['name' => 'HSTS', 'desc' => 'Forces HTTPS connections', 'good' => true], 'content-security-policy' => ['name' => 'CSP', 'desc' => 'Prevents XSS attacks', 'good' => true], 'x-frame-options' => ['name' => 'X-Frame-Options', 'desc' => 'Prevents clickjacking', 'good' => true], 'x-content-type-options' => ['name' => 'X-Content-Type-Options', 'desc' => 'Prevents MIME sniffing', 'good' => true], 'referrer-policy' => ['name' => 'Referrer-Policy', 'desc' => 'Controls referrer information', 'good' => true], 'permissions-policy' => ['name' => 'Permissions-Policy', 'desc' => 'Controls browser features', 'good' => true], ]; if ($query) { $url = $query; if (!preg_match('/^https?:\/\//i', $url)) $url = 'https://' . $url; $ch = curl_init(); curl_setopt_array($ch, [ CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => true, CURLOPT_HEADER => true, CURLOPT_NOBODY => false, CURLOPT_TIMEOUT => 10, CURLOPT_FOLLOWLOCATION => true, CURLOPT_MAXREDIRS => 5, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_USERAGENT => 'Mozilla/5.0 (compatible; ipcheck.tools/1.0)', ]); $response = curl_exec($ch); $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); $final_url = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL); $total_time = round(curl_getinfo($ch, CURLINFO_TOTAL_TIME) * 1000); $redirect_count = curl_getinfo($ch, CURLINFO_REDIRECT_COUNT); curl_close($ch); if (!$response) { $error = "Could not connect to " . h($url) . "."; } else { $header_text = substr($response, 0, strpos($response, "\r\n\r\n") ?: strlen($response)); $lines = explode("\r\n", $header_text); $status_line = array_shift($lines); foreach ($lines as $line) { if (strpos($line, ':') !== false) { [$key, $val] = explode(':', $line, 2); $results[strtolower(trim($key))] = trim($val); } } $results['_meta'] = [ 'status' => $http_code, 'final_url' => $final_url, 'time_ms' => $total_time, 'redirects' => $redirect_count, ]; } } require_once __DIR__ . '/header.php'; ?>

Tool

HTTP Header Viewer

Analyze HTTP response headers of any website

HTTP Status

Load time

Redirects

Headers

Security Headers

$info): ?>

Present Missing

All Response Headers ()

$val): ?>

Header	Value

Continue with

SSL Check DNS Lookup

Enter a URL or domain to analyze its HTTP response headers. Works with and without https://.

My IP HTTP Headers SSL Check DNS Lookup Port Check

What are HTTP headers?

HTTP headers are metadata sent between browser and server with every request and response. They control caching, content types, security policies and much more. Security headers like HSTS, CSP and X-Frame-Options protect against common attacks such as XSS and clickjacking. This tool shows all response headers and checks whether important security headers are present.