How Scanning Works
The checks that run behind every scan and the data sources they use.
How Scanning Works
When you submit a URL, Alertoscan runs a multi-stage pipeline. Every stage is independent, so a slow or failing source never blocks the others.
The scan pipeline
- Reachability. Resolve DNS and confirm the site responds, with fallback to public resolvers when needed.
- Page capture. Render the page in a real browser, take a screenshot and capture the DOM, headers and network requests.
- Reputation checks. Query antivirus engines, Google Safe Browsing, Cloudflare phishing detection and community blocklists.
- Regulatory check. Match the domain against warning lists from financial regulators worldwide.
- Infrastructure. Collect WHOIS, SSL certificate, hosting, ASN and the technology stack.
- Scoring & summary. Combine every signal into the Trust Score and generate a plain-language summary.
Data sources
| Category | Source |
|---|---|
| Antivirus | engines via VirusTotal |
| Safe browsing | Google Safe Browsing, Cloudflare |
| Community feeds | MetaMask, ScamSniffer, Phishing.Database, Crypto Scam Intel |
| Regulators | Financial authorities (AMF, FCA, CNMV, CMVM, BCSC, …) |
| Infrastructure | WHOIS / RDAP, SSL, IP geolocation, ASN |
Why results can change
A domain's score is a snapshot. Sites get re-listed, certificates expire and new warnings get published. Alertoscan refreshes data on a 10-day cycle and on demand, so a domain that was clean last month may be flagged today.