URL Inspector & Parser

Parse any URL into its components, URL-decode every query parameter, and flag open-redirect / SSRF candidate params and embedded credentials. For authorized security testing.

X LinkedIn Reddit

URL to inspect

Parses entirely in your browser via the standard URL API. For use only against systems you are authorized to test.

Components

Protocolhttps

Hostapp.example.com

Port8443

Path/auth/callback

Query?next=https%3A%2F%2Fevil.test%2Fphish&id=42

Fragmentsection

Query parameters (2)

1 flagged

https://evil.test/phish

redirect/SSRF-prone name value is a URL

Flags are heuristic hints for manual review — verify candidates only on authorized targets.

Related Tools

HTTP Request Parser

Parse raw HTTP requests and auto-extract security details.

Encoder / Decoder

Encode and decode with 11 formats plus auto-detect magic mode.

HTTP Header Analyzer

Analyze HTTP headers for security issues with A+ to F grading.

DNS Record Lookup

Query DNS records with security insights for SPF/DMARC/DKIM.

$loading...