Skip to content

Feature

Evidence Packs

Every alert includes complete, timestamped evidence — ready for registrar takedown requests, compliance audits, and legal review.

Full-page screenshot

Visual capture of the suspected page at the time of detection, timestamped and stored securely.

WHOIS / RDAP data

Registrar, creation date, nameservers, and registrant information where available.

DNS records

A, AAAA, MX, TXT, and NS records for the suspect domain.

HTTP headers & redirects

Full response headers, redirect chain, and final destination URL.

Certificate chain

SSL/TLS certificate details including issuer, validity, and Subject Alternative Names.

AI verdict & reasoning

Explainable risk assessment with specific indicators that triggered the alert.

Why evidence matters

For registrar takedowns

Registrars and hosting providers require specific evidence to act on abuse reports. A screenshot alone is not enough — they need WHOIS proof that the domain is not yours, evidence of malicious content, and clear documentation of the threat.

For compliance audits

NIS2, ISO 27001, and cyber-insurance questionnaires increasingly require documented incident response. Evidence packs provide a timestamped audit trail showing you detected and responded to brand threats.

For legal review

If a threat escalates to legal action, you need contemporaneous evidence. Our evidence packs capture the threat at the moment of detection — before attackers can modify or remove content.

Get the evidence on threats targeting you

Run a free brand check, then verify your domain to access full evidence packs for any threats we detect.