What are HTTP response headers?

HTTP response headers are metadata sent by a web server along with the response body. They contain information about caching, content type, security policies, server software, and more. They are invisible to regular users but critical for web security and performance.

What security headers should every website have?

Essential security headers include: Strict-Transport-Security (HSTS), Content-Security-Policy (CSP), X-Content-Type-Options, X-Frame-Options, Referrer-Policy, and Permissions-Policy. These headers protect against XSS, clickjacking, and other attacks.

How is the security grade calculated?

The grade is based on the presence and configuration of key security headers. Each header contributes points: HSTS, CSP, X-Content-Type-Options, X-Frame-Options, Referrer-Policy, and Permissions-Policy. Grade A requires all headers present.

🔎 HTTP Header Checker

NetTool

Analyze HTTP response headers and security configuration.

Check URL

Paste Headers

⚠️ CORS Note: Due to browser security restrictions, only headers exposed by the server via Access-Control-Expose-Headers can be read client-side. For complete header analysis, paste headers from browser DevTools or curl.

Paste raw HTTP headers (one per line, format: Header-Name: value)

Understanding Security Headers

🔒Strict-Transport-Security (HSTS)Forces HTTPS connections

🛡️Content-Security-Policy (CSP)Controls resource loading

📋X-Content-Type-OptionsPrevents MIME sniffing

🖼️X-Frame-OptionsPrevents clickjacking

👁️Referrer-PolicyControls referrer information

⚙️Permissions-PolicyControls browser features

FAQ

Why differ from other tools?

Different tools query different servers or use different methods. We show raw responses.

What protocols are checked?

Depends on the tool — DNS, HTTP, HTTPS, WHOIS, and other standard protocols.

Is my query logged?

No. Queries processed in real time and not stored.

How often should I check?

After DNS changes, wait 24-48h for propagation then verify. Monitor weekly for changes.

What Is My Browser Microphone Test Website Technology Checker File Type Checker

Rate this tool

☆ ☆ ☆ ☆ ☆

Found a bug? Let us know

🔎 HTTP Header Checker

Understanding Security Headers

FAQ

Related Tools