zerophish / console
Register Sign in
URL THREAT INTELLIGENCE · v0.5.0 · OPERATIONAL

The full anatomy of a phishing site,
one URL at a time.

ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.

scan
100 scans / day · free · typical scan 2–4 s ·
try
Result scan 492d2cfe
Scan another →
CACHED Showing previous scan from 13 d ago. Click Reanalyze to run a fresh scan.
SAFE · LOW CONFIDENCE

No phishing signals detected

brand Unknown scan id 492d2cfe duration 8.54s signals 0 failing / 12
Risk score 0.15
15 / 100 · Low risk
Tags
URL anatomy gestion.mesavantages-prime.com
https :// gestion . mesavantages-prime . com /signin ? email=patrick.hernandez@orange.fr&token=lqbmieq4ws1pguhj6rdjx1s3o8q9o6tb2mcpmdf2hvasgsikm0ywyu6kw3ofk3p2&downdate=19&amount=414.72&identity=patrick%20hernandez
flagged registered domain path protocol / query
Indicators of compromise 5 · click any row to copy
URL hxxps://gestion[.]mesavantages-prime[.]com/signin?email=patrick[.]hernandez@orange[.]fr&token=lqbmieq4ws1pguhj6rdjx1s3o8q9o6tb2mcpmdf2hvasgsikm0ywyu6kw3ofk3p2&downdate=19&amount=414[.]72&identity=patrick%20hernandez
Host gestion[.]mesavantages-prime[.]com
Registered domain mesavantages-prime[.]com
Screenshot https://cdn.zerophish.ai/94d1c281-be5a-43f3-9f16-2abc04d8d4a7.jpg
Scan ID 492d2cfe-f6f7-41d8-bf67-dc658157e8f0
Detection signals 0 fail · 0 warn · 7 pass
Brand typo-squat detected
No similar legitimate brand within edit-distance 2
critical
Domain age
Awaiting analysis
high
Threat intel blocklists
Awaiting analysis
critical
Credential collection form
No credential collection form on visible content
high
Visual similarity to known brand
Brand presentation matches the registered owner
high
Favicon impersonation
Favicon matches the registered owner
medium
SSL certificate
Served over HTTPS · valid TLS certificate
low
DNS reputation
Awaiting analysis
medium
showing 8 of 12 ·
Captured page from scan
Captured page
screenshot · captured at scan live page render
Brand impersonation visual + DOM analysis

No brand impersonation signals available.

Technical profile resolved at scan time
Host gestion.mesavantages-prime.com
Registered domain mesavantages-prime.com
Scheme https
Content length 40111 B
HTTP 200 · text/html
JARM 0d39b39b30d30d37d20320327d20122de7c02fe862e334985aa656e5df0651
Analyst summary AI-generated
Initial scan heuristic + LLM

The provided HTML and OCR show only a generic server error page: “521 Web Server Is Down” with “Code: InternalError” and no visible login/credential-collection UI. The URL domain (gestion.mesavantages-prime.com) does not indicate impersonation of a major brand like PayPal, and there are no signs of urgency cues, fake security warnings, or redirects to a brand-branded login form in the supplied content. Because the evidence is limited to an error response rather than the actual interactive phishing content, the verdict is conservative and leaning legitimate, but confidence remains low.