Redirect Chain Checker

Trace every redirect hop of any URL. Uncover cloaked destinations, tracker chains, and potentially malicious final URLs hiding behind innocent-looking short links.

How to Use the Redirect Chain Checker

  1. Paste any URL including shortened or redirecting links.

  2. Click Scan to trace the complete redirect chain.

  3. Review each hop showing URL, HTTP status code, and domain changes.

  4. Check the final destination for safety signals and threat score.

Redirect Chain Checker — Frequently Asked Questions

What is a redirect chain?
A redirect chain is a series of HTTP redirects that occur when you access a URL. Each step (hop) redirects you to another URL until you reach the final destination.
Why do phishers use redirect chains?
Attackers use redirect chains to obscure the final malicious destination, evade link scanners that only check the initial URL, and abuse legitimate redirect services to add credibility.
What are the different HTTP redirect codes?
301 (Permanent Redirect), 302 (Temporary Redirect), 303 (See Other), 307 (Temporary Redirect), and 308 (Permanent Redirect). Status 200 indicates the final destination.
How many redirects are too many?
More than 3–4 redirects is unusual for legitimate sites and may indicate tracking or cloaking. Browsers typically abort chains exceeding 20 hops to prevent infinite loops.
Can redirect chains contain malware?
Yes. Drive-by download attacks can be triggered at any redirect hop. IncogSay analyzes each hop's domain for threat signals without visiting the pages.