URL Scanner

static detections only

Paste a suspicious URL. Nehboro loads the target page's HTML and runs pattern-matching detections against it, entirely in your browser. For behavioral / runtime threats, use the browser extension.

🔬 Subset of extension checks ⚡ No signup 🌍 Engine via jsDelivr CDN 🔒 No server, no backend
⚠️
The web scanner only catches static threats
For full protection, install the browser extension — it catches everything this page can't.

Why? This page has no backend. We don't run a sandbox, we don't render the page, we don't execute its scripts. Everything happens inside your browser: we pull the raw HTML through a public CORS proxy and run Nehboro's pattern-matching detections on what we get back. No server means no live analysis.

✓ Web scanner DOES catch
  • ClickFix instruction sequences in HTML
  • Fake Cloudflare / CAPTCHA verification pages
  • PowerShell / LOLBin commands in page source
  • Obfuscation, base64, skimmer patterns in scripts
  • Phishing text, crypto-drainer lures, fake updates
  • Brand impersonation (title, logos, favicon hints)
  • Multilingual scam text (FR, ES, DE, IT, PT)
  • Raw IP hosting, punycode, typosquat domains
✗ Only the extension catches
  • Clipboard hijacks — page silently copies a payload to your clipboard when clicked
  • Print loops — attempts to spam window.print() in the background
  • History loops — traps preventing the back button from working
  • Notification spam — fake system alerts via Notification API
  • Fullscreen abuse — forced fullscreen at load
  • Fingerprinting abuse — canvas/WebGL probing on load
  • Runtime obfuscated loaders — scripts that decode payload after execution
  • Feed matches — extension auto-blocks IOC hits from community feeds
⬇ Install the extension for full protection

Fetched through api.allorigins.win (public CORS proxy). Pattern-matching only — this page cannot observe runtime behavior on the target site.

Loading detection engine from jsDelivr
-
Fetching target URL
-
Running detections
-
🔗 Copy shareable link
VERDICT
-
-
-
Total Score

🔍 Detections fired 0

📄 Page info

Powered by the open-source Nehboro extension. Detection modules loaded at runtime from cdn.jsdelivr.net/gh/Nehboro/nehboro@main/. Page content fetched via api.allorigins.win (no data saved). For full protection with runtime checks, install the browser extension.