The HTTP Headers tool shows you what headers the receiving web server sends back with the resources that you requested.
In the text box, enter one of the following:
- A domain name
- An IPv4 address (eg, 192.168.1.1)
- An IPv4 address as a Base-10 (single decimal) number — if you provide this value, be sure to check the Covert Base-10 to IP box
When to Use the HTTP Headers Tool
The HTTP Headers tool helps diagnose odd behavior with HTTP connections. It will indicate to you if your request gets redirected at any point. This can help you optimize your links.
Note that the tool only works with the domain’s top-level, or default, page; if you include the path to a specific page, the tool will ignore this portion of the domain.
What the HTTP Headers Tool Does
The HTTP Headers tool sends an HTTP GET request to the domain you provide. It then receives a response from the web server; if not, the request times out. If the tool gets a response, it will consist of an HTTP response code, as well as the headers themselves.
The headers may be standard ones defined by the World Wide Web Consortium, but they may also include custom ones. Custom headers are typically informational.
A Look at the Response
The first line that you’ll see in the response will look something like HTTP/1.1 200 OK, where:
- HTTP/1.1 indicates that the HTML Headers tool is using the HTTP/1.1 protocol
- 200 is the HTTP status code (the specific numeric code you receive may vary)
- OK is the appropriate message accompanying the status code (again: may vary)
The status code is one of the most important pieces of information you will receive. The full list of status codes in use is long, but here are the more common ones:
|200||OK||The request was successful, and the response includes the requested content.|
|301||Moved permanently||The requested content is at another URL (specified in the Location header). Replacing the link with the new URL will improve performance and can help you avoid a broken link later on.|
|302||Found||Content is located at the URL specified in the Location header. This is temporary.|
|303||See other||Content is located at the URL specified in the Location header. It should be retrieved using a GET method.|
|307||Temporary redirect||Content is located at the URL specified in the Location header. Continue to use the current URL.|
|401||Unauthorized||Authentication is required to access the content.|
|403||Forbidden||Access isn’t allowed.|
|404||Not found||Resource couldn’t be found. The other headers or the returned content may provide additional information.|
|405||Method not allowed||The URL doesn’t accept the specified HTTP method, which in our case is always GET. The Allow header will list the accepted methods.|
|410||Gone||Like 404, but with more finality. Not only is the content unavailable, but there’s also no known forwarding address.|
|500||Internal server error||There’s an issue with the web server, and your request wasn’t handled.|
|503||Service unavailable||The URL is temporarily unavailable.|
A Closer Look at Several Headers
The number of headers available for use is significant, but here is a closer look of some that you’ll see fairly frequently.
- This header indicates the format of the data being returned. For example, the header accompanying an HTML page looks like this:
Content-Type: text/html; charset=UTF-8.
- This header tells you how the web server encodes the data it sends to you. Information is often sent in a compressed format for efficiency. For example, if a web server uses gzip for compression, you’ll get back
- This header tells you when the content last changed. For static pages, it will normally be the file’s modification date. For dynamically-generated pages, the way of computing the date varies. Example:
Last-Modified: Mon, 25 Sep 2017 03:52:00 GMT.
- This asks your browser to create a cookie. There can be more than one in a response. The simplest case looks like this
Set-Cookie:mycookie=xyzbut the cookie may include additional parameters, such as the cookie expiration time, path, domain, and so on.
- This header gives caching-related directives to the browser. If the content is never supposed to be cached, you might see
Cache-Control: no-cache. If it should be cached for no more than five minutes (300 seconds), the header would be
- This header tells you what HTTP methods are accepted:
Allow: GET, HEAD, PUT.
Whenever you enter a URL into a browser and hit send, the server often redirects it multiple times before giving you the results of the final URL. You might provide a domain name, but be redirected to the
www subdomain (eg, you provide
example.com and get redirected to
If this happens, the HTTP Headers tool will provide you with information showing such — you’ll see the HTTP 300s status code (typically 301, but it could be another code in the 300s range).
The web server may also instruct the browser to use cached information. Again, you’ll see HTTP status codes in the 300s range if this happens.
In short, the tool returns these headers, and using the information provided, you can determine what happened in between you sending the request and receiving the response. However, do note that the response you get might vary. The web server may respond differently based on the client IP address or the HTTP headers included in the request.
An Interesting Tidbit
A rare, but grimly-amusing status code is HTTP 451, which means that the resource is “unavailable for legal reasons.” — usually due to government censorship. The code pays homage to Ray Bradbury’s novel about book burning, Fahrenheit 451.