TecnoCrypter Logo

Email Analyzer

Detect spoofing and phishing

Analizador de Cabeceras Email
Pega las cabeceras de un email para detectar spoofing, verificar SPF/DKIM/DMARC y rastrear el origen.

Email Analyzer: Detect Phishing from Headers

Email headers reveal the true origin and route of a message. Our analyzer parses SPF, DKIM, DMARC, hop-by-hop delivery, and identifies phishing signals invisible to the untrained eye.

Paste the full raw headers of the email (View Original in Gmail, View Message Source in Outlook) and get a security report: SPF/DKIM/DMARC authentication, IP reputation, spoofing detection, and origin geolocation.

Essential for security teams, journalists, and anyone who wants to verify if a suspicious email is legitimate before clicking or sharing information.

How does it work?

  1. 1
    Extract email headers

    In Gmail: More menu > Show original. In Outlook: File > Properties > Internet headers.

  2. 2
    Paste the complete headers

    Copy the entire header block (from Received: to X-...) into the analysis field.

  3. 3
    Review the results

    You'll see authentication (PASS/FAIL), hop chain, source IPs, and specific phishing warnings.

Frequently Asked Questions

What do SPF, DKIM, and DMARC mean?

SPF verifies the sending IP is authorized for the domain. DKIM verifies the message wasn't tampered with in transit. DMARC combines both and defines what to do if they fail. All three PASS = legitimate email.

Can email headers be forged?

The From: field is trivially forgeable. However, Received: fields are added by the traversing servers and are hard to falsify without controlling those servers. That's why SPF/DKIM/DMARC exist.

Does the analyzer store the analyzed emails?

No. Everything is processed in your browser. Headers never leave your device. You can inspect the network traffic to verify no data is sent.