zerophish / console
Register Sign in
URL THREAT INTELLIGENCE · v0.5.0 · OPERATIONAL

The full anatomy of a phishing site,
one URL at a time.

ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.

scan
100 scans / day · free · typical scan 2–4 s ·
try
Result scan c0ff31cc
Scan another →
CACHED Showing previous scan from 10 d ago. Click Reanalyze to run a fresh scan.
SAFE · LOW CONFIDENCE

No phishing signals detected

brand Pandorex scan id c0ff31cc duration 9.49s signals 0 failing / 12
Risk score 0.12
12 / 100 · Low risk
Tags
URL anatomy https
https :// https . //pandorex.info
flagged registered domain path protocol / query
Indicators of compromise 5 · click any row to copy
URL Https://pandorex[.]info
Host https
Brand Pandorex
Screenshot https://cdn.zerophish.ai/8360d8c4-9ddd-4ff0-ade6-cad25550e4fa.jpg
Scan ID c0ff31cc-9e69-487d-b2a3-7dafed0bb1e2
Related detections 24 other scans on this registered domain
9 h ago
 SAFE www.instagram.com safe
1 d ago
 SAFE www.20min.ch safe
1 d ago
 SAFE golem.de safe
1 d ago
 PHISHING bradesco.ativacaodechat.com view →
1 d ago
 PHISHING vendageral-rockinrio.com view →
11 d ago
 SAFE nemonicon.com safe
12 d ago
 SAFE login.microsoftonline.com safe
12 d ago
 SAFE www.paypal.com safe
Detection signals 0 fail · 1 warn · 6 pass
Brand typo-squat detected
No similar legitimate brand within edit-distance 2
critical
Domain age
Awaiting analysis
high
Threat intel blocklists
Awaiting analysis
critical
Credential collection form
No credential collection form on visible content
high
Visual similarity to known brand
Brand presentation matches the registered owner
high
Favicon impersonation
Favicon matches the registered owner
medium
!
SSL certificate
Could not determine TLS status
low
DNS reputation
Awaiting analysis
medium
showing 8 of 12 ·
Captured page from scan
Captured page
screenshot · captured at scan live page render
Brand impersonation visual + DOM analysis
P
Pandorex
5%
Technical profile resolved at scan time
Host https
Registered domain https
Scheme https
Content length 192618 B
HTTP 200 · text/html
Analyst summary AI-generated
Initial scan heuristic + LLM

The page presents itself as a German “Pandorex” tech news site (e.g., page title “Pandorex — Tech News”, navigation categories like “Security”, “KI & Chips”, and multiple article cards). The content is informational and does not display typical phishing bait such as account-lockout messages, fake payment prompts, or links urging urgent action.

Suspicious elements were minimal: there is a newsletter signup area (“Newsletter… Anmelden… Double Opt-In”), but no visible password/login or credential-collection form in the provided HTML snippet. The URL uses a generic domain (pandorex.info) that matches the site’s own branding, with no evidence of impersonating a major financial brand (e.g., PayPal) or mismatched domain/branding.

Overall, based on the provided HTML/OCR, this looks like a legitimate content/news landing page rather than a credential-harvesting phishing site, though the confidence is kept low because only a portion of the page was provided and we cannot verify backend behaviors or redirect targets.