HTTP / HTTPS Header Checker
Reviewing HTTP Headers
A great deal of information can be gathered in a check of the HTTP Headers from a web server. Server-side software can be identified often down to the exact version running. Cookie strings, web application technologies, and other data can be gathered from the HTTP Header. This information can be used when troubleshooting or when planning an attack against the web server.
HTTP Header Check API
In addition to the web form above, we offer a second way to access the HTTP headers of any web site. Our
HTTP Header API will trigger our system to get the headers and display them in a simple Text based output. Access the API using a web browser, curl, or any scripting language.
This query will display the HTTP headers from www.google.com. Notice that if the web server sends a redirect 301 or a 302 the system will follow the redirect and display each set of HTTP Headers.
In the above table there are a significant number of HTTP Headers that have "X-" apppended to the header. This denotes the header is non-standard. It is not a part of the HTTP standard but is often used by web servers, web applications, and caching systems to pass information between the server / application and the browser.