HTTP Headers

Enter any URL and the tool fetches all HTTP response headers from that website. It analyzes security headers and shows which ones are properly configured, missing, or need attention.

The tool checks: Strict-Transport-Security (HSTS), Content-Security-Policy (CSP), X-Frame-Options, X-Content-Type-Options, X-XSS-Protection, Referrer-Policy, and Permissions-Policy. Each header gets a status: good, warning, or missing.

Yes, results are cached for 5 minutes to reduce server load. If you check the same domain again within 5 minutes, you'll see cached results instantly.