Heads up: browsers only expose headers the target server allows via CORS (typically via
Access-Control-Expose-Headers). For cross-origin requests you may see a limited subset of headers even on a successful response — this is a browser security restriction, not a bug in this tool.