Phishing detection for the modern web

Classify any URL for deceptive login and credential-harvesting pages. Built for developers, security integrators, and email gateways.

Get API access

Request

curl https://api.grizzlysec.com/scan \
  -H "Authorization: Bearer gk_live_..." \
  -H "Content-Type: application/json" \
  -d '{"url": "https://roblox.com.glogin-secure.example"}'

Response

{
  "scan_id": "a1b2c3d4-...",
  "url": "https://roblox.com.glogin-secure.example",
  "classification": "phish",
  "reasons": [
    "Impersonates a trusted brand",
    "Domain registered 3 days ago"
  ],
  "target_brand": "Roblox",
  "scanned_at": "2026-06-05T15:00:00Z"
}

What you can build

Email security gateways

Score links in inbound mail before they reach a user's inbox.

SOC & threat intel

Triage suspicious URLs at scale and enrich alerts with a verdict and reasons.

Link scanners

Check user-submitted links in chat, comments, or UGC before rendering them.

Account protection

Flag phishing in password-reset and verification flows that target your brand.

How it works

Real-time classification

Pages are evaluated the moment they load, or the moment you submit a URL — no waiting on a crawl.

Brand-aware detection

Grizzly knows what trusted brands look like and flags pages built to impersonate them.

One engine, every surface

The same classification engine powers the API, the web app, and the browser extension.

Available in theChrome Web Store

Also available as a Chrome extension

Grizzly for Chrome catches deceptive login pages and suspicious Gmail links in real time. Free and anonymous.

Start free

The free tier includes 10 scans per day — intended for evaluation and personal use. For higher-volume integrations, get in touch.

Get API access