URL THREAT INTELLIGENCE · v0.5.0 · OPERATIONAL

The full anatomy of a phishing site,
one URL at a time.

ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.

100 scans / day · free · typical scan 2–4 s ·

try

PHISHING · MEDIUM CONFIDENCE

Phishing detected

brand unknown scan id 5082bc76 duration — signals 0 failing / 0

Risk score 0.90

90 / 100 · —

Was this verdict correct?

Tags

URL anatomy

https :// .

flagged registered domain path protocol / query

Indicators of compromise 3 · click any row to copy

Defang hxxps://example[.]com

URL	hxxp://app-spk-erneuern[.]com/
Brand	unknown
Scan ID	5082bc76-f2be-4ba1-909b-9c56498781e2

Detection signals 0 fail · 0 warn · 0 pass

No detection signals on this scan — it predates the signal pipeline. Re-analyze to capture them.

Captured page from scan

no screenshot

screenshot · captured at scan live page render

Brand impersonation visual + DOM analysis

No brand impersonation signals available.

Technical profile resolved at scan time

No technical metadata captured for this scan.

Analyst summary AI-generated

Initial scan heuristic + LLM

The URL (http://app-spk-erneuern.com/) and the HTML content of the page show clear indicators of a phishing attack. The phishing score is 0.9, which is quite high. The HTML content shows a common social engineering technique often used in phishing attacks - alerting the user to a problem (IP being blocked). Additionally, the domain name in the URL does not match any known legitimate domain, making it a suspicious one.

The full anatomy of a phishing site, one URL at a time.

Phishing detected

The full anatomy of a phishing site,
one URL at a time.