Paste the “View Original” or “Show Original” output of an email. The decoder parses it entirely in your browser — nothing is sent anywhere — and shows you the three header lines that matter, plus whether SPF, DKIM, and DMARC passed.
Your email headers never leave your browser. Parsing happens entirely on this page. No network requests, no logging, no server-side processing.
What this tool does NOT do
- No DNS lookups — we don’t verify SPF records against live DNS
- No URL fetching — we don’t visit any links from the pasted headers
- No pass/fail verdict — we show what the header says, plain-English; you make the call
- No data leaves your browser — paste sensitive headers without worry
Learn the framework this tool supports — Phishing Forensics → Module 3: Reveal & Authenticate.