Free, browser-based utilities for everyday developer workflows

Inspect phishing links and email headers

Check suspicious links, sender lines, raw email headers, and hidden Unicode clues locally before you trust a message.

Open the phishing inspector

Paste the suspicious content into the tool and review the evidence locally in your browser.

Open Phishing Link & Email Inspector →

The problem

Phishing messages often hide their intent in Unicode tricks, misleading subdomains, display-name spoofing, or header mismatches. A local, explainable review helps you spot those indicators without sending the message anywhere.

Sample input

Suspicious sender
PayPal Support <service@example.example>

Expected output

Risk summary
Strong spoofing indicators were found.
Review the sender domain, display name, and header alignment before you trust the message.

How to do it

  1. Paste the suspicious link, sender, domain, or email header.
  2. Run the analysis in your browser.
  3. Review the risk summary and supporting indicators.
  4. Copy a Markdown or JSON report if needed.

Common mistakes

  • Trusting a display name without checking the actual domain.
  • Missing invisible Unicode characters copied from an email client.
  • Clicking the link before inspecting it.
  • Assuming a message is safe because it looks polished.

Related tools

FAQ

Does this check run locally?

Yes. The phishing inspector runs in your browser and does not upload the pasted content.

What should I paste here?

Paste a suspicious link, sender line, domain, raw email headers, or copied text.

Will it fetch the link?

No. The analyzer does not open or fetch suspicious URLs.

This guide uses browser-local tooling. Avoid pasting production secrets unless you understand what the tool displays and shares.

Explore related tools

Continue with adjacent browser-based tools for the same workflow.

View security tools →

Phishing inspection: quick answer

Use this when a link, sender line, or raw header looks off. Paste the message artifact into the phishing inspector, review the local findings, then copy only the safe summary or evidence into your ticket or chat thread.

What to verify

Check for hidden Unicode, mismatched reply paths, misleading subdomains, punycode hostnames, credential-in-URL tricks, and brand impersonation. If you need to share the result, redact private data first and keep the message text out of URLs.

Recommended next steps