Limitation: Due to browser security, this tool can only fetch response headers for the current page's URL or resources explicitly allowing cross-origin requests (CORS). It cannot fetch headers for arbitrary external websites.