HCODX/HTTP Header Viewer
Full response headers · Security checks

HTTP Header Viewer: inspect any URL's response headers

Free in-browser HTTP header viewer. Get the status line, full response headers, final URL after redirects, and a security-header health check (HSTS, CSP, X-Frame-Options, Referrer-Policy). Cross-origin reads via corsproxy.io.

FAQ

HTTP Header Viewer — frequently asked questions

Browsers block reading response headers from cross-origin requests unless the server allows it via CORS. A public CORS proxy (corsproxy.io) sits between us and the target so we can read every header.

The request originates from the corsproxy.io infrastructure with a normal browser user agent. Server logs will show the proxy's IP, not yours.

Servers and CDNs may strip headers for proxied requests, especially Set-Cookie. The proxy passes through what the target returned to it.

Related

Related tools

SSL Checker
Certificate & chain.
DNS Lookup
A, AAAA, MX, TXT, NS.
WHOIS Lookup
Registrar & dates via RDAP.
What's My IP
Public IP & location.
Website Screenshot
Capture URL as PNG.
HTTP Status Codes
Reference for every code.
User Agent Parser
Decode any UA string.
cURL to fetch()
Convert curl commands.