diff --git a/src/controllers/01-branch-controller.ts b/src/controllers/01-branch-controller.ts
index e333f6b..9742ebb 100644
--- a/src/controllers/01-branch-controller.ts
+++ b/src/controllers/01-branch-controller.ts
@@ -12,13 +12,22 @@ import {
   Route,
   Security,
   Tags,
+  Head,
 } from "tsoa";
 
 import prisma from "../db";
 import HttpError from "../interfaces/http-error";
 import HttpStatus from "../interfaces/http-status";
 import { RequestWithUser } from "../interfaces/user";
-import { deleteFile, deleteFolder, fileLocation, getFile, listFile, setFile } from "../utils/minio";
+import {
+  deleteFile,
+  deleteFolder,
+  fileLocation,
+  getFile,
+  getPresigned,
+  listFile,
+  setFile,
+} from "../utils/minio";
 import {
   branchRelationPermInclude,
   createPermCheck,
@@ -608,6 +617,11 @@ export class BranchFileController extends Controller {
     return req.res?.redirect(await getFile(fileLocation.branch.img(branchId, name)));
   }
 
+  @Head("image/{name}")
+  async headImage(@Request() req: RequestWithUser, @Path() branchId: string, @Path() name: string) {
+    return req.res?.redirect(await getPresigned("head", fileLocation.branch.img(branchId, name)));
+  }
+
   @Put("image/{name}")
   @Security("keycloak")
   async putImage(@Request() req: RequestWithUser, @Path() branchId: string, @Path() name: string) {
diff --git a/src/controllers/03-customer-branch-controller.ts b/src/controllers/03-customer-branch-controller.ts
index 0fb729d..ef883c1 100644
--- a/src/controllers/03-customer-branch-controller.ts
+++ b/src/controllers/03-customer-branch-controller.ts
@@ -4,6 +4,7 @@ import {
   Controller,
   Delete,
   Get,
+  Head,
   Path,
   Post,
   Put,
@@ -25,7 +26,15 @@ import {
 import { filterStatus } from "../services/prisma";
 import { connectOrDisconnect, connectOrNot, whereAddressQuery } from "../utils/relation";
 import { isUsedError, notFoundError, relationError } from "../utils/error";
-import { deleteFile, deleteFolder, fileLocation, getFile, listFile, setFile } from "../utils/minio";
+import {
+  deleteFile,
+  deleteFolder,
+  fileLocation,
+  getFile,
+  getPresigned,
+  listFile,
+  setFile,
+} from "../utils/minio";
 
 const MANAGE_ROLES = [
   "system",
@@ -556,6 +565,13 @@ export class CustomerBranchFileController extends Controller {
     return await getFile(fileLocation.customerBranch.attachment(branchId, name));
   }
 
+  @Head("attachment/{name}")
+  @Security("keycloak")
+  @Tags("Customer Branch")
+  async headAttachment(@Path() branchId: string, @Path() name: string) {
+    return await getPresigned("head", fileLocation.customerBranch.attachment(branchId, name));
+  }
+
   @Put("attachment/{name}")
   @Security("keycloak")
   @Tags("Customer Branch")
diff --git a/src/controllers/03-employee-controller.ts b/src/controllers/03-employee-controller.ts
index 32e6c22..443b09b 100644
--- a/src/controllers/03-employee-controller.ts
+++ b/src/controllers/03-employee-controller.ts
@@ -4,6 +4,7 @@ import {
   Controller,
   Delete,
   Get,
+  Head,
   Path,
   Post,
   Put,
@@ -26,7 +27,15 @@ import {
 } from "../services/permission";
 import { connectOrDisconnect, connectOrNot, whereAddressQuery } from "../utils/relation";
 import { isUsedError, notFoundError, relationError } from "../utils/error";
-import { deleteFile, deleteFolder, fileLocation, getFile, listFile, setFile } from "../utils/minio";
+import {
+  deleteFile,
+  deleteFolder,
+  fileLocation,
+  getFile,
+  getPresigned,
+  listFile,
+  setFile,
+} from "../utils/minio";
 
 if (!process.env.MINIO_BUCKET) {
   throw Error("Require MinIO bucket.");
@@ -584,6 +593,18 @@ export class EmployeeFileController extends Controller {
     return req.res?.redirect(await getFile(fileLocation.employee.img(employeeId, name)));
   }
 
+  @Head("image/{name}")
+  @Tags("Employee")
+  async headImage(
+    @Request() req: RequestWithUser,
+    @Path() employeeId: string,
+    @Path() name: string,
+  ) {
+    return req.res?.redirect(
+      await getPresigned("head", fileLocation.employee.img(employeeId, name)),
+    );
+  }
+
   @Put("image/{name}")
   @Security("keycloak")
   @Tags("Employee")
@@ -626,6 +647,13 @@ export class EmployeeFileController extends Controller {
     return await getFile(fileLocation.employee.attachment(employeeId, name));
   }
 
+  @Head("attachment/{name}")
+  @Security("keycloak")
+  @Tags("Employee")
+  async headAttachment(@Path() employeeId: string, @Path() name: string) {
+    return await getPresigned("head", fileLocation.employee.attachment(employeeId, name));
+  }
+
   @Put("attachment/{name}")
   @Security("keycloak")
   @Tags("Employee")
@@ -665,6 +693,13 @@ export class EmployeeFileController extends Controller {
     return await getFile(fileLocation.employee.passport(employeeId, passportId));
   }
 
+  @Head("file-passport/{passportId}")
+  @Security("keycloak")
+  @Tags("Employee Passport")
+  async headPassport(@Path() employeeId: string, @Path() passportId: string) {
+    return await getPresigned("head", fileLocation.employee.passport(employeeId, passportId));
+  }
+
   @Put("file-passport/{passportId}")
   @Security("keycloak")
   @Tags("Employee Passport")
@@ -704,6 +739,13 @@ export class EmployeeFileController extends Controller {
     return await getFile(fileLocation.employee.visa(employeeId, visaId));
   }
 
+  @Head("file-visa/{visaId}")
+  @Security("keycloak")
+  @Tags("Employee Visa")
+  async headVisa(@Path() employeeId: string, @Path() visaId: string) {
+    return await getPresigned("head", fileLocation.employee.visa(employeeId, visaId));
+  }
+
   @Put("file-visa/{visaId}")
   @Security("keycloak")
   @Tags("Employee Visa")
@@ -748,6 +790,18 @@ export class EmployeeFileController extends Controller {
     return await getFile(fileLocation.employee.inCountryNotice(employeeId, noticeId));
   }
 
+  @Head("file-in-country-notice/{noticeId}")
+  @Security("keycloak")
+  @Tags("Employee In Country Notice")
+  async headNotice(
+    @Request() req: RequestWithUser,
+    @Path() employeeId: string,
+    @Path() noticeId: string,
+  ) {
+    await this.checkPermission(req.user, employeeId);
+    return await getPresigned("head", fileLocation.employee.inCountryNotice(employeeId, noticeId));
+  }
+
   @Put("file-in-country-notice/{noticeId}")
   @Security("keycloak")
   @Tags("Employee In Country Notice")
diff --git a/src/controllers/04-service-controller.ts b/src/controllers/04-service-controller.ts
index 4147832..c8b5b90 100644
--- a/src/controllers/04-service-controller.ts
+++ b/src/controllers/04-service-controller.ts
@@ -11,6 +11,7 @@ import {
   Route,
   Security,
   Tags,
+  Head,
 } from "tsoa";
 import { Prisma, Status } from "@prisma/client";
 
@@ -26,7 +27,7 @@ import {
 } from "../services/permission";
 import { filterStatus } from "../services/prisma";
 import { isUsedError, notFoundError, relationError } from "../utils/error";
-import { deleteFile, fileLocation, getFile, listFile, setFile } from "../utils/minio";
+import { deleteFile, fileLocation, getFile, getPresigned, listFile, setFile } from "../utils/minio";
 
 const MANAGE_ROLES = [
   "system",
@@ -465,6 +466,15 @@ export class ServiceFileController extends Controller {
     return req.res?.redirect(await getFile(fileLocation.service.img(serviceId, name)));
   }
 
+  @Head("image/{name}")
+  async headImage(
+    @Request() req: RequestWithUser,
+    @Path() serviceId: string,
+    @Path() name: string,
+  ) {
+    return req.res?.redirect(await getPresigned("head", fileLocation.service.img(serviceId, name)));
+  }
+
   @Put("image/{name}")
   @Security("keycloak")
   async putImage(@Request() req: RequestWithUser, @Path() serviceId: string, @Path() name: string) {