URL THREAT INTELLIGENCE · v0.5.0 · OPERATIONAL

The full anatomy of a phishing site,
one URL at a time.

ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.

100 scans / day · free · typical scan 2–4 s ·

try

PHISHING · MEDIUM CONFIDENCE

Phishing detected

brand Instagram scan id 62fe4816 duration — signals 0 failing / 0

Risk score 0.90

90 / 100 · —

Was this verdict correct?

Tags

URL anatomy

https :// .

flagged registered domain path protocol / query

Indicators of compromise 4 · click any row to copy

Defang hxxps://example[.]com

URL	hxxps://instagram[.]com/accounts/password/report/33ov3t/
Brand	Instagram
Screenshot	https://cdn.zerophish.ai/8caec926-eed2-476d-8c8a-f389a813cb74.jpg
Scan ID	62fe4816-e3e0-4773-ba27-65ff5c84567b

Detection signals 0 fail · 0 warn · 0 pass

No detection signals on this scan — it predates the signal pipeline. Re-analyze to capture them.

Captured page from scan

screenshot · captured at scan live page render

Brand impersonation visual + DOM analysis

No brand impersonation signals available.

Technical profile resolved at scan time

No technical metadata captured for this scan.

Analyst summary AI-generated

Initial scan heuristic + LLM

The URL does not point to the legitimate Instagram domain, and the web page purports to respond to a user action (password reset request) that the user did not take. The absence of any form of authentication for the supposed user action is a common technique in phishing scams.

The full anatomy of a phishing site, one URL at a time.

Phishing detected

The full anatomy of a phishing site,
one URL at a time.