zerophish / console
Register Sign in
URL THREAT INTELLIGENCE · v0.5.0 · OPERATIONAL

The full anatomy of a phishing site,
one URL at a time.

ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.

scan
100 scans / day · free · typical scan 2–4 s ·
try
Result scan 3f5a2d5d
Scan another →
CACHED Showing previous scan from 16 d ago. Click Reanalyze to run a fresh scan.
SUSPICIOUS · LOW CONFIDENCE

Suspicious — review required

brand Plesk scan id 3f5a2d5d duration 4.07s signals 1 failing / 12
Risk score 0.08
8 / 100 · Medium risk
Tags
URL anatomy allegro.623687211-oferta-apple-watch-ultra-3-49mm.digital
http :// allegro . 623687211-oferta-apple-watch-ultra-3-49mm . digital /
flagged registered domain path protocol / query
Indicators of compromise 6 · click any row to copy
URL hxxp://allegro[.]623687211-oferta-apple-watch-ultra-3-49mm[.]digital/
Host allegro[.]623687211-oferta-apple-watch-ultra-3-49mm[.]digital
Registered domain 623687211-oferta-apple-watch-ultra-3-49mm[.]digital
Brand Plesk
Screenshot https://cdn.zerophish.ai/b00ab14f-a192-46df-a672-0203b9f20871.jpg
Scan ID 3f5a2d5d-5569-4151-9051-bd438a3c979e
Detection signals 1 fail · 0 warn · 6 pass
Brand typo-squat detected
No similar legitimate brand within edit-distance 2
critical
Domain age
Awaiting analysis
high
Threat intel blocklists
Awaiting analysis
critical
Credential collection form
No credential collection form on visible content
high
Visual similarity to known brand
Brand presentation matches the registered owner
high
Favicon impersonation
Favicon matches the registered owner
medium
×
SSL certificate
Served over plaintext HTTP
low
DNS reputation
Awaiting analysis
medium
showing 8 of 12 ·
Captured page from scan
Captured page
screenshot · captured at scan live page render
Brand impersonation visual + DOM analysis
P
Plesk
2%
Technical profile resolved at scan time
Host allegro.623687211-oferta-apple-watch-ultra-3-49mm.digital
Registered domain 623687211-oferta-apple-watch-ultra-3-49mm.digital
Scheme http
Content length 56139 B
HTTP 200 · text/html
Analyst summary AI-generated
Initial scan heuristic + LLM

The page is a generic “Web Server’s Default Page” generated by Plesk, shown because “there is no Web site at this address.” It presents hosting/control-panel marketing content such as “Log in to Plesk to create websites and set up hosting” but the provided HTML contains only a Plesk logo and informational links—there is no visible credential/username/password form on the page.

Suspicious phishing elements are limited: while the URL contains unusual components related to “allegro” and “apple-watch…digital,” the content itself consistently references Plesk (e.g., “This page is generated by Plesk” and links to plesk.com). There are no fake security warnings, urgency/limited-time cues, or brand mismatch (the dominant brand is Plesk and the links go to plesk.com).

Given the evidence, this looks like a misconfigured server showing a default Plesk page rather than a phishing capture page. Confidence is kept low only because we cannot verify runtime behavior (e.g., whether the “Log in to Plesk” link leads to a credential form elsewhere), but based on the supplied content there is no direct harvesting form.