📨 HTTP Header Analyzer

Analyze HTTP response headers from any URL. Check security headers, caching policies, CORS settings, and server information.

What are HTTP Security Headers?

HTTP security headers are directives sent by a web server in its response to instruct the browser on how to handle the page content. They help protect against common web vulnerabilities such as cross-site scripting (XSS), clickjacking, and data injection attacks.

Key Security Headers

Header Description
Strict-Transport-SecurityForces HTTPS connections, preventing protocol downgrade attacks
Content-Security-PolicyControls which resources the browser is allowed to load
X-Frame-OptionsPrevents the page from being embedded in iframes (clickjacking protection)
X-Content-Type-OptionsPrevents MIME-type sniffing, reducing drive-by download attacks
Referrer-PolicyControls how much referrer information is sent with requests
Permissions-PolicyRestricts which browser features the page can use (camera, microphone, etc.)