Learn

How the web and OSINT actually work, in plain English. Interactive tours you can run on your own connection, plus short guides. Educational, not legal advice.

Interactive

🛰️

How This Page Reached You Live

A live tour of the journey from a domain name to your screen: DNS, TCP, the TLS handshake, the server round-trip, and the render, in real milliseconds. Hover any step to learn what it means.

Guides & Articles

🔭

Reading a Scan Report

Paste one identifier, get one verdict card. What the Scan report checks across phone, email, domain, IP, and username, and how to read it.

✅

Vetting a Remote Candidate

A five-minute, public-signals-only workflow: phone line type, email and domain risk, username footprint, and the follow-up questions that matter.

🔎

What Is OSINT?

Open-source intelligence in plain English: what counts as a public source, common uses, and the line between OSINT and hacking.

🕵️

Signs of a Fake Candidate Identity

The signals worth a second look when screening remote candidates, each framed as a flag to verify rather than proof.

🪪

Reading a Username's Footprint

What it means when a handle does, or does not, have public profiles across platforms, and how to read that signal without over-reading it.

📞

VoIP and Fraud Signals

Why a VoIP line type matters when screening a phone number, what it does and does not tell you, and how it shows up in candidate-fraud cases.

🔁

How Phone Number Porting Works

Numbers can move carriers and even become VoIP, so the current line type tells you far more than the area code.

🏠

What Is a Residential Proxy?

How residential proxies disguise traffic as an ordinary home user, why fraudsters use them, and what an IP address really tells you.

📡

What an IP Reputation Check Tells You

Blocklists, Tor lists, and ASN data explained: what an address reveals, why datacenter is context not a verdict, and the line between a signal and proof.

🗂️

What Hidden Metadata Reveals in Photos and Documents

The GPS, device, author, and timestamps buried inside photos and PDFs, why it is a lead and a privacy leak at once, and how to read or remove it.

🧬

How to Spot a Reused or Stolen Profile Photo

Reverse image search, perceptual-hash comparison, AI-face tells, and metadata: how to check whether a profile photo is reused, stolen, or generated, and the limits of each.

🌐

What Is DNS, and Why Does It Matter?

The internet's phone book, the records that matter, and why a quick lookup helps you spot a fake company or a shady email.

📧

How to Read an Email Header

Trace where a message really came from, read its SPF/DKIM/DMARC results, and spot the tells of a phishing or spoofed email.

🔤

Homograph Attacks: The Lookalike-Domain Trick

How a Cyrillic letter can disguise a fake domain as a real brand, what punycode is, and how to catch the swap.

🔑

What Is a JWT, and What's Inside One?

The three parts of a JSON Web Token, why the payload is readable but not secret, and what the signature really proves.

These materials are educational and explain publicly documented concepts. They are not legal advice. Where a claim could be read as insider knowledge, we point to the public source.