Paste raw email headers to reveal the full routing path, detect spoofing & phishing, validate SPF/DKIM/DMARC, and see hop-by-hop delivery timing. Works on Gmail, Outlook, Yahoo — any email.
Gmail: Open email → three-dot menu (⋮) → "Show original" → Copy headers
Outlook: Open email → File → Properties → "Internet headers"
Apple Mail: Open email → View → Message → Raw Source
SPF verifies the sending server is authorized. DKIM cryptographically signs the email content. DMARC enforces what happens when SPF/DKIM fail — all three passing is the gold standard for legitimate email.
Email Header X-Ray is a professional email forensics tool that decodes the full routing history and authentication chain of any email message. Email headers contain a wealth of information that most email clients hide from view — original sender IP addresses, the servers an email passed through, authentication results, and timestamps that can expose sender identity even when display names are forged.
The tool verifies SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC records — the three email authentication standards that together prevent email spoofing. A message that fails all three checks is highly likely to be a phishing attempt or spam. The tool explains each authentication result in plain English, not just pass/fail.
Sender IP analysis cross-references the originating IP address against geolocation databases and abuse reputation scores, revealing whether the email was sent from the claimed country, a known malicious IP, or a suspicious hosting provider. Timezone fingerprinting analyzes the Date header timezone against the claimed sender location as an additional consistency check.