/ tools · Phishing Inspector
Phishing Inspector
Paste a link before you click it. The inspector pulls the URL apart, flags the classic phishing tricks — look-alike domains, homograph characters, credential traps, throwaway TLDs — then looks up who registered the domain, how old it is, where it's hosted, and what it resolves to. A brand-new domain pretending to be your bank is the single biggest tell.
Nothing is opened or rendered. The URL string is analysed locally; only the domain is sent to the lookup services below.
?
—
—
Redirect chain · unmasked
URL anatomy
Indicators
Who registered it · RDAP
Where it resolves · DNS + hosting
Reputation · blocklists
Registration data: RDAP (modern WHOIS) · DNS: Cloudflare DoH · Hosting: ip-api. Only the domain and resolved IP are sent to those services. This is a heuristic aid, not a guarantee — a clean result is not proof a site is safe, and a flagged result is not proof of fraud. When in doubt, don't enter credentials.