Free URL Checker
Analyze suspicious links, shortened URLs and potentially dangerous websites before you visit them. Paste any URL — we check it instantly, no registration required.
Examples: a short link from a text message, a delivery notification SMS, or an email asking you to "verify your account"
🔒Privacy details— no data stored, no tracking
Analyzed locally
- ✓Message text
- ✓URL parsing
- ✓Brand detection
- ✓QR image decoding
- ✓Risk scoring
Sent to server
- →Redirect resolution — HEAD request only, page not downloaded
- →Domain age lookup — domain name only, no URL path or message
Never sent
- ✓Message content
- ✓QR image or screenshot
- ✓Email attachments
- ✓Personal information
Paste a suspicious link, message, or QR code to begin analysis.
Try an example:
Your links never leave your browser.
Everything runs locally. We never see what you paste.
Know in seconds whether to trust it.
Results appear immediately — no waiting, no loading screens.
Get answers without creating an account.
No email. No password. No sign-up. Just open and use.
How it works
- 1
Paste the URL
Copy and paste any link, shortened URL, or bare domain name into the input field.
- 2
Instant analysis
We check domain age, brand signals, redirect chains, lookalike characters, and 20+ additional risk factors.
- 3
Get your verdict
Receive a plain-English risk assessment — Low, Medium, High, or Very High — with specific explanations and recommended next steps.
What we analyze
- Brand impersonation and typosquatting
- Lookalike and homoglyph characters
- Newly registered domains
- URL shorteners hiding destinations
- Open redirect exploitation
- Dangerous file download links
- Suspicious domain extensions
- Multi-layer URL encoding and obfuscation
- Subdomain brand impersonation
- IP address-based hosting
- Redirect chain risk scoring
- Domain age verification
Examples
Typosquatting — PayPal
paypa1.com
Replaces the lowercase L with the number 1. Detected as a typosquatting attempt impersonating PayPal.
Brand mismatch — Google
google-login-security.net
Uses Google's name in a non-Google domain. Legitimate Google services only use google.com subdomains.
Delivery scam — Amazon
amazon-delivery-update.com
Impersonates Amazon using a lookalike domain. Commonly used in package delivery phishing scams.
Frequently Asked Questions
What is a URL checker?
A URL checker is a tool that analyzes a web address before you visit it. It inspects the domain name, registration age, redirects, and other signals to determine whether the link is likely safe or suspicious. 2check.click runs all of this analysis in your browser, without sending your URLs to any server.
How do I know if a link is safe?
Paste the link into 2check.click. It checks for brand impersonation (e.g. paypa1.com), lookalike characters, newly registered domains, open redirects, and suspicious domain extensions — all in seconds. If you cannot use a checker, look for mismatched domain names, urgent language, and unfamiliar extensions like .top or .xyz.
What is typosquatting?
Typosquatting is when an attacker registers a domain name that is a slight misspelling of a real brand — for example paypa1.com (with a number 1) or arnazon.com. These domains are designed to catch people who type quickly or do not read links closely. 2check.click detects typosquatting using Damerau-Levenshtein edit-distance analysis against a database of 90+ major brands.
Are shortened URLs dangerous?
Shortened URLs can be dangerous because they hide the final destination. 2check.click resolves shortened links (bit.ly, t.co, tinyurl.com, and 65 others) and analyzes the real destination. If the destination cannot be resolved, we flag it as an unresolvable shortened link.
What should I do if I clicked a suspicious link?
Close the browser tab immediately. Do not enter any information. Change your passwords if you logged in anywhere. Enable two-factor authentication on important accounts. If you entered payment details, contact your bank immediately. You can also run the URL through 2check.click to understand what risk it posed.
What are lookalike characters?
Lookalike characters (also called homoglyphs) are characters from other alphabets that visually resemble standard Latin letters. For example, a Cyrillic 'а' looks identical to a Latin 'a' but leads to a different domain. 2check.click detects 43 visual-confusable mappings to catch these attacks.
Does this work on mobile?
Yes. 2check.click is fully mobile-friendly. On mobile, you can usually long-press a link to copy it without opening it, then paste it into the analyzer.