Why use HTTP tools?
Every web page, every API, and every redirect rests on a handful of HTTP headers and a single promise: respond fast, 24 hours a day. When that promise breaks, you find out too late through Search Console, a support ticket, or a frustrated tweet. CaptainDNS HTTP tools close that blind loop: they show what Googlebot really sees, vet links before clicks, measure availability continuously, and publicly expose service health without a dedicated platform.
Nine situations where these tools are essential:
- Page too heavy → Googlebot truncates HTML beyond 2 MB, your internal links and FAQ disappear from the index
- Incorrect headers → A misconfigured
Content-Typeor a forgottenX-Robots-Tag: noindexcan deindex an entire page - Wasted crawl budget → Excessive sub-resources and lack of compression reduce the number of pages Google crawls
- Suspicious link received → An email or text message contains a dubious link, you need to check if it's flagged as phishing or malware before clicking
- Domain redirect → You are changing domain names or redirecting an apex to www, and you need HTTPS on the source domain
- Critical endpoint to watch → A public API, a webhook, or a signup page that goes down without warning costs conversions and breaks SLA contracts. Real-time uptime monitoring runs a check every 5 minutes and triggers an instant email alert
- Incident communication to publish → Downtime without an official channel leaves your users in the dark. A shareable public status page shows real-time service health and a 30-day incident history with no DNS setup
- Security configuration to verify → A malformed CSP, a missing HSTS, or a forgotten X-Frame-Options expose your site to XSS and clickjacking attacks. The HTTP headers checker detects the 10 essential headers and assigns a grade from A to F
- HTTPS migration and preload → Before submitting your domain to the Chrome preload list, HSTS must be correctly configured with
max-age ≥ 1 year,includeSubDomainsandpreload. The HSTS and preload test verifies eligibility in one click
How to use the HTTP tools
Step 1: choose the tool
| Need | Tool to use |
|---|---|
| Analyze the weight, headers, and crawl of a page | Page Crawl Checker |
| Audit HTTP security headers with an A to F grade | HTTP Headers Checker |
| Test the HSTS header and Chrome preload list eligibility | HSTS Test |
| Check if a link is phishing or malware | Phishing URL Checker |
| Analyze the redirect chain of a URL | Redirect Checker |
| Redirect a domain with HTTPS | Redirect Hosting |
| Continuously monitor a URL's availability | HTTP Uptime Monitor |
| Publish service health to your users | Public status pages |
Step 2: enter the URL
Enter the full URL in the input field. Both analysis tools accept any public URL:
https://www.captaindns.com/en/blog
For the Page Crawl Checker, prioritize testing your longest pages (categories, product pages, articles with many images). For the Phishing URL Checker, paste the suspicious link received by email or text message directly.
Step 3: analyze the results
Each tool provides a detailed report:
- Page Crawl Checker: HTML size, crawl budget score (0-100), sub-resource inventory, robots.txt check, HTTP headers, client-side redirect detection, SHA-256 fingerprint
- Phishing URL Checker: overall verdict (clean, suspicious, malicious), risk score (0-100), details by threat intelligence source, coverage diagnostics
- Redirect Hosting: HTTP redirect code (301 or 302), TLS certificate status, path and query string forwarding
Tool details
Page crawl checker
Complete crawl analysis of a web page from Googlebot's perspective:
| Feature | Description |
|---|---|
| Size analysis | Raw and decompressed HTML weight, ratio against the 2 MB limit (or 64 MB for PDFs) |
| Crawl budget score | Score out of 100 evaluating the page's crawl efficiency, with factor breakdown |
| Sub-resources | Complete inventory of scripts, CSS, images, fonts, and iframes with size and status |
| robots.txt check | Googlebot access allowed or blocked, crawl-delay, declared sitemaps |
| HTTP headers | Content-Type, Content-Encoding, Cache-Control, X-Robots-Tag, HSTS, Server |
| Client-side redirects | Detection of meta refresh and JavaScript redirects invisible to Googlebot |
| Mobile/desktop comparison | Size, header, and content differences between smartphone and desktop versions |
| SHA-256 fingerprint | Content hash to detect changes between analyses |
| WAF detection | Web application firewall identification with multi-User-Agent fallback |
Use case: Diagnose size and crawl issues impacting Google indexation, optimize crawl budget, and detect JavaScript redirects that Googlebot does not follow.
Phishing URL checker
URL verification against 4 threat intelligence databases:
| Feature | Description |
|---|---|
| 4 sources queried | URLhaus (malware), Google Safe Browsing (phishing), PhishTank (community phishing), VirusTotal (70+ antivirus engines) |
| Risk score | Weighted score from 0 to 100 based on each source's reliability |
| Overall verdict | Clean, suspicious, malicious, or indeterminate |
| Details by source | Individual status, detected threat types, and response time |
| Accepted formats | Full URL, bare domain name, or IP address |
| Diagnostics | Information on unavailable sources, timeouts, and limited coverage |
Use case: Check a suspicious link before clicking, protect your organization against phishing campaigns, and verify that your own domain is not falsely flagged (false positive).
Redirect checker
Full redirect chain analysis of a URL:
| Feature | Description |
|---|---|
| Redirect chain | Follows every HTTP hop (301, 302, 307, 308) with status code, headers, and response time |
| Batch analysis | Check multiple URLs in a single request |
| URL unshortening | Resolves shortened links (bit.ly, t.co, tinyurl) to their final destination |
| Loop detection | Identifies circular redirects before they stall the browser |
| HTTP headers | Full response headers displayed at every step of the chain |
Use case: Diagnose redirect issues, verify the final destination of a shortened link, and analyze the HTTP behavior of a URL before visiting it.
Redirect hosting
Domain redirect with automatic HTTPS and TLS certificate management:
| Feature | Description |
|---|---|
| Automatic HTTPS | TLS certificate via Let's Encrypt, issued in 60 seconds |
| 301 and 302 | Permanent redirect (SEO) or temporary redirect (campaigns) |
| Path forwarding | Preservation of path and query strings |
| Domain verification | Ownership proof via TXT record, shared with MTA-STS and BIMI |
| Apex and subdomains | A/AAAA support for root domains, CNAME for subdomains |
Use case: Redirect an old domain to a new one, force www on an apex, or manage temporary redirects for marketing campaigns, all with valid HTTPS and no server configuration.
HTTP uptime monitor
Real-time uptime monitoring for your HTTP URLs, with email alerts the moment an endpoint goes down:
| Feature | Description |
|---|---|
| 5 min checks by default + cron | HTTP probes from Europe (Free), plus United States and Asia-Pacific depending on plan |
| Email alerts + Webhooks V2 | Unlimited email + HTTPS webhooks to Slack, Discord, PagerDuty or custom endpoints from Starter onwards |
| DOWN detection strategies | Consensus by default (Free, Starter), Strict or Unanimous from Pro onwards |
| 30-day metrics | Uptime %, p95 latency, heatmap and public status pages |
| Quotas per plan | 1 monitor (Free) up to 2,500+ (Enterprise), 1 to 3 regions depending on your plan |
Use case: Replace UptimeRobot, BetterStack, or Pingdom with a tool hosted in Europe and integrated with your CaptainDNS DNS/mail stack. See HTTP Uptime Monitor.
Public status pages
Public status pages shareable from your HTTP monitors, with no DNS setup and no credit card:
| Feature | Description |
|---|---|
| Instant public URL | Shareable public token in one click, no subscriber list, no email opt-in |
| Real-time sync | Service status reflects ongoing HTTP checks automatically |
| 30-day history | Incident timeline, global uptime per service, dated events |
| Customizable logo on Free | Customizable logo from the free tier. Title, colors and intro text reserved for paid plans |
| EU hosting | Served from the EU, no third-party cookies, no analytics tracking |
Use case: Free alternative to Atlassian Statuspage and Instatus, included for free with CaptainDNS HTTP monitoring. See Public status pages.
HTTP headers checker
Audit of the 10 HTTP security headers with a weighted grade from A to F:
| Feature | Description |
|---|---|
| 10 detected headers | CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy, Cross-Origin-Resource-Policy, Clear-Site-Data |
| Weighted grade A to F | Overall grade computed across the 10 headers, with per-header weight breakdown |
| Per-header diagnostic | Present/absent status, detected value, best-practice compliance, remediation tip |
| HTTPS detection | TLS connection check and HTTP/2 or HTTP/3 support |
| Shareable format | Public result URL to share the report with your team or an auditor |
Use case: Prepare a compliance audit (PCI DSS, ISO 27001), verify the security configuration before production, and diagnose missing headers that expose your pages to XSS, clickjacking, and third-party resource injection. See HTTP headers checker.
HSTS and preload test
Verification of the Strict-Transport-Security header and eligibility for the Chrome preload list:
| Feature | Description |
|---|---|
| 5-level grade | missing, weak, acceptable, preload-ready, preloaded based on configuration |
| max-age verification | Checks the duration is greater than or equal to 1 year (31,536,000 seconds) for preload submission |
| includeSubDomains and preload flags | Detects subdomain coverage and the explicit eligibility flag |
| Chrome preload status | Real-time check against the official hstspreload.org list |
| Remediation recommendations | Exact HSTS directive to publish to reach the next level |
Use case: Secure your domain's HTTPS migration against MITM attacks and SSL stripping, validate compliance before submitting to the Chrome preload list (shared by Firefox, Safari, Edge), and avoid classic max-age too-short mistakes. See HSTS and preload test.
Close the detection-to-communication loop for incidents
Testing a page once is not enough. In reliability engineering, two metrics matter: MTTD (Mean Time To Detect), the delay between the start of an incident and its detection, and MTTR (Mean Time To Recover), the resolution delay. A probe that fires every 5 minutes caps MTTD at 10 minutes in the worst case; a public status page updated automatically shortens the perceived MTTR by stopping every user from opening a ticket for the same issue.
CaptainDNS couples both moments in a single flow. The real-time uptime probe polls your URLs from Europe, measures p95 latency, checks the status code, and triggers an email alert as soon as a check fails on multiple probes. The same data then feeds a shareable public status page accessible via a public token, with no DNS setup and no subscriber list to maintain. Your users see the real state in seconds, not hours.
This native coupling avoids the classic trap of fragmented tooling: one probe at one vendor (UptimeRobot, Pingdom), a status page at another (Atlassian Statuspage, Instatus), a glue webhook between the two, and a multi-minute gap between the technical alert and the public announcement. CaptainDNS keeps both ends in the same dashboard, with 1 free monitor included (upgrade to Starter for 30), EU-hosted and GDPR-native.
Real-world use cases
Case 1: an e-commerce page truncated by Googlebot
Symptom: The FAQ and navigation links at the bottom of your category page do not appear in Google results.
Diagnosis: The Page Crawl Checker reveals the page is 3.2 MB of HTML. Googlebot truncates at 2 MB and loses the last 200 products, the FAQ, and the footer's internal linking.
Action: Limit the initial listing, use pagination with lazy loading, and move the FAQ to the top of the page.
Case 2: bank phishing email
Symptom: You receive an urgent email from your "bank" with an account verification link.
Diagnosis: The Phishing URL Checker returns a score of 75 (high). Google Safe Browsing and PhishTank flag the URL as social engineering phishing.
Action: Do not click. Report the email as phishing. Access your bank's website by typing the address directly in the browser.
Case 3: low crawl budget score
Symptom: Google crawls few pages on your site despite regularly updated content.
Diagnosis: The Page Crawl Checker shows a score of 35/100. The page loads 85 sub-resources including 40 third-party scripts (analytics, widgets, A/B testing).
Action: Load third-party scripts with defer/async, remove unused scripts, enable gzip/brotli compression.
Case 4: a suspicious shortened link in a text message
Symptom: A text message contains a bit.ly link asking you to "update your package delivery."
Diagnosis: After expanding the shortened link, the Phishing URL Checker flags the final URL. URLhaus lists it as malware distribution.
Action: Delete the text message and block the number. Legitimate delivery services never request payment via text message.
Case 5: domain migration
Symptom: You are migrating from old.captaindns.com to captaindns.com and visitors to the old domain see an error.
Diagnosis: The old domain points nowhere. Without an HTTPS redirect, browsers display a certificate error or a blank page.
Action: Set up Redirect Hosting with a 301 redirect and path forwarding enabled. Visitors to old.captaindns.com/page land on captaindns.com/page with the correct SEO code.
Case 6: public API down with no alert
Symptom: Your payment API returns 502 errors for 40 minutes late at night. You only find out the next morning through customer support tickets.
Diagnosis: No monitoring was in place. Manual probing does not cover off-hours, and your cloud provider's metrology did not trigger an alert.
Action: Configure an HTTP Uptime Monitor on the /health endpoint with a check every 5 minutes and an instant email alert on any 5xx code or timeout. Then wire that monitor to a public status page to expose live health to your customers.
Case 7: incident communication with no dedicated platform
Symptom: During an extended outage, your support team receives 200 tickets in one hour. You have no official channel to announce the incident, its causes, and an ETA for resolution.
Diagnosis: Without a public status page, every user must open a ticket to learn the service state. Support gets overwhelmed and the perceived reliability of the product drops.
Action: Activate a public status page from your existing HTTP monitors, share the URL in support auto-replies, the website footer, and transactional emails. Your users see global uptime and a 30-day incident history at a glance.
FAQ - Frequently asked questions
Q: How often should you check a URL's availability?
A: A check every 5 minutes is the standard for most web services. It caps detection delay at 10 minutes in the worst case while staying reasonable in terms of cost and alert noise. Teams targeting a 99.95% SLA go down to 1 minute on their most critical endpoints. CaptainDNS ships with 5 minutes by default and a custom cron expression for advanced cases.
Q: What is the difference between HTTP monitoring and a status page?
A: HTTP monitoring is an internal probe: it tests your endpoints continuously and alerts your team on failure. A status page is the public face of that monitoring: it exposes the operational state of your services to users without granting access to technical details. CaptainDNS links both natively, with no glue script or webhook to maintain.
Q: Is the phishing URL checker result 100% reliable?
A: No tool guarantees 100% detection. The average lifespan of a phishing URL is under 24 hours. A clean result means no source flags it at the time of the check, not that it is permanently safe.
Q: Can you monitor a token-authenticated endpoint?
A: Yes. The CaptainDNS uptime monitor supports custom HTTP headers (Authorization, X-API-Key) to query token-protected endpoints. The only constraint: the URL must be reachable from our European probes, so exposed on the Internet (not behind a VPN or private firewall).
Q: Is a public status page indexed by Google?
A: Not by default. CaptainDNS status pages are served with a meta robots noindex tag to avoid polluting your SEO with technical pages. They remain reachable via their shared token URL but do not appear in Google results. You keep full control of the distribution.
Q: How much do CaptainDNS monitoring and status pages cost?
A: The free tier includes 1 HTTP monitor with 5-minute checks, unlimited email alerts, 30-day heatmap, p95 latency and public status pages with a customizable logo. No credit card at signup, no time-limited trial. Advanced customization (title, colors, intro text) is reserved for paid plans. Paid plans (Starter, Pro, Business, Enterprise) unlock up to 2,500 monitors, multi-region (EU/US/APAC), and Webhooks V2.
Q: What happens during a flap (site oscillating up/down)?
A: CaptainDNS applies a 2-check confirmation from distinct probes before firing an alert, then groups notifications during a continuous downtime. If the URL stays down for several days, a warning precedes the monitor's auto-disable. Result: one relevant alert per incident, no mail spam.
Q: How do you redirect a domain while preserving SEO?
A: Use CaptainDNS redirect hosting with a 301 (permanent) redirect. A 301 transfers nearly all SEO authority to the destination. Also enable path forwarding so that old.captaindns.com/page routes to captaindns.com/page, which preserves the individual ranking of every indexed URL.
Complementary tools
| Tool | Purpose |
|---|---|
| DNS lookup | Check the DNS records for your domain |
| Email deliverability audit | Analyze MX, SPF, DKIM, and DMARC for your domain |
| DNS propagation checker | Confirm your DNS changes have propagated |
| IP blacklist checker | Check if an IP is listed on email blacklists |
| Domain blacklist checker | Check if a domain is blacklisted for spam or phishing |
| Redirect checker | Analyze redirect chains and unshorten links |
| Domain redirect | Set up 301/302 HTTPS redirects for your domains |
| HTTP uptime monitor | Monitor URL availability with email alerts |
| Public status pages | Publish a shareable status page from your monitors |
Get started in 60 seconds
Launch your first HTTP monitor for free, with no credit card and a public status page included on the free plan. Set up an uptime monitor or browse the CaptainDNS pricing to compare plans.
Useful resources
- Google - Crawl limit documentation (official Googlebot documentation)
- Google - Mobile-first indexing (mobile-first indexing guide)
- Google Safe Browsing (protection against dangerous sites)
- URLhaus by abuse.ch (community database of malicious URLs)
- HTTP Archive - State of the Web (web page weight statistics)