GET /api/http-headers

HTTP Headers

Inspect HTTP response headers for any URL. Follows redirects and returns the final URL, HTTP status code, and captured response headers as a flat key/value map. Header capture is intentionally bounded - the API may omit fields, truncate long values, or stop early once internal field-count or total-size limits are reached; check headers_truncated in the response to detect incomplete results. Results are cached for 60 seconds.

Query parameters

urlrequiredThe URL to inspect. Scheme may be http or https; if omitted, https is assumed.

Example request

curl

curl "https://tinyutils.dev/api/http-headers?url=https://example.com"

JavaScript (fetch)

const res = await fetch(
  "https://tinyutils.dev/api/http-headers?url=https://example.com"
);
const data = await res.json();

Example response

{
  "ok": true,
  "input_url": "https://example.com",
  "final_url": "https://www.example.com/",
  "status": 200,
  "headers": {
    "content-type": "text/html; charset=UTF-8",
    "cache-control": "max-age=604800",
    "etag": "\"3147526947+ident\"",
    "expires": "Fri, 10 Apr 2026 07:59:29 GMT",
    "last-modified": "Thu, 17 Oct 2019 07:18:26 GMT",
    "server": "ECAcc (dcb/7F84)",
    "vary": "Accept-Encoding",
    "x-cache": "HIT"
  },
  "headers_truncated": false,
  "meta": {
    "responseTimeMs": 123,
    "cached": false,
    "rateLimitedScope": "global"
  },
  "error": null
}

Error response

{
  "ok": false,
  "input_url": "not-a-url",
  "final_url": null,
  "status": null,
  "headers": null,
  "headers_truncated": false,
  "error": "INVALID_URL",
  "meta": {
    "responseTimeMs": 0,
    "cached": false,
    "rateLimitedScope": "global"
  }
}

Error codes

INVALID_URLThe URL is missing, malformed, or uses an unsupported scheme.
BLOCKED_HOSTThe target resolves to a private, reserved, or internal address.
TIMEOUTThe request exceeded the 2.5s timeout.
NETWORK_ERRORA network error prevented the request from completing.
REDIRECT_LOOPA redirect cycle was detected while following the URL.
MISSING_LOCATIONA redirect response was missing or had an unparseable Location header.
TOO_MANY_REDIRECTSThe URL required more than 10 redirects to resolve.
RATE_LIMITEDYou have exceeded the daily request limit.
INTERNAL_ERRORAn unexpected server error occurred.

Rate limiting

Requests are rate-limited via a global pool shared with url-check, dns-lookup, and url-resolve. Results are cached for 60 seconds to reduce duplicate requests. When the limit is exceeded, the endpoint returns HTTP 429 with RATE_LIMITED.

See also

Looking for use-case guidance? HTTP Headers API walks through common inspection scenarios and integration patterns.