Query a URL over HTTP and inspect response status, headers, redirects, and timing signals for diagnostics and crawl debugging.
HTTP Lookup fetches the full HTTP response from a URL and surfaces the status code, response headers, redirect chain, server information, and timing data — all without opening a browser. It is a diagnostic tool for developers, sysadmins, and SEO engineers who need to inspect how a server responds to raw HTTP requests.
Unlike a browser request that executes JavaScript, follows redirects silently, and modifies headers, HTTP Lookup shows the raw server response at each step — useful for debugging redirect loops, verifying headers, confirming cache behaviour, and testing CDN configuration.
| Code Range | Category | Common Codes |
|---|---|---|
| 1xx | Informational | 101 Switching Protocols |
| 2xx | Success | 200 OK, 201 Created, 204 No Content |
| 3xx | Redirection | 301 Moved Permanently, 302 Found, 307 Temporary Redirect, 308 Permanent Redirect |
| 4xx | Client Error | 400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, 429 Too Many Requests |
| 5xx | Server Error | 500 Internal Server Error, 502 Bad Gateway, 503 Service Unavailable, 504 Gateway Timeout |
| Header | What It Tells You |
|---|---|
Content-Type | MIME type of the response body (text/html, application/json, etc.) |
Server | Web server software (nginx, Apache, cloudflare, etc.) |
X-Powered-By | Application framework — often reveals PHP, Express, etc. |
Cache-Control | Caching directives (max-age, no-cache, no-store, public, private) |
ETag | Cache validation token — changes when content changes |
Last-Modified | When the resource was last changed |
Content-Encoding | Compression applied (gzip, br for Brotli) |
Strict-Transport-Security | HSTS policy — forces HTTPS for future visits |
X-Frame-Options | Clickjacking protection (DENY, SAMEORIGIN) |
Content-Security-Policy | XSS and injection protection directives |
Location | Redirect target URL (present on 3xx responses) |
CF-Cache-Status | Cloudflare cache result (HIT, MISS, EXPIRED, BYPASS) |
# Basic HTTP request with headers
curl -I https://example.com
# Follow redirects, show each hop
curl -IL https://example.com
# Show full response including body
curl -i https://example.com
# Verbose — shows request and response headers
curl -v https://example.com 2>&1 | head -50
# Test with specific User-Agent
curl -A "Mozilla/5.0" -I https://example.com
# Measure timing breakdown
curl -w "\nDNS: %{time_namelookup}s\nConnect: %{time_connect}s\nTTFB: %{time_starttransfer}s\nTotal: %{time_total}s\n" -o /dev/null -s https://example.com
# Check gzip compression
curl -H "Accept-Encoding: gzip" -I https://example.com | grep -i "content-encoding"
A redirect chain is a sequence of 3xx responses before the final destination. Long chains add latency. Chains mixing HTTP and HTTPS, or www and non-www, signal misconfigured redirect rules.
Ideal pattern: http://domain.com → https://www.domain.com (one redirect)
Problematic patterns:
http://domain.com → http://www.domain.com → https://www.domain.com (two redirects, HTTP in chain)Each redirect adds a round-trip. CDNs like Cloudflare can consolidate some chains at the edge, but the fewer hops the better.
404 on a page that should exist — Check whether the path is case-sensitive. Linux servers treat /About and /about as different paths. Also check if a trailing slash changes the response.
Unexpected 403 — Server received the request but rejected it. Could be IP-based access control, mod_security rules blocking the request, or missing authentication. Check if adding a User-Agent header changes the response.
502 Bad Gateway — The reverse proxy (nginx, Cloudflare) cannot reach the upstream application server. Usually indicates the app server is down, overloaded, or listening on the wrong port.
Correct content but slow TTFB — Time to First Byte is high. Could be slow database queries, uncached application logic, or a distant origin server. A high TTFB alongside a CDN HIT suggests the CDN is not serving the cache and is hitting origin on every request.
Q: What is the difference between HTTP Lookup and a browser request? A: A browser executes JavaScript, applies cookies, follows redirects automatically, and modifies headers. HTTP Lookup makes a raw request and returns exactly what the server sends, including intermediate redirect responses and raw headers that browsers process silently.
Q: Why does my URL return a 301 instead of 200?
A: The server is redirecting the requested URL to another location. Common causes: HTTP-to-HTTPS redirect, www vs. non-www normalisation, or a permanent page move. Follow the Location header to find the final destination.
Q: What does Cache-Control: no-store mean? A: The server instructs all caches (browser, CDN, proxy) not to store any copy of the response. This is typically used for sensitive pages like bank statements or logged-in dashboards.
Q: How do I check if Cloudflare is caching my pages?
A: Look for the CF-Cache-Status response header. HIT means Cloudflare served a cached copy. MISS means it fetched from origin. BYPASS means the cache was deliberately skipped (often due to cookies or Cache-Control directives).
Q: What is the difference between 301 and 302 redirects? A: A 301 is permanent — search engines transfer link equity to the destination and update their index. A 302 is temporary — search engines keep the original URL indexed and do not transfer link equity. Use 301 for permanent URL changes and 302 only when a redirect is genuinely temporary.
HTTP Lookup is designed for practical troubleshooting where you need fast evidence, clear next actions, and shareable results. The tool focuses on http lookup workflows and gives operators enough signal to decide whether the issue is likely local, resolver-level, provider-level, or configuration-level.
In production, this matters because teams usually lose time in handoffs. One team runs a quick check, another team needs context, and the result is re-tested from scratch. This page avoids that loop by combining an executable widget, interpretation guidance, and route-level SEO content that stays visible to both users and crawlers.
When reading output, do not treat a single result as absolute truth. Network controls, DNS cache variance, provider policy, and browser fetch constraints can all affect one-time checks. The reliable method is:
That model is intentionally reflected in this page structure so operational teams can move from signal to proof quickly.
Use this compact framework during triage:
A good practice is to capture a timestamped snapshot of the output and re-check at a fixed interval. This creates an evidence trail and helps explain why symptoms changed over time.
Preventive control is straightforward: standardize input, run a baseline before change, compare after change, and store both outputs in tickets or runbooks.
HTTP Lookup is strongest when paired with adjacent checks. Recommended next tools in this cluster: HTTPS Lookup, HTTP Headers Check, Website Redirect Checker, MAC Address Lookup.
Escalate to deeper analysis when:
This page is intentionally implemented as a tool-plus-article format so it works for both execution and discoverability. The first fold keeps action visible, and the supporting sections provide structured guidance that remains indexable in prerendered HTML. That approach reduces repeat incidents, shortens handoff cycles, and improves long-tail search relevance without sacrificing technical clarity.
| Signal | Meaning | Action |
|---|---|---|
| Expected result | Configuration likely aligned | Document and monitor baseline |
| Unexpected result | Potential config drift | Cross-check related tools |
| No result | Input/resolver/policy issue | Validate input and retry |
| Intermittent response | Regional/cache variance | Re-run across time window |
| Error | Endpoint or network blocked | Verify source setup and access policy |