HTTP header checker
Inspect the HTTP response headers for any URL to check for security configurations and server information.
Frequently asked questions
What are HTTP headers?
HTTP headers are metadata sent between your browser and a web server with every request and response. They control caching, authentication, content type, security policies, and more.
What are security headers and why do they matter?
Security headers like Content-Security-Policy, Strict-Transport-Security, and X-Frame-Options instruct browsers to enforce security policies. They help prevent cross-site scripting (XSS), clickjacking, MIME sniffing, and other common attacks.
Does this tool visit the URL on my behalf?
Yes. Our server sends a HEAD request to the URL and reads the response headers. Your browser never contacts the target site directly, so it is safe to check any URL.
Why is my site missing security headers?
Many web servers and hosting platforms do not add security headers by default. You typically need to configure them in your server settings, .htaccess file, or CDN dashboard. Missing security headers can leave your site vulnerable to common web attacks.
More free tools
Link safety checker
Check any URL for spam, phishing, and malware.
Full URL audit
Run link safety, headers, DNS, WHOIS, and SSL in one go.
Bulk URL checker
Check up to 10 links at once and export results as CSV.
Email validator
Validate email addresses: syntax, MX records, disposable detection.
URL unwrapper
See the full redirect chain of short links without clicking.
DNS lookup
Look up A, AAAA, MX, TXT, CNAME, and NS records for any domain.
WHOIS lookup
Find domain registration details: registrar, dates, and nameservers.
SSL certificate checker
Check SSL/TLS certificate details, expiry, and chain validity.
Password strength checker
Check password strength in your browser. Nothing is sent to our servers.