HTTP Headers Viewer
Inspect all HTTP response headers for any URL. Check security headers, HSTS, CSP, cache settings, and server configuration instantly.
HTTP Headers — FAQ
What are the most important security headers to check?
The six most important security headers are: Strict-Transport-Security (forces HTTPS), Content-Security-Policy (prevents XSS), X-Frame-Options (prevents clickjacking), X-Content-Type-Options (prevents MIME sniffing), Referrer-Policy (controls referrer data), and Permissions-Policy (restricts browser feature access).
Why does this tool use a proxy?
Browsers block direct cross-origin requests due to CORS restrictions. This tool uses corsproxy.io to fetch headers on your behalf, so you can inspect any URL without browser limitations.
What does a 301 vs 302 redirect mean?
A 301 (Moved Permanently) tells browsers and search engines the resource has permanently moved — search engines transfer ranking signals to the new URL. A 302 (Found / Temporary Redirect) signals a temporary move — search engines keep indexing the original URL.