diff --git a/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.spec.ts b/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.spec.ts
index 34a8160da8f..6d72b49fbd3 100644
--- a/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.spec.ts
+++ b/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.spec.ts
@@ -79,18 +79,36 @@ describe("PhishingDataService", () => {
   });
 
   describe("isPhishingWebAddress", () => {
-    it("should detect a phishing web address", async () => {
-      // Mock loadAllUrls to return entries with phishing URLs
-      mockIndexedDbService.loadAllUrls.mockResolvedValue(["http://phish.com", "http://badguy.net"]);
+    it("should detect a phishing web address using quick hasUrl lookup", async () => {
+      // Mock hasUrl to return true for direct hostname match
+      mockIndexedDbService.hasUrl.mockResolvedValue(true);
 
       const url = new URL("http://phish.com");
       const result = await service.isPhishingWebAddress(url);
 
       expect(result).toBe(true);
+      expect(mockIndexedDbService.hasUrl).toHaveBeenCalledWith("phish.com");
+      // Should not fall back to custom matcher when hasUrl returns true
+      expect(mockIndexedDbService.loadAllUrls).not.toHaveBeenCalled();
+    });
+
+    it("should fall back to custom matcher when hasUrl returns false", async () => {
+      // Mock hasUrl to return false (no direct hostname match)
+      mockIndexedDbService.hasUrl.mockResolvedValue(false);
+      // Mock loadAllUrls to return phishing URLs for custom matcher
+      mockIndexedDbService.loadAllUrls.mockResolvedValue(["http://phish.com/path"]);
+
+      const url = new URL("http://phish.com/path");
+      const result = await service.isPhishingWebAddress(url);
+
+      expect(result).toBe(true);
+      expect(mockIndexedDbService.hasUrl).toHaveBeenCalledWith("phish.com");
       expect(mockIndexedDbService.loadAllUrls).toHaveBeenCalled();
     });
 
     it("should not detect a safe web address", async () => {
+      // Mock hasUrl to return false
+      mockIndexedDbService.hasUrl.mockResolvedValue(false);
       // Mock loadAllUrls to return phishing URLs that don't match
       mockIndexedDbService.loadAllUrls.mockResolvedValue(["http://phish.com", "http://badguy.net"]);
 
@@ -98,27 +116,38 @@ describe("PhishingDataService", () => {
       const result = await service.isPhishingWebAddress(url);
 
       expect(result).toBe(false);
+      expect(mockIndexedDbService.hasUrl).toHaveBeenCalledWith("safe.com");
       expect(mockIndexedDbService.loadAllUrls).toHaveBeenCalled();
     });
 
-    it("should match against root web address with subpaths", async () => {
-      // Mock loadAllUrls to return entry that matches
+    it("should match against root web address with subpaths using custom matcher", async () => {
+      // Mock hasUrl to return false (no direct hostname match)
+      mockIndexedDbService.hasUrl.mockResolvedValue(false);
+      // Mock loadAllUrls to return entry that matches with subpath
       mockIndexedDbService.loadAllUrls.mockResolvedValue(["http://phish.com/login"]);
 
       const url = new URL("http://phish.com/login/page");
       const result = await service.isPhishingWebAddress(url);
 
       expect(result).toBe(true);
+      expect(mockIndexedDbService.hasUrl).toHaveBeenCalledWith("phish.com");
       expect(mockIndexedDbService.loadAllUrls).toHaveBeenCalled();
     });
 
     it("should handle IndexedDB errors gracefully", async () => {
+      // Mock hasUrl to throw error
+      mockIndexedDbService.hasUrl.mockRejectedValue(new Error("hasUrl error"));
+      // Mock loadAllUrls to also throw error
       mockIndexedDbService.loadAllUrls.mockRejectedValue(new Error("IndexedDB error"));
 
       const url = new URL("http://phish.com/about");
       const result = await service.isPhishingWebAddress(url);
 
       expect(result).toBe(false);
+      expect(logService.error).toHaveBeenCalledWith(
+        "[PhishingDataService] IndexedDB lookup via hasUrl failed",
+        expect.any(Error),
+      );
       expect(logService.error).toHaveBeenCalledWith(
         "[PhishingDataService] Error running custom matcher",
         expect.any(Error),
diff --git a/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts b/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts
index 1ba0cc417f0..795d9113c87 100644
--- a/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts
+++ b/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts
@@ -162,7 +162,10 @@ export class PhishingDataService {
 
     // Quick lookup: check direct presence of hostname in IndexedDB
     try {
-      return await this.indexedDbService.hasUrl(url.hostname);
+      const hasUrl = await this.indexedDbService.hasUrl(url.hostname);
+      if (hasUrl) {
+        return true;
+      }
     } catch (err) {
       this.logService.error("[PhishingDataService] IndexedDB lookup via hasUrl failed", err);
     }