URL THREAT INTELLIGENCE · v0.5.0 · OPERATIONAL

The full anatomy of a phishing site,
one URL at a time.

ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.

100 scans / day · free · typical scan 2–4 s ·

try

REVIEW · MEDIUM CONFIDENCE

Review required

brand Google scan id c586dca2 duration — signals 0 failing / 0

Risk score 0.10

10 / 100 · —

Was this verdict correct?

Tags

URL anatomy

https :// .

flagged registered domain path protocol / query

Indicators of compromise 4 · click any row to copy

Defang hxxps://example[.]com

URL	hxxps://google[.]de
Brand	Google
Screenshot	https://cdn.zerophish.ai/a1b46844-c973-49b7-a3c4-25adb137885f.jpg
Scan ID	c586dca2-4815-4e25-b3b9-88903d6d77c2

Detection signals 0 fail · 0 warn · 0 pass

No detection signals on this scan — it predates the signal pipeline. Re-analyze to capture them.

Captured page from scan

screenshot · captured at scan live page render

Brand impersonation visual + DOM analysis

No brand impersonation signals available.

Technical profile resolved at scan time

No technical metadata captured for this scan.

Analyst summary AI-generated

Initial scan heuristic + LLM

The website analyzed appears to belong to the Google brand which is confirmed by the matching URL domain name (google.de). The HTML elements match the typical layout of a Google web page and there is no noticeable social engineering techniques (SE techniques) or suspicious elements. Therefore it appears to be a legitimate site. The phishing score is low because the brand matches the URL, there are no suspicious elements in the HTML and the site does not use common SE techniques.

The full anatomy of a phishing site, one URL at a time.

Review required

The full anatomy of a phishing site,
one URL at a time.