Paste an email's raw headers to reveal the exact route it travelled, how long each hop took, and whether it passed the three authentication checks that expose spoofing: SPF, DKIM, and DMARC. It's the fastest way to answer “is this email real or fake?” — and every header is parsed in your browser, never uploaded.
How to get an email's raw headers
- Gmail: open the email → ⋮ menu → Show original → copy everything.
- Outlook: open the email → File → Properties → copy the Internet headers box.
- Apple Mail: View → Message → Raw Source.
Frequently asked questions
What do SPF, DKIM, and DMARC mean?
SPF checks the sending server is allowed to send for that domain. DKIM verifies the message wasn't tampered with using a cryptographic signature. DMARC ties the two together and tells receivers what to do if they fail — a DMARC pass is the strongest sign an email is genuine.
Is my email data private?
Yes. The headers are parsed entirely in your browser with JavaScript. Nothing you paste is transmitted, logged, or stored.
The email failed the checks — is it definitely a scam?
Not always — misconfigured mailing lists and forwarded mail can fail legitimately. But a failed DMARC on a message claiming to be from a bank, delivery service, or well-known brand is a strong red flag. Don't click links or download attachments.


