QRix
Read a QR from any image — and see exactly where it leads, with a safety check, before you open it.
QR phishing (‘quishing’) works because you can't see a link before you scan. This tool fixes that: upload a photo or screenshot, and it decodes the QR AND shows the real destination domain up front — flagging risky signals like shortened/redirect links, raw IP addresses, look-alike (punycode) domains, brand impersonation and insecure http. It also reads WiFi, contact, payment and event codes. Everything runs privately in your browser; the image never leaves your device.
Quishing is QR-code phishing — a scam QR (often a sticker placed over a real one) sends you to a fake site to steal your details. Because you can't read a QR with your eyes, you find out only after scanning. This tool shows you the real destination first.
We check the decoded link for common scam signals: shortened/redirect links that hide the destination, raw IP addresses, look-alike (punycode) domains, embedded login details, insecure http and brand-impersonation patterns. It's a strong first line of defence, not a guarantee.
No — decoding and the safety check both run in your browser. Your image never leaves your device.
It's free, private and works right in your browser — no signup, no watermark.