Send HTTP HEAD requests and print response headers from the command line. Zero dependencies. Works on Windows, macOS, and Linux.
$ http-head example.com
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
content-length: 1256
server: ECAcc (sac/254F)
Sometimes you just need to check headers β cache status, content type, redirects, CORS, security headers β without downloading the full response body. curl -I works, but it is not always available (Windows), and parsing its output is annoying.
http-head gives you:
- π Instant header inspection β HEAD requests download zero body bytes
- π¦ JSON output β pipe directly into
jqfor scripting - π Redirect following β trace the full redirect chain
- β±οΈ Custom timeouts β do not hang on slow servers
- π Auto https:// β skip the protocol prefix, it just works
npm i -g @kszongic/http-head-cliOr run directly:
npx @kszongic/http-head-cli example.comhttp-head https://example.comhttp-head -s https://example.com
# 200http-head -j https://example.com
# {"status":200,"headers":{"content-type":"text/html; charset=UTF-8",...}}http-head -L https://httpbin.org/redirect/2http-head -t 5000 https://example.comhttp-head example.com
# Same as: http-head https://example.com| Flag | Description |
|---|---|
-s, --status |
Print only the status code |
-j, --json |
Output headers as JSON |
-L, --follow |
Follow redirects (up to 10) |
-t, --timeout |
Timeout in milliseconds (default: 10000) |
-h, --help |
Show help |
-v, --version |
Show version |
for i in 1 2 3 4 5; do
echo "--- Request $i ---"
http-head -j cdn.example.com | jq '.headers["x-cache"], .headers["cf-cache-status"]'
done# GitHub Actions step β fail if missing security headers
HEADERS=$(http-head -j https://mysite.com)
echo "$HEADERS" | jq -e '.headers["strict-transport-security"]' || exit 1
echo "$HEADERS" | jq -e '.headers["x-content-type-options"]' || exit 1
echo "$HEADERS" | jq -e '.headers["x-frame-options"]' || exit 1
echo "All security headers present"STATUS=$(http-head -s https://api.example.com)
if [ "$STATUS" != "200" ]; then
echo "API returned $STATUS"
fihttp-head -L -j https://bit.ly/xyz | jq '.status'TYPE=$(http-head -j https://api.example.com/data | jq -r '.headers["content-type"]')
if [[ "$TYPE" == *"application/json"* ]]; then
curl -s https://api.example.com/data | jq .
else
echo "Not JSON: $TYPE"
fifor domain in example.com google.com github.com; do
STATUS=$(http-head -s "$domain")
echo "$domain -> $STATUS"
done- DevOps monitoring β Quick uptime and status checks without downloading bodies
- Security audits β Verify HSTS, CSP, X-Frame-Options, and other security headers
- CDN debugging β Check cache hit/miss, edge server, and age headers
- API development β Verify content-type, CORS headers, and rate limit headers
- CI/CD pipelines β Gate deployments on header compliance
- Redirect debugging β Trace 301/302 chains for SEO or migration validation
Uses Node.js built-in https (or http) module to send a HEAD request β the server returns headers only, no response body. This makes it extremely fast and bandwidth-efficient. No external dependencies, no native bindings.
| Tool | Zero deps | Cross-platform | JSON output | Follow redirects | Status-only | Install |
|---|---|---|---|---|---|---|
| http-head | β | β Win/Mac/Linux | β | β | β | npx @kszongic/http-head-cli |
curl -I |
N/A | β (needs parsing) | β
-L |
β (needs grep) | Built-in (Unix) | |
wget --spider |
N/A | β | β | β | Built-in (Linux) | |
| httpie | β (Python) | β | β | β | β | pip install httpie |
- url-status-cli β Check HTTP status codes for URLs
- cert-days-cli β Check SSL certificate expiry
- port-scan-cli β Scan TCP ports on a host
- find-open-port-cli β Find an available port
- env-lint-cli β Lint .env files against .env.example
MIT Β© kszongic