Send the request.
See what comes back.
Redline is a free API tester and webhook debugger for the moment you need to see the actual bytes — status, headers, timing, body — without configuring another workspace first.
no account · nothing to install · works in one tab
POST /v1/checkout/sessions
{
"status": "succeeded",
"amount": 4200,
"currency": "usd",
"latency_ms": 142
}Built for the two moments you actually reach for raw HTTP.
Build a request, fire it, read every byte back.
- Any method — GET, POST, PUT, PATCH, DELETE, or a custom verb
- Custom headers, query params, and a raw or JSON body
- Routed through a server-side proxy, so CORS is never the blocker
- Status, timing, response size, headers, and body, all inline
- Recent requests are saved to your browser — reload without losing history
A live inbox for anything that can POST a webhook.
- One click creates a disposable inbox with a unique ingest URL
- Point Stripe, GitHub, Twilio, or your own backend at it
- Requests land live — full method, headers, query string, and body
- History is stored server-side, so it survives a page reload
- No signup: the unique URL itself is the access control
How it works
- 01
Pick a method and paste a URL
Any HTTP verb, any host — no allowlist to configure first.
- 02
Add headers, params, or a body
Raw text or JSON, with syntax that stays readable as it grows.
- 03
Send it through the proxy
Requests are routed server-side, so browser CORS rules never get in the way.
- 04
Read the full response
Status, timing, size, headers, and body — all in one place, instantly.
- 01
Create an inbox
One click gives you a unique ingest URL. No form, no name required.
- 02
Point a provider at it
Stripe, GitHub, Twilio, cron jobs, your own backend — anything that can POST.
- 03
Trigger an event
Fire a test webhook, a real one, or just curl the URL yourself.
- 04
Watch it land
Method, headers, query string, and body appear live, saved for when you come back.
Free, and honest about how it works
No account, ever
Open either tool and start immediately. For webhooks, the unique inbox URL is the access control — treat it like a secret, and delete the inbox when you're done.
API history stays local
Recent requests in the API Tester live in your browser's localStorage. They never touch our servers beyond the one request you asked us to send.
Webhook history is server-side, on purpose
Captured requests are stored so you can inspect them after the event fires — that's the point of a debugger. Clear an inbox and its history is gone with it.
Requests to private networks are blocked
The proxy refuses localhost, private IP ranges, and link-local addresses, so the tester can't be pointed at internal infrastructure — yours or anyone else's.