Privacy-first tool
Email Link Inspector
Paste a suspicious email and extract the links before you click.
Tool guidance
How to use this tool
The pasted email body stays in your browser. CheckLink receives only URLs you choose to scan.
How to use it
Paste visible email text or HTML into the inspector.
Review the extracted URLs and domains.
Scan only the URLs you choose.
Copy suspicious URLs if you need to report them.
What results mean
Display text can differ from the real href.
Short links and tracking links can hide the final destination.
Only selected URLs are sent to CheckLink's scanner.
What to do next
Use Email Header Inspector if you can access full headers.
Use BEC Request Inspector for payment or vendor-change wording.
Request manual review for login, invoice, payroll, or customer-critical links.
Your pasted email text stays in your browser. CheckLink only receives a URL if you choose to scan it.
Do not paste passwords, recovery codes, payment card numbers, private keys, or sensitive secrets.
Extracted links
Emails can hide risky links behind safe-looking text. Always inspect the actual destination.
No links found yet. Paste an email to extract URLs and href destinations.
Display text can lie
A link can say checklink.ai while the href points somewhere else.
Short links can redirect
Shorteners and tracking URLs can hide the final destination.
Login or sensitive links need caution
Unexpected sign-in, account, or financial links deserve a slower review.
Urgency is a signal
Pressure to act quickly is often social engineering, not proof by itself.