zerophish / console
Register Sign in
URL THREAT INTELLIGENCE · v0.5.0 · OPERATIONAL

The full anatomy of a phishing site,
one URL at a time.

ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.

scan
100 scans / day · free · typical scan 2–4 s ·
try
Result scan f0c8197b
Scan another →
CACHED Showing previous scan from 457 d ago. Click Reanalyze to run a fresh scan.
PHISHING · MEDIUM CONFIDENCE

Phishing detected

brand web.com scan id f0c8197b duration signals 0 failing / 0
Risk score 0.80
80 / 100 · —
Tags
URL anatomy
https :// .
flagged registered domain path protocol / query
Indicators of compromise 4 · click any row to copy
URL hxxps://1153002[.]wcomhost[.]com
Brand web.com
Screenshot https://cdn.zerophish.ai/9ca82e0c-4c8e-405e-bc27-892bd29f8142.jpg
Scan ID f0c8197b-34cb-4051-843f-2579b0b3b5fc
Detection signals 0 fail · 0 warn · 0 pass

No detection signals on this scan — it predates the signal pipeline. Re-analyze to capture them.

Captured page from scan
Captured page
screenshot · captured at scan live page render
Brand impersonation visual + DOM analysis

No brand impersonation signals available.

Technical profile resolved at scan time

No technical metadata captured for this scan.

Analyst summary AI-generated
Initial scan heuristic + LLM

The website tries to imitate a legitimate web.com domain, which is a known brand, but the URL does not match the known domain of the actual brand. The URL has a different structure and the domain part includes a numeric string, which is a common sign of phishing websites. Also, there is a fake login form on the website. Although the text extracted doesn’t provide phishing attempts directly, such standards setups are commonly used in phishing attacks.