Email Scam Analyzer
Drop in the sender's address — or paste the raw headers for the full story — and the analyzer does what a careful security person does by hand: checks how old the sending domain is, whether it publishes real SPF / DKIM / DMARC, whether the visible From matches the actual envelope sender, where the mail server lives, and whether any of it shows up on a blocklist. A brand-new domain with no DMARC and a mismatched Return-Path is a scam until proven otherwise.
Registration: RDAP · DNS / SPF / DMARC: Cloudflare DoH · Hosting: ip-api · Blocklists: Spamhaus / Barracuda / SpamCop / SURBL. Only the sending domain and its mail-server IP are sent to those services. Header text you paste is parsed locally and never uploaded. This is a heuristic aid — a clean read is not proof an email is safe.