HTTP Header Checker API
Free public REST API for the HTTP Header Checker on Domainee. No API key, CORS-enabled, rate-limited per IP.
GET
https://api.domainee.dev/v1/tools/http-header-checker?url=https%3A%2F%2Fdomainee.devFetch a URL and return its response headers + a security grade based on HSTS, CSP, X-Content-Type-Options, X-Frame-Options, Referrer-Policy, and Permissions-Policy presence.
Free. No API key required. CORS-enabled. Rate-limited per IP at 30/min and 500/day.
Parameters
| Name | In | Type | Description |
|---|---|---|---|
urlrequired | query | string | Full URL to fetch (must include scheme). example: https://domainee.dev |
Example request
curl
curl -s "https://api.domainee.dev/v1/tools/http-header-checker?url=https://domainee.dev" | jqExample response
response.json
{
"ok": true,
"data": {
"url": "https://domainee.dev",
"status": 200,
"statusText": "OK",
"headers": {
"server": "Caddy",
"content-type": "text/html"
},
"securityHeaders": [
{
"name": "strict-transport-security",
"present": true
},
{
"name": "content-security-policy",
"present": false
}
],
"grade": "B"
}
}Other languages
fetch.js
const res = await fetch("https://api.domainee.dev/v1/tools/http-header-checker?url=https%3A%2F%2Fdomainee.dev");
const { ok, data } = await res.json();requests.py
import requests
r = requests.get(
"https://api.domainee.dev/v1/tools/http-header-checker",
params={"url":"https://domainee.dev"},
)
data = r.json()["data"]Rate limits & errors
- 30 requests/minute and 500 requests/day per IP. Exceeding either returns HTTP 429 with a
Retry-Afterheader. - All responses are JSON with the envelope
{ "ok": true, "data": {...} }on success or{ "ok": false, "error": { "code", "message" } }on failure. codevalues are stable; safe to switch on programmatically.messageis human-friendly and may change.
See also
- HTTP Header Checker visual tool — UI version that hits this same API.
- Free APIs overview — rate limits, response envelope, error codes.