Is this URL safe?
Paste a suspicious link. We check it against Google Safe Browsing, VirusTotal, URLhaus, domain registration data, and lookalike-brand detection — in one shot.
Phishing domains caught this week
Real scans, anonymized to domain only. Updated live.
What we check
The killer feature. Claude reads the actual page text and scores it for phishing — brand impersonation, urgency language, credential-harvesting patterns. Nothing else at this price does this.
Google's blocklist of known phishing pages, malware hosts, and unwanted-software distributors.
Aggregated verdict from 70+ AV engines and threat intelligence feeds.
Public malware URL database curated by abuse.ch researchers.
Token-level matching against 50+ commonly impersonated brands — catches both typosquats ("amaz0n") and hidden brand names ("amazon-secure-login").
Fresh domain + freshly issued cert = strong phishing pattern. We check RDAP for age and crt.sh for cert history.
Missing MX/SPF/DMARC records on a lookalike domain is a fingerprint of disposable phishing infrastructure.
Detects credential forms, password fields, urgency phrases ("verify your account", "suspended"), and forms that post to a different domain than the page.
Paste up to 50 URLs at once. Useful for IR teams triaging a phishing campaign or vetting an inbound link list.
More than just URL scanning
The same threat-intel pipeline, exposed as separate tools for the specific job you have.
Paste a suspicious email. We extract every URL and score the sender for brand impersonation.
Find lookalike domains targeting your brand. 150+ patterns, live DNS check on each.
Paste up to 50 URLs at once. Built for IR teams triaging a phishing campaign.
Browser extension, Outlook plugin, Copilot, Slack, SIEM webhooks, Zapier.
Public REST API + OpenAPI 3.1 spec. Same engine powering every integration.
Plain-English reference for phishing, BEC, AiTM, DMARC, and 20+ other security terms.