HTTP Headers & Redirects
Paste a URL to see the full redirect chain, the request + response headers at every hop, and a per-hop timing breakdown.
Redirects, CORS, caching, security headers — the stuff that breaks silently.
Every HTTP request and response carries headers — metadata about caching (Cache-Control, ETag), content (Content-Type), security (Strict-Transport-Security, Content-Security-Policy), CORS (Access-Control-Allow-Origin), and more. A lot of "why is this broken?" debugging comes down to reading them.
This tool follows the full redirect chain — each 301/302 hop with its Location — and shows the request + response headers and a per-hop timing breakdown (DNS, connect, TLS, time-to-first-byte). It runs server-side and re-checks every hop's address, refusing any that resolve to a private or reserved range, so it can't be turned into a probe for internal services.