On‑device checks · No URLs uploaded

URL Scam Risk Checker
Spot red flags in one click

Detects common scam traits: disguised domains, Punycode (xn--), mixed scripts, short links, excessive subdomains, non‑standard ports, bait keywords, and messy parameters. We grade Low / Medium / High risk — for guidance only. Always verify through official channels.

Quick actions

I've been scammed

Steps to protect accounts, gather evidence, and report.

Check something

Paste a link to assess risk before you click.

Report a scam

Submit suspicious messages or sites (demo form).

Protect yourself

Learn the simple checks that stop scams.
Five check angles
  • Domain structure & TLD
  • Punycode / mixed scripts
  • Short link / redirects
  • Common phishing keywords
  • Suspicious paths & parameters
Three quick safety habits
Check the domain → Avoid short links → Re‑open from official app/site

Get help if you’ve been scammed

1) Stop and secure

Cease contact. Change passwords. Enable 2‑step verification. Suspend cards if needed.

2) Call your bank

Ask to block transfers and freeze compromised accounts immediately.

3) Report it

File a police report and keep screenshots, URLs, phone numbers, and transaction IDs.

Note: Hotlines differ by country/region. Contact your local anti‑scam or police helpline.

URL Scam Risk Check

Risk level:
    Signals detected
    Subdomain depth
    Path length

    ⚠️ Educational use only. We do not collect URLs. When in doubt, close the tab and access the service from its official app/site.

    Key highlights

    Suspicious domain structure

    Deep subdomains (≥3), many dashes/digits, or unusual TLDs raise caution.

    Punycode / mixed scripts

    xn-- or mixing Latin with Cyrillic/Greek/CJK can imitate brand names.

    Short links & redirects

    bit.ly, t.co, rebrand.ly… conceal the destination. Prefer official links.

    Bait keywords

    login, verify, bonus, invoice, bank… often paired with SMS links.

    Non‑standard ports

    e.g. :8080, :444. Confirm the source when ports look odd.

    Messy parameters

    Long query strings, tokens, or trackers can hide where you’ll land.

    Common examples (demo)

    Suspicious
    Brand‑lookalike / deep subdomains
    https://support.login.appleid.com.example-security-update.com/verify
    Use “Check this URL” to prefill the box.
    Suspicious
    Short link
    https://bit.ly/3XyZkLoginReward
    Shorteners hide the final destination.
    Suspicious
    Punycode / mixed script
    https://xn--ppleid-0ya.com/reset or https://аppleid-secure.com
    Looks like “appleid” but uses different characters/encoding.
    Likely safe
    Official registrable domain
    https://appleid.apple.com/
    Still confirm you arrived here through official navigation.

    Learn: 3‑step recognition

    For example.com, ignore confusing prefixes like login.example.com.security-update.cn. Focus on the last two labels (registrable domain).
    Shorteners can chain multiple redirects. Instead, search and open the official site/app yourself.
    Never share one‑time codes. When unsure, contact the company via its official helpline.

    Report a suspicious message/website (demo)

    Demo only: wire this form to your backend or support mailbox for production.