X-Content-Type-Options Header Checker - nosniff audit

Pricing

Pay per usage

X-Content-Type-Options Header Checker - nosniff audit

Fetches URLs and validates the X-Content-Type-Options response header. Flags missing header and invalid values (expects nosniff) to help prevent MIME sniffing attacks. Outputs per-URL results plus SUMMARY and REPORT.

Pricing

Pay per usage

Rating

0.0

(0)

Developer

Bikram Adhikari

Maintained by Community

Actor stats

Bookmarked

Total users

Monthly active users

13 hours ago

Last modified

X-Content-Type-Options Header Checker

Checks the X-Content-Type-Options response header for a list of URLs.

This header is commonly set to nosniff to help prevent MIME-sniffing issues.

What it checks

Missing X-Content-Type-Options
Invalid value (anything other than nosniff)
Multiple comma-separated values

Input

startUrls (required): URLs to check (Request List Sources format)
requestStrategy: HEAD_THEN_GET (default), HEAD_ONLY, GET_ONLY
followRedirects, maxRedirects
warnOnMissing, warnOnInvalid

Output

Dataset (per-URL)

Each item includes:

startUrl, finalUrl, statusCode, usedMethod, timingMs
xContentTypeOptionsRaw, normalizedValue, isNosniff
score, ok, warningCount, errorCount, issues

Key-value store

SUMMARY (JSON)
REPORT (JSON)

Quick start

Store page: https://apify.com/scrappy_garden/x-content-type-options-header-checker

Paste this into Input and click Run:

{
  "startUrls": [
    {
      "url": "https://example.com/"
    }
  ],
  "proxyConfiguration": {
    "useApifyProxy": false
  }
}

Outputs (what you get)

Dataset: Dataset items typically include fields like: startUrl, finalUrl, statusCode, xContentTypeOptionsRaw, normalizedValue, isNosniff, score, ok, warningCount, errorCount.
Key-value store: REPORT, SUMMARY

Tips (trust + predictable results)

Start with 1–3 URLs to validate behavior, then scale up.
If a target blocks requests, enable Proxy and/or slow down concurrency in Input.
Use the SUMMARY / REPORT keys (when present) for automation pipelines and monitoring.

security-headers-checker (https://apify.com/scrappy_garden/security-headers-checker)
hsts-header-checker (https://apify.com/scrappy_garden/hsts-header-checker)
cache-control-checker (https://apify.com/scrappy_garden/cache-control-checker)
content-type-header-validator (https://apify.com/scrappy_garden/content-type-header-validator)

Search keywords

x content type options header checker, x-content-type-options header checker - nosniff audit, website audit, seo, http headers

Seobility SEO Checker (Unlimited)

maged120/seobility-seo-checker

the most powerful scraper for seobility SEO checker tool, the output might feel overwhelming but it's full of details and possibilites, check it out

Maged

5.0

(1)

Security Headers Checker - Audit CSP, HSTS, XFO and more

scrappy_garden/security-headers-checker

Check common HTTP security headers for one or more URLs (Content-Security-Policy, Strict-Transport-Security, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, COOP/COEP/CORP). Useful for quick security hardening audits.

Bikram Adhikari

Accessibility Scanner

gabrielaxy/accessibility-scanner

Scan any website for WCAG accessibility compliance using axe-core. Get detailed reports with fix code suggestions, severity scores, and remediation priorities. Supports CI/CD integration with threshold-based pass/fail and competitor benchmarking to compare your accessibility against others.

Gabriel Antony Xaviour

7-Zip Recursive Archive Extractor: Enterprise-Grade Automation

roach-sama/universal-archive-extractor

High-performance 7-Zip extractor supporting 30+ formats (ZIP, RAR, 7Z, TAR, ISO, GZIP, BZIP2, XZ, CAB & more). Features recursive nested archive extraction, CRC-based incremental updates to skip unchanged files, security filtering, and dual KV Store + Dataset output. Saves up to 90% compute costs.

Adrian Nicolae

5.0

(7)

GetYourGuide

vanderleicatanzaro/getyourguide

Scrape GetYourGuide tours & activities worldwide! 🌍 Support for 22 languages, 40 currencies, automatic affiliate link generation. Extract prices, ratings, reviews, photos & descriptions. Perfect for travel sites, agencies & affiliate marketers. Fast & reliable!

Vanderlei Catanzaro

Website Security & Vulnerability Audit

smart-digital/website-security-vulnerability-audit

Automated security and vulnerability audit for websites. Detects WordPress plugin vulnerabilities, checks for updates, analyzes SSL/TLS, security headers, and CMS security

My Smart Digital

5.0

(1)

Content-Type Header Validator

scrappy_garden/content-type-header-validator

Fetches URLs and validates the Content-Type header (MIME type + optional charset). Flags missing/mismatched types and recommends X-Content-Type-Options: nosniff. Outputs per-URL results plus SUMMARY and REPORT.

Bikram Adhikari

Bug Bounty Recon Scanner

iamuendo/Bug-Bounty-Recon-Scanner

Find exposed admin panels, missing/weak security headers, sensitive file leaks, and HTTPS misconfigurations across target domains. Export prioritised risk scores and JSON reports. Run via API, schedule scans, or integrate with bug bounty tools.

Isaac Muendo

Website Tech Stack Detector

benthepythondev/website-tech-detector

Detect technologies, frameworks, CMS, analytics, hosting, and more used by any website. Perfect for competitive analysis, sales intelligence, and tech research.

ben

AI Technical SEO MCP Server

alizarin_refrigerator-owner/ai-technical-seo-mcp-server

AI-ready technical SEO auditing with 7 specialized tools. Check robots.txt, llms.txt, generate sitemaps, run Lighthouse & GTmetrix audits, test rich results, and perform comprehensive technical SEO audits - all through a unified MCP interface.