Investigate suspicious IPs and emails without sharing data you didn't choose to. GeoIP runs locally in your browser. External lookups — abuse contacts via RDAP, and company and hostname via IPinfo — are opt-in, clearly labelled, and off by default.
Analysing a suspicious email? Use Email Analyser for full header analysis
GeoIP runs locally — nothing leaves your browser. External lookups (abuse contacts, hostname, company) are opt-in, clearly labelled, and off by default.
MaxMind GeoLite2 databases load once and cache locally. Every lookup resolves in milliseconds.
Every tool generates a formatted ticket note. Copy and paste directly into your PSA.
Everything you need for IP-based threat investigation and helpdesk diagnostics.
Country, ASN, org, and risk flags from local GeoIP databases. Opt-in external lookups for abuse contacts (ARIN/RDAP), company, hostname, and location (IPinfo).
Paste raw email headers for SPF, DKIM, DMARC analysis, phishing signals, routing hops, and originating IP investigation.
Full mail DNS audit for any domain — SPF, DMARC, DKIM, MX, reverse DNS, and blacklist checks in one view.