HTTP Headers Viewer
Inspect server response headers, status codes, and security configurations.
Why check HTTP headers?
- Verify correct Status Codes (200, 301, 404, 500)
- Check Caching policies (Cache-Control, Expires, ETag)
- Audit Security headers (HSTS, CSP, X-Frame-Options)
- Debug Content-Type and Encoding issues
- Identify Server software type (if exposed)
Frequently Asked Questions
What are HTTP headers?
HTTP headers are key-value pairs sent between a client (browser) and a server that pass additional information about the request or response, such as caching rules, content type, and authentication.
Why is the Cache-Control header important?
Cache-Control tells browsers and CDNs how long they should store a copy of your page. Proper configuration can significantly speed up your website for returning visitors.
What is HSTS (Strict-Transport-Security)?
HSTS is a security header that forces browsers to only connect to your website via secure HTTPS, preventing downgrade attacks and cookie hijacking.
Does this tool work with redirects?
No, this specific tool fetches the headers of the exact URL you entered without following redirects (using 'manual' mode), so you can inspect if a 301/302 redirect header is present.
Why don't I see some headers?
Some headers are stripped by proxies, load balancers, or firewalls before they reach the client differently than a direct server connection.