Free, browser-based utilities for everyday developer workflows

Phishing Link & Email Inspector

Security Tools

Check suspicious links, domains, email senders, raw email headers, and hidden Unicode characters locally in your browser, with trusted-domain comparison.

  • Paste a suspicious link, sender, domain, raw header, or copied message text.
  • The tool automatically detects the input type and runs local checks.
  • No URL is fetched, opened, or rendered as a clickable result.
Runs locally

Inspect suspicious content

Runs in your browser. Your pasted content is not sent to a server.

Not sure? Just paste it above. We will detect it automatically.

Safe example gallery

How to use the Phishing Link & Email Inspector

Paste a suspicious link, sender, domain, raw email header, or copied message text and review the warning signs locally in your browser. The inspector checks the visible URL or sender text, looks for hidden Unicode tricks, compares domains, and highlights mismatches that often show up in spoofing attempts.

What it does

  • Checks URLs for credentials in the link, misleading subdomains, and suspicious percent encoding.
  • Flags Unicode issues such as zero-width characters, bidi controls, mixed scripts, and normalization changes.
  • Reviews sender names, From / Reply-To / Return-Path headers, and common brand impersonation patterns.
  • Shows Punycode and IDN details so you can compare the visible hostname with the ASCII hostname.
  • Keeps the entire analysis local, with no URL fetches and no third-party API calls.

When to use it

  • Before clicking a link in an unexpected email or chat message.
  • When a sender name looks right but the domain feels off.
  • When copied text contains invisible characters or look-alike letters.
  • When you want to compare a suspicious message against a trusted domain you already know.
  • When a raw header paste needs a quick spoofing review before escalation.

How to use it

  1. Paste the suspicious content into the large text box.
  2. Optionally enter a trusted domain for comparison.
  3. Click Analyze locally and review the summary first.
  4. Expand the technical panels only if you need the evidence.
  5. Copy the Markdown or JSON report if you need to share the findings.

FAQ

  • Does this tool fetch suspicious links? No. All analysis runs locally in your browser and the tool does not open or fetch pasted URLs.
  • Can I paste raw email headers? Yes. Paste raw headers and the inspector checks From, Reply-To, Return-Path, Authentication-Results, and related spoofing indicators locally.
  • Does the inspector send my input to a server? No. Everything stays in your browser. Nothing you paste is sent to a server or third-party API.
  • What kinds of spoofing does it look for? It looks for invisible characters, bidi controls, mixed scripts, confusable domains, Punycode hostnames, misleading subdomains, credential-in-URL tricks, and sender mismatches.
  • Can it compare a suspicious value against a trusted domain? Yes. You can enter an optional trusted domain so the inspector can compare the pasted content against a known-good brand or host locally.

Related guides