URL THREAT INTELLIGENCE · v0.5.0 · OPERATIONAL
The full anatomy of a phishing site,
one URL at a time.
ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.
100 scans / day · free
·
typical scan 2–4 s
·
try
SAFE · HIGH CONFIDENCE
No phishing signals detected
Risk score
0.00
0 / 100 · Low risk
URL anatomy
https
://
example
.
org
flagged
registered domain
path
protocol / query
Indicators of compromise
| URL | hxxps://example[.]org | |
| Host | example[.]org | |
| Screenshot | https://cdn.zerophish.ai/e3d35336-2057-412f-a658-71644e7f2e06.jpg | |
| Scan ID | dd97e424-995b-4b23-8b19-86beb741de65 |
Detection signals
Brand typo-squat detected
No similar legitimate brand within edit-distance 2
critical
Domain age
Awaiting analysis
high
Threat intel blocklists
Awaiting analysis
critical
Credential collection form
No credential collection form on visible content
high
Visual similarity to known brand
Brand presentation matches the registered owner
high
Favicon impersonation
Favicon matches the registered owner
medium
SSL certificate
Served over HTTPS · certificate validated by ApiFlash
low
DNS reputation
Awaiting analysis
medium
showing 8 of 12 ·
Captured page
Brand impersonation
No brand impersonation signals available.
Technical profile
| Host | example.org |
| Registered domain | example.org |
| Scheme | https |
| Content length | 39570 B |
| HTTP | 200 · text/html |
Analyst summary
Initial scan
The analyzed domain does not impersonate any brand, it doesn’t contain any credential collection form and hasn’t used any social engineering techniques. Thus, this webpage doesn’t appear to be a phishing site.