/*
 * marketing.css has been unlinked.
 * Reload to restore the ✨ vibes ✨.
 * Or just read the actual product description below.
 */
We find websites
pretending to be you.before they cause damage
1// What actually happens:
2scan() — Google SERPs + CT logs, every 30 min
3compare() — 14 dimensions against your baseline
4verify() — LLM looks at screenshots, not just HTML
5alert() — Slack, email, webhook. Your call
6return "that's it"
Open dashboard No "book a demo." It's a dashboard.
Scan frequency
Every 30 min
Dimensions
14+
Verification
LLM + vision
Monitoring
24/7
Alerts
Slack, email, webhook

Clones detected
before they cause damage

Find and stop clone sites impersonating your brand. unclone.io continuously scans search engines and certificate logs, compares every candidate against your official pages across 14+ dimensions, and verifies threats with AI vision — so you catch phishing sites before your customers do.

Open dashboard → How it works
14+
comparison dimensions per detection
AI-verified
LLM + vision screenshot analysis
24/7
continuous search + cert monitoring
pipeline
09:30:00 SEARCH 18 queries executed · 42 SERP results · LLM triaging
09:30:14 LLM Triage complete · 5 candidates, 37 discarded
09:30:15 ENRICH DNS + TLS + Playwright render · acme-secure-login.com
09:30:22 COMPARE Baseline match · clone score: 0.87 · text 0.91, forms 0.85, images 0.72
09:30:28 VERIFY LLM vision analysis · verdict: ACTIONABLE · confidence 0.94
09:30:29 CAMPAIGN Campaign #48 created · severity CRITICAL · login flow detected
09:30:29 ALERT Slack + Email → #brand-security
09:40:01 CERT CT log poll · 3 new certs matched · queued for enrichment
10:00:00 SEARCH Monitoring
SEARCH MONITOR EVERY 30M
CERT STREAM EVERY 10M
BASELINES 4 ACTIVE
LAST CAMPAIGN 29s AGO
// That's real pipeline output, not a mockup. Log in to see your own.
01 — How it works

Discover. Verify. Enforce.

01
Discover
AI-planned queries scan search engines every 30 minutes. Certificate transparency logs are polled for lookalike domains. Every candidate is enriched with DNS, TLS, and a full browser render.
02
Verify
Each candidate is compared against your official pages across 14+ dimensions. An LLM analyzes screenshots of the suspicious site alongside yours and returns a verdict with evidence.
03
Enforce
Verified threats are clustered into enforcement campaigns with severity, recommended reporting routes, and full evidence packages ready for registrar takedowns or legal action.
02 — Detection pipeline

What runs under the hood

01

AI-Planned Search Discovery

Every 30 minutes, LLM-planned queries search Google for brand impersonation. An AI triages each result before ingestion — discarding forums, reviews, and editorial content, keeping only real threats.

SERP acme-login-help.com CANDIDATE
SERP acme-billing-support.net HIGH PRIORITY
SERP reddit.com/r/acme/support DISCARDED
02

Certificate Transparency

Monitors CT logs for lookalike domains registering SSL certificates. When a suspicious cert appears, the domain is queued for full enrichment and baseline comparison.

acme-secure-login.com MATCHED
acme-support-portal.net QUEUED
acmedocs.io BENIGN
03

Baseline Fingerprinting

Captures your official pages and extracts 14+ features: text, forms, images, DOM structure, CSS, scripts, favicons. Every candidate is scored against this baseline.

Text
0.92
Forms
0.88
Images
0.71
DOM
0.65
CSS
0.45
04

LLM Verification with Vision

An AI analyzes screenshots of suspicious sites alongside your official pages. Returns a verdict, confidence score, reasoning, and supporting evidence. Catches what rules miss.

LLM Verification ACTIONABLE
Login form matches official page structure. Favicon is identical (SHA256 match). Support phone number differs from official. Likely credential phishing.
Confidence: 0.94 · Evidence: login_flow, favicon_match, text_overlap_0.91
05

Detection to Resolution

Verified threats are clustered into enforcement campaigns with severity, evidence, and recommended reporting routes. Each campaign packages everything you need for registrar takedowns, abuse reports, or legal action.

acme-secure-login.com CRITICAL REGISTRAR ABUSE
acme-billing-support.net HIGH HOST ABUSE
acme-reset-pw.io REVIEW MONITORING
06

Multi-Channel Alerts

Severity-based routing ensures only real threats trigger notifications. Actionable and review threats are routed by severity — critical campaigns alert immediately.

Slack
Email
Webhook
From baseline to takedown in one tool
Set up your brand, let the pipeline run. Campaigns arrive ready for enforcement.
Open dashboard →