Abstract: Methods and systems for annotating and assessing content, including QR codes, using a web page investigator to avoid dangerous scans of such content are described herein. A security module executing on a client device may receive a request for web content. A computer vision model may then scan the requested web content to identify and annotate graphical features on the webpage prior to rendering the web content on a display of the client device. The computer vision model may identify a QR code and transmit information encoded within the QR code to a server executing a phishing and content protection (PCP) engine for analysis. When the identified QR code is indicated to be malicious, the client device may render a modified version of the requested web content to discourage the user from scanning the identified QR code.