
United Airlines phishing & impersonation
Travelunited.com
21
Impersonation sightings
21
Distinct hosts
2026-07-02
Last detected
1
Official domains
ScanMalware watches every scanned site for signs it is impersonating United Airlines — the brand name in the page title or screenshot text, the brand's logo/favicon on a non-official host, and lookalike domains. A match on a host outside United Airlines's official domains is recorded below.
Official domains
united.com
Also known as
united airlines
Detected impersonation sites
| Host | Title | Detected by | Verdict | Date | |
|---|---|---|---|---|---|
| www.gojersey.cc | USA Jerseys Shop - GoJersey | Page text | {"verdict": "Low Risk", "confidence": 73, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 27, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (www.gojersey.cc)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 40, "total risk": 4, "valid count": 38, "invalid count": 0, "not found count": 2}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 294, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 45, "issues": [], "total redirects": 1, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 1, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (www.gojersey.cc)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-02 | View scan → |
| www.hotsoccergirls.com | Mia Hamm's Journey: Partner, Kids & Wealth Revealed | Page text | {"verdict": "Low Risk", "confidence": 73, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 27, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (www.hotsoccergirls.com)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 1, "total risk": 0, "valid count": 1, "invalid count": 0, "not found count": 0}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 45, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 2, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (www.hotsoccergirls.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-02 | View scan → |
| extreme.pcgameshardware.de | Die Hardware-Community für PC-Spieler - PCGH Extreme | Page text | {"verdict": "Low Risk", "confidence": 73, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 27, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (extreme.pcgameshardware.de)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 14, "total risk": 2, "valid count": 13, "invalid count": 0, "not found count": 1}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 157, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 0, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (extreme.pcgameshardware.de)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-02 | View scan → |
| strettynews.com | Onana Loan Terms Expose United's Transfer Weakness | Page text | {"verdict": "Low Risk", "confidence": 73, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 27, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (strettynews.com)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 11, "total risk": 0, "valid count": 11, "invalid count": 0, "not found count": 0}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 63, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 1, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (strettynews.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| new-tab-page | New Tab | Page text | {"verdict": "Low Risk", "confidence": 70, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 30, "recommendations": ["📋 Website lacks important security headers"], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (new-tab-page)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 50, "issues": [], "positive signals": [], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 3, "total risk": 0, "valid count": 3, "invalid count": 0, "not found count": 0}, "network security": {"score": 60, "issues": ["No security headers detected"], "mixed content": false, "secure requests": 1, "security headers": {"detected": false}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 40, "issues": [], "total redirects": 2, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 2, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["No security headers detected", "⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (new-tab-page)"], "positive": ["Server IPs have valid RPKI ROA coverage", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| theautowire.com | Ford Fired a Worker Over a Cookie He Actually Paid For | Page text | {"verdict": "Low Risk", "confidence": 70, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 30, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (theautowire.com)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 21, "total risk": 0, "valid count": 21, "invalid count": 0, "not found count": 0}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 74, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 15, "issues": ["Excessive redirects (7)", "Excessive cross-domain redirects (5)"], "total redirects": 7, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 5, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["Excessive redirects (7)", "Excessive cross-domain redirects (5)", "⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (theautowire.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| sportscollectorsdigest.com | USA! USA! Celebrating our country’s 250th birthday with 10 patriotic cards that honor America - Sports Collectors Digest | Page text | {"verdict": "Low Risk", "confidence": 71, "risk level": "low", "risk factors": ["Suspicious URL Patterns", "Brand Impersonation (United)"], "overall score": 29, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (sportscollectorsdigest.com)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 50, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": ["Suspicious domain pattern detected"]}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 44, "total risk": 4, "valid count": 42, "invalid count": 0, "not found count": 2}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 108, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 45, "issues": [], "total redirects": 2, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 1, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (sportscollectorsdigest.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| christopherarndtpostcards.com | USA 250 – Christopher Arndt Postcard Co | Page text | {"verdict": "Low Risk", "confidence": 71, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 29, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (christopherarndtpostcards.com)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 13, "total risk": 0, "valid count": 13, "invalid count": 0, "not found count": 0}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 339, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 30, "issues": ["Excessive cross-domain redirects (4)"], "total redirects": 4, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 4, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["Excessive cross-domain redirects (4)", "⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (christopherarndtpostcards.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| westportlibrary.libguides.com | About - Teddy Roosevelt - The Westport Library Resource Guides at The Westport Library | Page text | {"verdict": "Low Risk", "confidence": 73, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 27, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (westportlibrary.libguides.com)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 47, "total risk": 2, "valid count": 46, "invalid count": 0, "not found count": 1}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 84, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 2, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (westportlibrary.libguides.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| mrnussbaum.com | — | Page text | {"verdict": "Low Risk", "confidence": 73, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 27, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (mrnussbaum.com)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 2, "total risk": 0, "valid count": 2, "invalid count": 0, "not found count": 0}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 7, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 1, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (mrnussbaum.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| sportsview.co.uk | Harry Kane and Kylian Mbappe lead European Golden Boot race | Page text | {"verdict": "Low Risk", "confidence": 70, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 30, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (sportsview.co.uk)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 84, "total risk": 18, "valid count": 75, "invalid count": 0, "not found count": 9}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 173, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 15, "issues": ["Excessive redirects (38)", "Excessive cross-domain redirects (31)"], "total redirects": 38, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 31, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["Excessive redirects (38)", "Excessive cross-domain redirects (31)", "⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (sportsview.co.uk)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| upclosed.com | About Brandon Nakashima: American tennis player (2001-) | Biography, Facts, Information, Life, Career, Wiki | Page text | {"verdict": "Low Risk", "confidence": 73, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 27, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (upclosed.com)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 54, "total risk": 0, "valid count": 54, "invalid count": 0, "not found count": 0}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 198, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 0, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (upclosed.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| helpx.adobe.com | Acrobat sign-in errors on Windows | Adobe Acrobat | Page text | {"verdict": "Malicious (Known Kit: Multi-Brand pages.dev Phish Kit — pdf cohort js.js (multibrand-pagesdev-phish))", "confidence": 95, "risk level": "malicious", "risk factors": [], "overall score": 90, "recommendations": ["⚠️ Avoid visiting this website - high security risk detected", "🔒 Use additional security measures if access is necessary", "📋 Website lacks important security headers"], "detailed analysis": {"html forms": {"score": 50, "issues": [], "password fields": 0, "impersonated brand": null, "brand mismatch detected": false, "impersonated brand slug": null, "disguised password fields": 0, "brand impersonation detected": false}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 45, "total risk": 0, "valid count": 45, "invalid count": 0, "not found count": 0}, "network security": {"score": 60, "issues": ["No security headers detected"], "mixed content": false, "secure requests": 1, "security headers": {"detected": false}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 2, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["No security headers detected"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| bitter-rice-5e01.memec712671135.workers.dev | Kitsap Credit Union | Account Access Help | Page text | {"verdict": "High Risk (Possible United Phishing on cloud hosting)", "confidence": 80, "risk level": "high", "risk factors": ["Suspicious URL Patterns", "Brand Impersonation (United)"], "overall score": 60, "recommendations": ["⚠️ Avoid visiting this website - high security risk detected", "🔒 Use additional security measures if access is necessary", "📋 Website lacks important security headers"], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (bitter-rice-5e01.memec712671135.workers.dev)"], "password fields": 1, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 50, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": ["Suspicious domain pattern detected"]}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 1, "total risk": 0, "valid count": 1, "invalid count": 0, "not found count": 0}, "network security": {"score": 60, "issues": ["No security headers detected"], "mixed content": false, "secure requests": 1, "security headers": {"detected": false}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 1, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}, "domain age scoring": {"penalty": 10, "rdap data": null, "has login forms": true, "is hosting subdomain": true}}, "threat categories": ["Credential Phishing"], "security indicators": {"negative": ["United brand impersonation with a credential form on a disposable cloud-hosting/storage subdomain (bitter-rice-5e01.memec712671135.workers.dev) — consistent with credential phishing.", "No security headers detected", "⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (bitter-rice-5e01.memec712671135.workers.dev)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| embassies.info | British Embassy in Kinshasa, Congo (Democratic Republic) | Page text | {"verdict": "Low Risk", "confidence": 73, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 27, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (embassies.info)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 14, "total risk": 0, "valid count": 14, "invalid count": 0, "not found count": 0}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 30, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 1, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (embassies.info)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| dominicanembassy.org.uk | Embassy of the Dominican Republic in UK | Official Website | Page text | {"verdict": "Low Risk", "confidence": 73, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 27, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (dominicanembassy.org.uk)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 8, "total risk": 0, "valid count": 8, "invalid count": 0, "not found count": 0}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 258, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 0, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (dominicanembassy.org.uk)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| www.chsglobe.com | The United States Senate Explained – The Globe | Page text | {"verdict": "Low Risk", "confidence": 73, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 27, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (www.chsglobe.com)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 20, "total risk": 2, "valid count": 19, "invalid count": 0, "not found count": 1}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 133, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 1, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (www.chsglobe.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| www.buick.com | Explore Compact, Small, Mid-Size SUVs and Crossovers | Buick | Page text | {"verdict": "Low Risk", "confidence": 73, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 27, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (www.buick.com)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 53, "total risk": 2, "valid count": 52, "invalid count": 0, "not found count": 1}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 234, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 45, "issues": [], "total redirects": 3, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 1, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (www.buick.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| www.c2es.org | Extreme Heat and Climate Change - Center for Climate and Energy SolutionsCenter for Climate and Energy Solutions | Page text | {"verdict": "Low Risk", "confidence": 73, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 27, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (www.c2es.org)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 23, "total risk": 0, "valid count": 23, "invalid count": 0, "not found count": 0}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 111, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 3, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (www.c2es.org)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| www.afrobasket.com | Philadelphia 76ers Sign 7-Foot German-Togolese Center Ariel Hukporti | Page text | {"verdict": "Low Risk", "confidence": 72, "risk level": "low", "risk factors": ["Suspicious URL Patterns", "Brand Impersonation (United)"], "overall score": 28, "recommendations": [], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (www.afrobasket.com)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 50, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": ["Suspicious domain pattern detected"]}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 23, "total risk": 2, "valid count": 22, "invalid count": 0, "not found count": 1}, "network security": {"score": 65, "issues": [], "mixed content": false, "secure requests": 102, "security headers": {"detected": true}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 0, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (www.afrobasket.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "Good network security practices", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |
| zipcodes-us.com | United States ZIP Codes – ZIP Code Lookup by Address | Page text | {"verdict": "Low Risk", "confidence": 72, "risk level": "low", "risk factors": ["Brand Impersonation (United)"], "overall score": 28, "recommendations": ["📋 Website lacks important security headers"], "detailed analysis": {"html forms": {"score": 10, "issues": ["⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (zipcodes-us.com)"], "password fields": 0, "impersonated brand": "United", "brand mismatch detected": true, "impersonated brand slug": "united", "disguised password fields": 0, "brand impersonation detected": true}, "url analysis": {"score": 65, "issues": [], "positive signals": ["HTTPS encryption used"], "suspicious patterns": []}, "safe browsing": {"score": 100, "issues": [], "threats": [], "positive signals": ["No Google Safe Browsing threats detected"]}, "clone detection": {"score": 100, "issues": [], "warnings": [], "positive signals": ["No visual similarity to known brand sites"]}, "rpki validation": {"total": 12, "total risk": 0, "valid count": 12, "invalid count": 0, "not found count": 0}, "network security": {"score": 60, "issues": ["No security headers detected"], "mixed content": false, "secure requests": 1, "security headers": {"detected": false}, "insecure requests": 0, "certificate issues": []}, "phishing signals": {"score": 100, "issues": [], "details": {"matched brand": null, "signals detected": [], "is legitimate domain": false}, "warnings": []}, "technology risks": {"score": 50, "issues": [], "security technologies": [], "vulnerable technologies": []}, "redirect analysis": {"score": 50, "issues": [], "total redirects": 0, "blob url detected": false, "protocol downgrades": 0, "suspicious patterns": 0, "cross domain redirects": 0, "compromised wordpress detected": false}}, "threat categories": [], "security indicators": {"negative": ["No security headers detected", "⚠️ CRITICAL: Brand impersonation detected - United branding on non-official domain (zipcodes-us.com)"], "positive": ["Server IPs have valid RPKI ROA coverage", "HTTPS encryption used", "No Google Safe Browsing threats detected", "No visual similarity to known brand sites"], "warnings": []}} | 2026-07-01 | View scan → |