HalluSquatting is here, and manual URL checks are not enough
Palo Alto Networks put a name to a threat security teams had been reporting quietly for months. HalluSquatting is the practice of registering domains that AI models tend to hallucinate: package names that do not exist on npm or PyPI, product landing pages that AI assistants confidently invent, support URLs that look plausible but never existed. Registering the domain first turns the hallucination into a working phishing surface.
The seven URL safety checking apps below cover the pieces a defender needs to spot HalluSquatting and adjacent tactics before a click. Reputation lookups. Sandbox visits that render the target page without your browser. Real-time blocking at the browser layer. Every entry is a working desktop tool in 2026, not a promise.
What to look for in a URL safety checking app
Four criteria worth caring about.
- Multiple engines behind the verdict. A single-source blocklist misses too much.
- A sandbox or screenshot mode, so you never have to open the URL yourself to look.
- Free access at a rate the average user actually hits (not 3 lookups per day).
- Browser integration for the moment the URL appears in a chat window or email.
Quick comparison
| App | Best for | Free plan | Delivery |
|---|---|---|---|
| VirusTotal | Multi-engine reputation | 500 lookups/day | Web + API |
| URLVoid | Blocklist aggregation | 1000 lookups/day | Web |
| Bitdefender TrafficLight | Browser-level blocking | Free | Browser extension |
| Google Safe Browsing | Baseline browser protection | Free | Built into Chromium |
| Malwarebytes Browser Guard | Ad and tracker blocking | Free | Browser extension |
| urlscan.io | Sandboxed page rendering | 100 scans/day | Web + API |
| OpenTip by Kaspersky | Threat intel lookups | 200 lookups/day | Web + API |
The apps
1. VirusTotal, the multi-engine reputation baseline
VirusTotal submits a URL against roughly 90 different reputation engines at once, from Google Safe Browsing to Sophos and Emsisoft. The result is a color-coded matrix that shows which engines flag the domain, when it was first seen, and what other files have referenced it.
Where it falls short: the free tier is limited to non-commercial use. Enterprise and API-heavy usage requires a paid plan.
Pricing: free for personal use. VT Enterprise pricing on request.
Platforms: web-first. API accessible from any script or automation.
Download: virustotal.com
Bottom line: the pick as your first-line reputation check for any suspicious URL.
2. URLVoid, the aggregated blocklist check
URLVoid cross-references a URL against about 30 major blocklist and threat intelligence sources. Faster than VirusTotal for a quick verdict, less coverage on obscure engines, and cleaner if you just want a yes-or-no answer.
Where it falls short: does not sandbox or render the page. Verdicts only.
Pricing: free web tier at 1000 lookups per day. Commercial API pricing separate.
Platforms: web-first.
Download: urlvoid.com
Bottom line: the pick when you want a second opinion faster than VirusTotal loads.
3. Bitdefender TrafficLight, live browser blocking
Bitdefender TrafficLight is a browser extension that scores every URL as you load it and blocks phishing and malware domains before the page finishes rendering. It also inspects links inside Gmail, X, and Facebook feeds without a full page navigation.
Where it falls short: Chromium-focused. The Firefox extension has more limited features than the Chrome and Edge versions.
Pricing: free.
Platforms: Chrome, Edge, Firefox extensions.
Download: bitdefender.com
Bottom line: install it on any browser you use for email or messaging. It is a zero-friction daily-driver defense.
4. Google Safe Browsing, the built-in baseline
Google Safe Browsing is the reputation feed already baked into Chrome, Edge, Firefox, and Safari. Every URL the browser is about to load is checked against Google’s rolling blocklist of phishing, malware, and unwanted-software domains.
Where it falls short: Safe Browsing is passive. It blocks what Google’s crawlers have already flagged. Fresh HalluSquat domains slip through until they are indexed.
Pricing: free, built into major browsers.
Platforms: every major browser.
Download: safebrowsing.google.com
Bottom line: confirm the setting is on in Chrome or Edge and treat it as the floor, not the ceiling, of URL safety.
5. Malwarebytes Browser Guard, ad and phishing filter
Malwarebytes Browser Guard blocks phishing pages, malicious ads, tech-support scams, and known trackers at the browser layer. The block rule set overlaps with TrafficLight but leans harder into scam and unwanted-content patterns.
Where it falls short: the block list can flag legitimate ad-supported sites aggressively. A false positive here means a broken page, not a security incident.
Pricing: free.
Platforms: Chrome, Edge, Firefox, Safari extensions.
Download: malwarebytes.com
Bottom line: pair with TrafficLight for defense in depth. They flag slightly different categories.
6. urlscan.io, the sandbox renderer
urlscan.io loads a URL inside a sandboxed headless browser and returns a screenshot, a DOM tree, the network activity, and every third-party resource the page pulls. You never have to visit the URL yourself. HalluSquat domains that appear legitimate at first glance often reveal themselves in the sandbox render.
Where it falls short: the sandbox is public by default, so anything sensitive should use the private scan option (paid).
Pricing: free at 100 scans per day, public. Pro tier at $15 per user per month for private scans.
Platforms: web-first, extensive API.
Download: urlscan.io
Bottom line: the pick when the URL is suspicious enough that you want to see it, but not enough to visit it.
7. OpenTip by Kaspersky, threat intel lookup
OpenTip is Kaspersky’s free threat intelligence portal for URLs, IPs, and hashes. Results include the categorization Kaspersky assigns to the domain, historical WHOIS pivot data, and links to related indicators of compromise.
Where it falls short: Kaspersky’s brand is politically loaded in some jurisdictions. Enterprise use may face restrictions.
Pricing: free at 200 lookups per day. Paid API tiers for higher volume.
Platforms: web-first, API accessible.
Download: opentip.kaspersky.com
Bottom line: the pick when you want a specialist’s perspective on the same URL alongside VirusTotal.
How to pick the right one
If you are picking one only, install Bitdefender TrafficLight in every browser you use for email. It is passive, free, and blocks a real percentage of HalluSquat URLs before the page loads. Add VirusTotal as your first web-lookup reflex when a URL looks off.
If you actually investigate suspicious URLs as part of your work, add urlscan.io to see the page render without visiting it, and add OpenTip as a second-opinion threat intelligence check. URLVoid rounds out reputation coverage.
Google Safe Browsing and Malwarebytes Browser Guard are the browser-layer minimum. They should already be running. If they are not, turn them on before you install anything else.
FAQ
What is HalluSquatting? Registering domains, package names, or product URLs that generative AI models are known to hallucinate. When a user asks an AI assistant for a link and the model invents one, an attacker who registered that hallucinated domain in advance now controls it.
Which URL safety app catches HalluSquat domains fastest? Sandbox tools like urlscan.io and multi-engine tools like VirusTotal typically catch newly registered squatters within 24 to 48 hours. Google Safe Browsing lags, because it relies on crawler-driven detection.
Is a browser extension enough on its own? For most users, yes. Bitdefender TrafficLight or Malwarebytes Browser Guard combined with Google Safe Browsing covers most common phishing surfaces. Add manual checks when a URL comes from an unusual source.
Can I check a URL without visiting it? Yes. urlscan.io renders the URL in a public sandbox and returns a screenshot. VirusTotal and URLVoid do reputation checks without loading the page in your browser.
Are any of these URL safety tools open-source? Bitdefender TrafficLight, Malwarebytes Browser Guard, VirusTotal, urlscan.io, and OpenTip are proprietary. The client-side blocklists in browsers (Safe Browsing) are proprietary as well. Open-source alternatives exist (PhishTank, OpenPhish) but ship as data feeds rather than desktop apps.