What is this Scam URL Analyzer?
This free tool analyzes domain names for scam and phishing indicators. Enter any URL or domain, and it checks for:
- Brand impersonation — using brand names like PayPal, Google, or Amazon in suspicious domains
- Suspicious TLDs — cheap or obscure top-level domains frequently used by scammers (.xyz, .top, .tk, etc.)
- Urgency keywords — “login”, “verify”, “secure”, “update”, “alert”, and similar triggers
- Structural red flags — excessive hyphens, random numbers, multi-level subdomains, IP addresses
The tool gives you a risk score (0-100) and a plain-language explanation of what it found.
How It Works
- Paste a URL or domain name into the input field
- The engine runs 10 different rule-based checks
- Each detected risk factor adds to the score (weighted by severity)
- A risk level is assigned: Low (0-29), Medium (30-59), or High (60-100)
- The analysis summary explains the findings in natural language
Risk Factors Analyzed
| Factor | Weight | What It Checks |
|---|---|---|
| Brand Impersonation | +25 | Known brand names in non-official domains |
| Suspicious TLD | +20 | TLDs commonly abused by scammers |
| Security Keywords | +15 each | login, verify, secure, update, account, etc. |
| Multi-level Subdomain | +20 | Unusual subdomain nesting |
| Long Domain | +10 | Domains longer than 30 characters |
| Multiple Hyphens | +10 | 2+ hyphens in domain name |
| Many Digits | +10 | 5+ digits suggesting randomized names |
| IP Address | +15 | Raw IP instead of a domain name |
| Leetspeak Pattern | +10 | Digit-letter substitution (e.g. g00gle) |
| Special Characters | +10 | Unusual characters in domain |
How to Protect Yourself
The best defense is awareness:
- Check the URL carefully — a single letter difference is a different website
- Never click links in suspicious emails or messages
- Use a password manager — it won’t autofill on fake websites
- Enable 2FA on all important accounts
- When in doubt, type the URL yourself — don’t trust links