Phishing URL Checker - Is This Link Safe?

Instantly check any URL or domain against real-world threat intelligence databases. Get a trust score, redirect chain analysis, and phishing verdict - no signup required.
Querying threat databases...
Trust Score
-
out of 100
Threat Databases
OpenPhish -
Abuse.ch URLhaus -
Google Safe Browsing -
Domain Age -
Heuristic Signals
Note: A clean result means no known threat was found at the time of checking. New phishing pages appear constantly - when in doubt, do not visit.
Powered by OpenPhish · Google Safe Browsing · Abuse.ch URLhaus · RDAP domain age · redirect chain analysis

How to Use the Phishing Link Checker

1
Paste any URL (e.g. https://suspicious-site.com/login) or just a domain - accepted with or without https://
2
Click Check URL or press Enter - the check runs entirely server-side so your browser never contacts the suspicious URL directly
3
Review the trust score, threat database results, redirect chain, and heuristic signal breakdown to understand the full risk picture

Understanding Your Results

Overall verdict

No threats detected - not found in any database, heuristic analysis clear
Suspicious - no database listings but risk signals detected; verify before visiting
Threat detected - listed in one or more threat databases; do not visit

Trust score (0-100)

A composite score combining database listings, redirect chain findings, and heuristic signals.

Dangerous
0-49
Suspicious
50-74
Safe
75-100

Threat intelligence databases

Google Safe Browsing
Google's threat intelligence API scanning billions of URLs daily. The most authoritative real-time phishing and malware detection service available.
OpenPhish
Community-driven phishing URL feed updated every 12 hours. Free, no API key required — cached locally so checks are instant.
Abuse.ch URLhaus
Community-driven DNS blocklist tracking malware distribution domains. Combined with RDAP domain age analysis to catch newly registered phishing domains.
RDAP Domain Age
Queries IANA RDAP to find when a domain was registered. Domains under 30 days old are flagged high risk — newly registered domains are the #1 phishing indicator.

Redirect chain analysis

Unlike browser-based tools, this checker follows the full redirect chain server-side - up to 10 hops. This is critical for URL shorteners like bit.ly which hide the real destination. The final destination domain is independently checked against all threat databases.

Heuristic signals

Signal What it checks Why it matters
HTTPSWhether the URL uses HTTPS or plain HTTPHTTP-only connections are a baseline risk flag for any site handling data
TLD riskTop-level domain reputation (.xyz, .top, .tk...)These TLDs are heavily over-represented in phishing campaigns
ShortenerKnown URL shortener services (bit.ly, tinyurl...)Shorteners hide the real destination and prevent pre-click inspection
Non-ASCII charsUnicode / international characters in the domainUsed in homograph attacks to visually mimic legitimate domains
IP hostnameWhether the host is a raw IP addressLegitimate sites use domain names, not raw IPs
Subdomain depthNumber of subdomain levelsDeep nesting mimics trusted brands (paypal.com.malicious.xyz)

What Is a Phishing URL?

A phishing URL is a malicious web address designed to look legitimate and trick users into entering credentials, financial details, or personal information. They arrive most commonly via email, SMS, or social media - often mimicking trusted brands like PayPal, Microsoft, or your bank.

Common phishing link tactics

Lookalike domains (paypa1.com) URL shorteners HTTP without HTTPS Misleading subdomains Homograph attacks Risky TLDs (.xyz, .tk)
secure.paypal.login.malicious.com - the real domain is malicious.com, not paypal.com
What is URL phishing? Full guide

Why You Should Check Links Before Clicking

1M+
Phishing attacks in 2022 - up 61% year-over-year
<60s
Median time for users to fall for a phishing email
#1
Email is the top delivery method for malicious links

A single click can lead to credential theft, malware installation, or financial loss. This tool runs all checks server-side - your browser never contacts the suspicious URL directly.

→ Already clicked? What to do if you clicked a phishing link

Frequently Asked Questions

Paste the full URL or domain into the checker above and click Check URL. The tool queries two independent threat databases and runs structural heuristic checks. You’ll get a trust score, database results, and a full signal breakdown — no signup required.
Spamhaus DBL is one of the most authoritative domain block lists in the world, used by major ISPs and enterprises. A listing means the domain has been identified as associated with spam, phishing, or malware. Treat any listed domain as a confirmed threat and do not visit it.
No. A clean result means no known threat was found at the time of checking. New phishing pages are created constantly. Use this tool as a first line of defense, not the only one.
Key warning signs include HTTP without HTTPS, a risky TLD (.xyz, .tk, .gq), a newly registered domain, deep subdomain nesting, non-ASCII characters, and URL shorteners. Also see: How to check if a link is safe.
Act quickly: disconnect from the internet, run a malware scan, change passwords, and monitor for unusual activity. If you entered payment details, contact your bank. Read the full guide →
Google Safe Browsing flags pages when you try to visit them. This tool lets you check a link before clicking — without risking a redirect. It combines two independent threat feeds with heuristic analysis for a more detailed breakdown.

Try More Email Authentication Tools

Strengthen your domain security with our free lookup tools:

Follow a manual added link

dmarc record checker icon powerdmarc

SPF
Generator

Follow a manual added link

spf record lookup icon powerdmarc

SPF Record
Checker

Follow a manual added link

dkim record lookup icon powerdmarc

DKIM
Checker

Follow a manual added link

bimi record generator icon powerdmarc

BIMI
Checker

Follow a manual added link

dmarc record generator icon powerdmarc

DMARC
Checker

Protect Your Organization from Phishing at the Source


PowerDMARC’s email authentication platform prevents attackers from spoofing your domain to send phishing emails to your customers and partners.


Book a demo Start 15-day trial