Skip to main content
Glama
207,082 tools. Last updated 2026-06-17 20:13

"Information about headers" matching MCP tools:

  • inspect_security_headers

    Ground Truth - First Tool Call

    Fetch a public URL and inspect security-relevant response headers before you claim that a product or endpoint has a strong browser-facing security baseline. Use this for quick due diligence on public apps and docs sites. It checks for common headers such as HSTS, CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy, and X-Content-Type-Options. It does not replace a real security review, authenticated testing, or vulnerability scanning.
    Connector

  • dossier_headers

    drwho.me

    Core dossier check: Fetch https://<domain>/ and return all HTTP response headers, with an audit highlighting missing or misconfigured security headers. Use to review CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy; for redirect tracing use dossier_redirects instead. Single GET via fetch, 5 s timeout, captures raw response headers before any redirect is followed. Returns a CheckResult: on success, {status:"ok", headers:{...}, securityAudit:[{header, present, value},...]}; on failure, {status:"error", reason}.
    Connector

  • dossier_headers

    drwho.me developer tools

    Core dossier check: Fetch https://<domain>/ and return all HTTP response headers, with an audit highlighting missing or misconfigured security headers. Use to review CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy; for redirect tracing use dossier_redirects instead. Single GET via fetch, 5 s timeout, captures raw response headers before any redirect is followed. Returns a CheckResult: on success, {status:"ok", headers:{...}, securityAudit:[{header, present, value},...]}; on failure, {status:"error", reason}.
    Connector

  • pimea_chat

    Pimea

    Send a message in an active Pimea session. Use this to answer Pimea's clarifying questions about the user's marketing situation. You can answer on behalf of the user using context from the conversation when possible. Only ask the user directly if you genuinely lack the information. When the response status is "complete", call pimea_get_answer to retrieve the final grounded deliverable. Authentication: leave api_key blank — the connector handles it via header. Only set it as a fallback if the connector cannot send custom headers. Args: session_id: The session UUID from pimea_start_session message: Response to Pimea's question api_key: Optional fallback only. Normally leave blank.
    Connector

  • get_about

    Follow On Tours

    Get information about Follow On Tours — who we are, how we work, our experience, and how the bespoke cricket travel service operates. Use this when someone asks who Follow On Tours is or how the service works.
    Connector

  • scan_headers

    ContrastAPI

    Perform live HTTP GET and analyze security headers: CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Permissions-Policy, Referrer-Policy. Use to audit live website headers; use check_headers to validate headers you already have. Free: 30/hr, Pro: 500/hr. By default header values are truncated to 500 chars (CSP can exceed 4 KB on large sites); pass include='full' for the full raw value. Returns {headers_present, headers_missing, findings, total_score}.
    Connector

Matching MCP Servers

Matching MCP Connectors

  • data.capabilities

    Recursive Support Oracle

    Returns structured information about what the Recursive platform includes: features, AI model details, supported integrations, and what's included at every tier. Use for systematic feature comparison.
    Connector

  • get_about

    cricket-travel

    Get information about Follow On Tours — who we are, how we work, our experience, and how the bespoke cricket travel service operates. Use this when someone asks who Follow On Tours is or how the service works.
    Connector

  • lookup_headers

    botoi-mcp

    Fetch HTTP response headers for a URL. Use when inspecting server configuration, security headers, or caching policies.
    Connector

  • get_broker

    mcp-server

    Get full details for a single broker (agent) by their profile slug. Call this when the user asks for more information about a specific broker. Use the slug from search_brokers results.
    Connector

  • get_business

    Venturu

    Get full details for a single business (listing) by its slug. Call this when the user asks for more information about a specific business. Use the slug from search_businesses results.
    Connector

  • lookup_sip_header

    Sipflow

    [cost: free (pure CPU, no network) | read-only] Instant lookup of a SIP header by canonical or compact form (e.g. "Via" / "v", "Diversion", "P-Asserted-Identity", "Identity", "Session-Expires"). Returns canonical form, compact alias, RFC anchor, where it appears (request / response / both), cardinality (exactly-one / at-most-one / one-or-more / any), allowed/forbidden URI parameters with RFC citations, short description, and related headers. USE FIRST when the user asks about a specific header they saw in a trace - sub-millisecond, no API cost. The cardinality + paramRules fields surface failure modes (e.g. two From: headers, ;tag= on P-Asserted-Identity) without needing a RAG round-trip. Pair with: `lint_sip_request` to mechanically check a real request against these rules; `search_sip_docs` for vendor-specific or 3GPP P-headers not in the bundled registry.
    Connector

  • analyze_headers

    email-deliverability

    Re-verify SPF, DKIM, DMARC, and ARC from a raw RFC 5322 email (full message or just the headers block). Returns InboxGuard's independent verdict (`ours`), the sender's own Authentication-Results (`theirs`), whether they `agree`, and parsed envelope/headers — useful for spotting forged or mismatched auth results. No account needed.
    Connector

  • get_commitment_basic_info

    mcp

    Get basic information about a Compute Engine Commitment, including its name, ID, status, plan, type, resources, and creation, start and end timestamps. Requires project, region, and commitment name as input.
    Connector

  • text_base64_decode

    botoi-mcp

    Decode a Base64 string back to UTF-8 text. Use when extracting data from Base64-encoded API responses, tokens, or email headers. Returns the original plaintext string.
    Connector

  • contrast_scan

    ContrastAPI

    Active website security scan: runs the ContrastScan C engine (11 modules — HTTP security headers, SSL/TLS, DNS, redirect chain, information disclosure, cookie flags, DNSSEC, HTTP methods, CORS, HTML hygiene, deep CSP analysis) against the live site and enriches the raw result with severity-ranked vulnerability findings and a letter grade. Use for a hands-on misconfiguration scan; use audit_domain for passive recon (DNS/WHOIS/SSL/threat intel) and scan_headers for headers only. Active outbound fetch — a per-target eTLD+1 throttle (60 req/min) applies. Free: 30/hr (costs 6 credits), Pro: 500/hr. Returns {domain, resolved_ip, total_score, max_score, grade, findings, findings_count, headers, ssl, dns, redirect, disclosure, cookies, dnssec, methods, cors, html, csp_analysis, enterprise, summary, next_calls}.
    Connector

  • get_vaadin_primer

    docs-mcp

    IMPORTANT: Always use this tool FIRST before working with Vaadin. Returns a comprehensive primer document with current (2025+) information about modern Vaadin development. This addresses common AI misconceptions about Vaadin and provides up-to-date information about Java vs React development models, project structure, components, and best practices. Essential reading to avoid outdated assumptions. For legacy versions (7, 8, 14), returns guidance on version-specific resources.
    Connector

  • get_broker

    Venturu

    Get full details for a single broker (agent) by their profile slug. Call this when the user asks for more information about a specific broker. Use the slug from search_brokers results.
    Connector