVICE_MODEL=iPhone&USER_CARRIER=Cloudflare%20Warp&LANDING_ID=6658783&BANNER_ID=3759950&PRELAND_ID=&REMOTE_COUNTRY=Switzerland&REMOTE_IP=104.28.221.246&USERAGENT=Mozilla%2F5.0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_7%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605.1.15%20%28KHTML%2C%20like%20Gecko%29%20Version%2F26.5%20Mobile%2F15E148%20Safari%2F604.1&USER_CITY=Zurich&COUNTRY_CODE=CH&__bjs=eyJiIjp7ImpzIjoxLCJjIjoxLCJjbiI6MSwibSI6MSwiZG0iOjAsIm1jZiI6MCwiYmEiOjEsIm1wNGEiOjEsIm1wNHQiOjAsIm10Ijo1LCJ0eiI6LTEyMCwidWEiOiJNb3ppbGxhLzUuMCAoaVBob25lOyBDUFUgaVBob25lIE9TIDE4XzcgbGlrZSBNYWMgT1MgWCkgQXBwbGVXZWJLaXQvNjA1LjEuMTUgKEtIVE1MLCBsaWtlIEdlY2tvKSBWZXJzaW9uLzI2LjUgTW9iaWxlLzE1RTE0OCBTYWZhcmkvNjA0LjEiLCJwIjoiaVBob25lIiwicnRjIjoxLCJzIjoxLCJ2IjowfSwiYSI6eyJjMSI6MCwidyI6MCwiY3ciOjAsImFlIjowLCJ0cyI6MSwic2kiOjB9LCJ3ZyI6eyJ2IjoiQXBwbGUgSW5jLiIsInIiOiJBcHBsZSBHUFUiLCJlIjowfSwicyI6eyJwciI6MywidyI6NDMwLCJoIjo5MzIsIml3Ijo0MzAsImloIjo3NzUsIm93Ijo0MzAsIm9oIjo5MzIsImF3Ijo0MzAsImFoIjo5MzIsImNkIjoyNCwicGQiOjI0fSwibiI6eyJlIjoxfSwiaCI6eyJoYyI6NCwia2wiOiIwIn0sIm0iOnsiYSI6MSwiZyI6MSwibSI6MX0sInQiOnsiZSI6MSwicCI6NSwicGUiOjF9LCJzdCI6eyJsIjoxLCJzIjoxLCJpIjoxfSwibnciOm51bGwsImYiOjAsIm13IjoxfQ==&__originalReferer=https%3A%2F%2Fgmc-infotainment-system-reset.pages.dev%2F
flagged registered domain path protocol / query
Indicators of compromise 4 · click any row to copy
URL hxxps://mobimera[.]com/click?key=7bc438a073a94ad7b5b61c48eb812a04&SUB_ID_SHORT=68a5102528243b3f39c6f5bb9918c454&COST_CPA=2[.]000000&CAMPAIGN_ID=1419454&PLACEMENT_ID=26582443&PUBLISHER_ID=2000617&ZONE_ID=4941353&REMOTE_LANGUAGE_CODE=en&BROWSER_NAME=Mobile%20Safari&USER_OS=iOS&USER_OS_VER=26[.]5&DEVICE_BRAND=Apple&DEVICE_MODEL=iPhone&USER_CARRIER=Cloudflare%20Warp&LANDING_ID=6658783&BANNER_ID=3759950&PRELAND_ID=&REMOTE_COUNTRY=Switzerland&REMOTE_IP=104[.]28[.]221[.]246&USERAGENT=Mozilla%2F5[.]0%20%28iPhone%3B%20CPU%20iPhone%20OS%2018_7%20like%20Mac%20OS%20X%29%20AppleWebKit%2F605[.]1[.]15%20%28KHTML%2C%20like%20Gecko%29%20Version%2F26[.]5%20Mobile%2F15E148%20Safari%2F604[.]1&USER_CITY=Zurich&COUNTRY_CODE=CH&__bjs=eyJiIjp7ImpzIjoxLCJjIjoxLCJjbiI6MSwibSI6MSwiZG0iOjAsIm1jZiI6MCwiYmEiOjEsIm1wNGEiOjEsIm1wNHQiOjAsIm10Ijo1LCJ0eiI6LTEyMCwidWEiOiJNb3ppbGxhLzUuMCAoaVBob25lOyBDUFUgaVBob25lIE9TIDE4XzcgbGlrZSBNYWMgT1MgWCkgQXBwbGVXZWJLaXQvNjA1LjEuMTUgKEtIVE1MLCBsaWtlIEdlY2tvKSBWZXJzaW9uLzI2LjUgTW9iaWxlLzE1RTE0OCBTYWZhcmkvNjA0LjEiLCJwIjoiaVBob25lIiwicnRjIjoxLCJzIjoxLCJ2IjowfSwiYSI6eyJjMSI6MCwidyI6MCwiY3ciOjAsImFlIjowLCJ0cyI6MSwic2kiOjB9LCJ3ZyI6eyJ2IjoiQXBwbGUgSW5jLiIsInIiOiJBcHBsZSBHUFUiLCJlIjowfSwicyI6eyJwciI6MywidyI6NDMwLCJoIjo5MzIsIml3Ijo0MzAsImloIjo3NzUsIm93Ijo0MzAsIm9oIjo5MzIsImF3Ijo0MzAsImFoIjo5MzIsImNkIjoyNCwicGQiOjI0fSwibiI6eyJlIjoxfSwiaCI6eyJoYyI6NCwia2wiOiIwIn0sIm0iOnsiYSI6MSwiZyI6MSwibSI6MX0sInQiOnsiZSI6MSwicCI6NSwicGUiOjF9LCJzdCI6eyJsIjoxLCJzIjoxLCJpIjoxfSwibnciOm51bGwsImYiOjAsIm13IjoxfQ==&__originalReferer=https%3A%2F%2Fgmc-infotainment-system-reset[.]pages[.]dev%2F
Host mobimera[.]com
Screenshot https://cdn.zerophish.ai/68c62b7f-2c1e-4b02-920d-357ca9446292.jpg
Scan ID 0406a977-1861-4174-9f12-2630e0280d67
Related detections 1 other scan on this registered domain
15 d ago
 SAFE mobimera.com safe
Detection signals 0 fail · 0 warn · 7 pass
Brand typo-squat detected
No similar legitimate brand within edit-distance 2
critical
Domain age
Awaiting analysis
high
Threat intel blocklists
Awaiting analysis
critical
Credential collection form
No credential collection form on visible content
high
Visual similarity to known brand
Brand presentation matches the registered owner
high
Favicon impersonation
Favicon matches the registered owner
medium
SSL certificate
Served over HTTPS · valid TLS certificate
low
DNS reputation
Awaiting analysis
medium
showing 8 of 12 ·
Captured page from scan
Captured page
screenshot · captured at scan live page render
Brand impersonation visual + DOM analysis

No brand impersonation signals available.

Technical profile resolved at scan time
Host mobimera.com
Registered domain mobimera.com
Scheme https
Content length 42581 B
HTTP 200 · text/html
Analyst summary AI-generated
Initial scan heuristic + LLM

The page is a simple marketing/landing screen titled “Digital Safety Hub” with the message “Your Guide to Online Safety” and a single “Learn More” button. There are no visible login, password, payment, or credential-collection elements in the provided HTML/OCR, and the page does not show brand impersonation (no PayPal/Apple/etc. content) or urgency/security-warning language.

The URL is a tracking/redirect-style link on a third-party domain (mobimera.com) that ultimately likely routes elsewhere, which is a mild risk factor, but the landing content itself does not contain strong phishing cues in the supplied snapshot. Based on limited evidence and lack of credential harvesting indicators, this is most consistent with a low-suspicion intermediary landing page rather than an active phishing form.