zerophish / console
Register Sign in
URL THREAT INTELLIGENCE · v0.5.0 · OPERATIONAL

The full anatomy of a phishing site,
one URL at a time.

ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.

scan
100 scans / day · free · typical scan 2–4 s ·
try
Result scan fa72cb4e
Scan another →
CACHED Showing previous scan from 15 d ago. Click Reanalyze to run a fresh scan.
SUSPICIOUS · MEDIUM CONFIDENCE

Suspicious — review required

brand GMC scan id fa72cb4e duration 9.37s signals 0 failing / 12
Risk score 0.25
25 / 100 · Medium risk
Tags
URL anatomy gmc-infotainment-system-reset.pages.dev
https :// gmc-infotainment-system-reset . pages . dev
flagged registered domain path protocol / query
Indicators of compromise 6 · click any row to copy
URL hxxps://gmc-infotainment-system-reset[.]pages[.]dev
Host gmc-infotainment-system-reset[.]pages[.]dev
Registered domain pages[.]dev
Brand GMC
Screenshot https://cdn.zerophish.ai/4558b9b8-cbab-4a80-9470-d1993a6a3ad7.jpg
Scan ID fa72cb4e-97fe-48d1-9d25-6d1c660aa4f5
Related detections 5 other scans on this registered domain
15 d ago
 SUSPICIOUS mobimera.com safe
15 d ago
 SAFE mobimera.com safe
15 d ago
 SUSPICIOUS orangecash-top.pages.dev safe
515 d ago
 REVIEW revoke-cash-39s.pages.dev safe
521 d ago
 REVIEW zerophish.pages.dev safe
Detection signals 0 fail · 0 warn · 7 pass
Brand typo-squat detected
No similar legitimate brand within edit-distance 2
critical
Domain age
Awaiting analysis
high
Threat intel blocklists
Awaiting analysis
critical
Credential collection form
No credential collection form on visible content
high
Visual similarity to known brand
Brand presentation matches the registered owner
high
Favicon impersonation
Favicon matches the registered owner
medium
SSL certificate
Served over HTTPS · valid TLS certificate
low
DNS reputation
Awaiting analysis
medium
showing 8 of 12 ·
Captured page from scan
Captured page
screenshot · captured at scan live page render
Brand impersonation visual + DOM analysis
G
GMC
15%
Technical profile resolved at scan time
Host gmc-infotainment-system-reset.pages.dev
Registered domain pages.dev
Scheme https
Content length 78201 B
HTTP 200 · text/html
Analyst summary AI-generated
Initial scan heuristic + LLM

This page presents itself as a blog-style guide titled “Fixing glitches with a GMC infotainment system reset” and provides step-by-step DIY reset instructions for GMC vehicles (soft reset, factory reset, dealing with a black screen).

Suspicious elements include an external ad/interstitial section with a “Alternative link” and a “Double Click (2x) to access the content - It’s Free!” style prompt, plus an unrelated interstitial entry referencing “lacylotus leaked onlyfans,” which is not relevant to the stated automotive topic. However, the HTML/OCR provided does not show any login or credential-collection form, password fields, or requests for personal information.

The URL domain is a generic GitHub Pages/hosting pattern (“pages.dev”) that does not match GMC’s official domain; nevertheless, this mismatch is common for SEO/content spam sites and is not sufficient by itself to conclude phishing without credential harvesting or account-urgency cues.

Overall, the content reads like an informational article with light ad clutter rather than a credential-stealing flow.