zerophish / console
Register Sign in
URL THREAT INTELLIGENCE · v0.5.0 · OPERATIONAL

The full anatomy of a phishing site,
one URL at a time.

ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.

scan
100 scans / day · free · typical scan 2–4 s ·
try
Result scan 6edfab73
Scan another →
CACHED Showing previous scan from 9 h ago. Click Reanalyze to run a fresh scan.
SAFE · HIGH CONFIDENCE

No phishing signals detected

brand Instagram scan id 6edfab73 duration 16.53s signals 1 failing / 12
Risk score 0.05
5 / 100 · Low risk
Tags
URL anatomy www.instagram.com
https :// www . instagram . com /reel/DZVH2CrpOcC/ ? igsh=cWY3azlldDdjb3Nn
flagged registered domain path protocol / query
Indicators of compromise 6 · click any row to copy
URL hxxps://www[.]instagram[.]com/reel/DZVH2CrpOcC/?igsh=cWY3azlldDdjb3Nn
Host www[.]instagram[.]com
Registered domain instagram[.]com
Brand Instagram
Screenshot https://cdn.zerophish.ai/7139fb4e-1aec-4bf7-883b-3f6d7c332eeb.jpg
Scan ID 6edfab73-c8b8-4e39-b293-e00feb92c4af
Related detections 2 other scans on this registered domain
154 d ago
 PHISHING instagram.com view →
309 d ago
 REVIEW www.instagram.com safe
Detection signals 1 fail · 0 warn · 6 pass
Brand typo-squat detected
Registered brand domain
critical
Domain age
Awaiting analysis
high
Threat intel blocklists
Awaiting analysis
critical
Credential collection form
No credential collection form on visible content
high
×
Visual similarity to known brand
100% structural similarity to Instagram
high
Favicon impersonation
Favicon matches the registered owner
medium
SSL certificate
Served over HTTPS · valid TLS certificate
low
DNS reputation
Awaiting analysis
medium
showing 8 of 12 ·
Captured page from scan
Captured page
screenshot · captured at scan live page render
Brand impersonation visual + DOM analysis
I
Instagram
instagram.com
100%
Technical profile resolved at scan time
Host www.instagram.com
Registered domain instagram.com
Scheme https
Content length 688816 B
HTTP 200 · text/html
JARM 7939b39b37937930320320320320128c19258acd09ccdea8faad630541ff7e
Redirect hops 1
Analyst summary AI-generated
Initial scan heuristic + LLM

The page is presenting itself as Instagram content (“Instagram” in the HTML title/SVG and the OCR text includes the Instagram footer like “© 2026 Instagram from Meta”). The URL is a legitimate Instagram domain and path for a reel (instagram.com/reel/…), indicating the request is for an in-site media page rather than an off-brand landing page.

Suspicious phishing signals are largely absent: there is no visible lookalike brand, no urgent payment/security warning text, and no external redirect patterns typical of phishing. While the header/navigation includes links like “Log In” and “Sign Up,” the provided HTML/OCR does not show an actual credential-collection form requesting a username/password on this page.

Because the branding matches Instagram and the URL belongs to instagram.com, the phishing risk is low. Any login-related elements appear to be normal site navigation rather than a harvesting form.