HTTP Headers Checker.
Check HTTP response headers for any URL. View status code, security headers, cache-control, content-type, and all other response headers.
How to use
Enter a full URL including https:// in the input field.
Click Check — the Worker sends a HEAD request to the URL and returns all response headers.
Headers are sorted alphabetically for easy scanning.
The status code and final URL are shown at the top (useful for detecting redirects).
Frequently Asked Questions
What is a HEAD request?
A HEAD request is identical to GET but the server returns only the status line and headers, without the response body. It's efficient for checking headers without downloading the full page.
What should I look for in security headers?
Key security headers include Strict-Transport-Security (HSTS), Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, and Referrer-Policy.
Why might some headers be missing?
Not all servers send every header. Missing security headers are worth noting — they represent potential security improvements.