The full anatomy of a phishing site,
one URL at a time.
ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.
Review required
| URL | hxxps://gestaltvalentine[.]fr/irz/ | |
| Brand | api.id.me | |
| Screenshot | https://cdn.zerophish.ai/9ba98ce0-962c-4620-bff9-22f3a40c293b.jpg | |
| Scan ID | 24b47fb4-8a76-4f87-ab22-96b95743af97 |
No detection signals on this scan — it predates the signal pipeline. Re-analyze to capture them.
No brand impersonation signals available.
No technical metadata captured for this scan.
The site at https://gestaltvalentine.fr/irz/ is identified to belong to api.id.me (according to the favicon and text on the page). However, this domain does not match the official api.id.me domain. Despite the mismatch in domain, there are no immediate phishing features such as fake login, alerting the user of problems, or false offers. The page also seems to use Cloudflare for additional security. Nonetheless, the discrepancy in domain is noticeable and gives it a minor phishing_score of 0.2. It’s recommended to proceed with caution due to this mismatched domain. Therefore, although the domain name is suspicious, it’s not necessarily a phishing site.