HTTP header checker
Inspect the response status and headers of any URL — security, caching, redirects.
Fetched by our server, never stored. Private/localhost targets are blocked.
How to check HTTP headers
- Enter a URL. Paste a full URL (https:// is assumed if you omit it).
- Fetch the headers. Our server requests the URL and returns its response headers.
- Review. Inspect the status, security headers, caching and any redirect.
About HTTP response headers
Every web response carries headers that control caching, security and content handling. Checking them is the fastest way to confirm a deploy went out (look at the status and any redirect), verify security hardening (HSTS, Content-Security-Policy, X-Content-Type-Options), or debug why a CDN keeps serving a stale file (Cache-Control and ETag). This tool fetches a URL from our server and lists the full response — no browser extension needed. To inspect the site’s TLS certificate, use the SSL checker.
Frequently asked questions
- It requests a URL from our server and shows the raw HTTP response status and headers — content type, caching, security headers, redirects and more.
- Headers reveal a lot: whether security headers like Strict-Transport-Security and Content-Security-Policy are set, how caching is configured, which server or CDN responds, and whether the URL redirects.
- No — it shows the first response so you can see the redirect status and Location header. Follow up by checking the destination URL directly.
- No. For safety, requests to localhost and private network ranges are blocked. Use it for public URLs.
- No. The URL is fetched by our server and the headers are returned to you. Nothing is stored.