Investigating, Reported Emails

Hi everyone,

Phishing is the number one way of getting into a network, stealing credentials etc is through phishing.

Always looking for more tools and resources that I am not aware of in investigsting emails that have been flagged by our email protection because some of them are false positives.
My question is what tools do you use to investigate legitimacy of emails and execute urls to see their behavior?
I use all of these currently:

Malware analysis/ running urls …

a network aware credentials cybersecurity email email protection emails etc false positives flagged network phishing protection question resources stealing tools