zerophish / console
Register Sign in
URL THREAT INTELLIGENCE · v0.5.0 · OPERATIONAL

The full anatomy of a phishing site,
one URL at a time.

ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.

scan
100 scans / day · free · typical scan 2–4 s ·
try
Result scan 4f4f5b86
Scan another →
CACHED Showing previous scan from 428 d ago. Click Reanalyze to run a fresh scan.
REVIEW · MEDIUM CONFIDENCE

Review required

brand Vodafone scan id 4f4f5b86 duration signals 0 failing / 0
Risk score 0.10
10 / 100 · —
Tags
URL anatomy
https :// .
flagged registered domain path protocol / query
Indicators of compromise 4 · click any row to copy
URL hxxp://vodafone[.]telekomdienst[.]de
Brand Vodafone
Screenshot https://cdn.zerophish.ai/9886a684-512c-4197-a529-1ae26e7d3102.jpg
Scan ID 4f4f5b86-f107-4aa1-a668-4921552c8b71
Detection signals 0 fail · 0 warn · 0 pass

No detection signals on this scan — it predates the signal pipeline. Re-analyze to capture them.

Captured page from scan
Captured page
screenshot · captured at scan live page render
Brand impersonation visual + DOM analysis

No brand impersonation signals available.

Technical profile resolved at scan time

No technical metadata captured for this scan.

Analyst summary AI-generated
Initial scan heuristic + LLM

The site URL incorporates the brand name ‘Vodafone’ alongside ‘telekomdienst.de’ which is suspicious. The summary of the webpage does not reflect standard content of a phishing site, while text extracted through OCR simply indicates an error message, not indicative of a phishing attempt. Overall, while the URL is suspicious, the content seem not to be consistent with a malicious site. Hence, the phishing score is relatively low.