Features

Technical Capabilities

Built for analysts who need to know exactly why an email was flagged. No black boxes.

Deep Header Forensics

Most tools stop at "SPF Fail". We analyze the entire hop path using Received headers to visualize exactly where an email originated and how it traveled.

    Visual Hop-by-Hop Trace
    Hidden Character Detection in Headers
    Return-Path vs From Alignment Checks
    Time-of-flight Latency Analysis
Hop #3 (Origin)Suspicious IP

IP: 192.168.x.x (Russia)

Delay: 12ms

Auth: NONE

Hop #2 (Relay)Trusted

IP: 10.0.0.1 (Google)

DKIM: PASS

<script>malicious_payload()</script>
DETECTED

Static Script Analysis

We extract and de-obfuscate JavaScript, PowerShell, and Macro code embedded in HTML bodies or attachments without executing them.

    Base64 / Hex Decoding
    Homoglyph Normalization
    HTML Entity Expansion
    Zero-Risk Static Extraction

Link Unfurling

Attackers hide behind bit.ly, t.co, and open redirects. MXLens follows the redirect chain server-side so you don't have to visit the site yourself.

    Follows up to 10 redirects
    Screenshots landing pages
    Checks against Google/PhishTank Safe Browsing
301 Moved
http://bit.ly/suspicious
302 Found
http://redirect-service.com/login
200 OK
http://fake-microsoft-login.phish