HTTP Header Analyzer
Inspect response headers for any URL — security audit, cache headers, server info. Runs via Cloudflare edge, no CORS issues.
Try:
Frequently Asked Questions
- What are HTTP response headers?
- Headers are key-value pairs sent by a web server with every response. They control caching, security policies, content type, and more.
- Which security headers should every site have?
- HSTS (forces HTTPS), Content-Security-Policy (prevents XSS), X-Content-Type-Options, X-Frame-Options (prevents clickjacking), and Referrer-Policy are the most important.
- Why does it show HTTP → HTTPS redirect?
- Visitors typing your domain without 'https://' should be automatically redirected to the secure version. Missing this is a security risk.
- Is this tool free?
- Yes, 100% free. Requests are proxied via Cloudflare edge — no data is stored.
- Does it work on any URL?
- Yes, any public HTTP or HTTPS URL. Private IPs and local addresses are blocked for security.