Paste a suspicious URL or email headers for instant analysis. 7+ security checks, zero sign-up, completely free.
Check if your email has been exposed in data breaches. Powered by Have I Been Pwned.
Scan 8 data broker sites for your personal info. Get step-by-step opt-out instructions for each listing found.
Comprehensive phishing detection in seconds
Enter a suspicious URL or email header details. Nothing is sent from your device to the target.
Our servers run 7+ checks: DNS, TLS certificates, content scanning, domain age, threat intel, and more.
See a clear 0-100 risk score with a detailed breakdown of every signal we found.
Every scan runs these security checks automatically
Scheme, domain, path, params. Flags suspicious TLDs, IP addresses, and homograph attacks.
Resolves A/AAAA records, identifies hosting providers, checks reverse DNS.
Validates certificates. Flags expired, self-signed, and mismatched certs.
Follows redirect chains, audits 7 security headers, captures status codes.
Regex scan for password fields, external forms, executable links, obfuscated JS, urgency language.
RDAP lookup for registrar, creation date, and domain age. New domains are high risk.
Cross-references VirusTotal and Google Safe Browsing databases.
SPF, DMARC, and MX record validation. Header consistency and spoofing detection.
Checks emails against Have I Been Pwned for data breaches and paste exposures. See exactly what was leaked.
Scans 8 data broker sites for your personal info. Step-by-step removal instructions with direct opt-out links.