HTTP Header Analyzer
Analyze HTTP response headers for security gaps. Audits HSTS, CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy, and CORS — paste a URL or raw headers.
Last updated:
How to Use HTTP Header Analyzer
- 1Paste HTTP response headers into the textarea (one header per line in "Name: Value" format).
- 2View the parsed headers in a structured table.
- 3Check the Security Audit section for missing or weak security headers.
- 4Review the color-coded results: green (present), red (missing), yellow (weak).
Frequently Asked Questions
What security headers does it check?
Strict-Transport-Security (HSTS), Content-Security-Policy (CSP), X-Content-Type-Options, X-Frame-Options, Referrer-Policy, and Permissions-Policy. Each is evaluated with specific recommendations.
How do I get my response headers?
Open your browser DevTools (F12), go to the Network tab, click a request, and look at the Response Headers section. Copy and paste them into this tool. You can also use "curl -I https://example.com" from the command line.
Is my data sent to a server?
No. All header parsing and analysis happens entirely in your browser. Your headers never leave your device.
Related Tools
Word Counter
Count words, characters, sentences, and paragraphs as you type. Instantly estimates reading time — handy for essays, blog posts, and SEO-friendly snippets.
IP Subnet Calculator
Calculate IPv4 subnets, split networks into subnets, plan address space with visual binary breakdown and exportable subnet plans.
DNS Lookup
Look up DNS records for any domain. Query A, AAAA, MX, TXT, NS, and CNAME records using DNS-over-HTTPS.
Chmod Calculator
Visual file permission calculator. Convert between symbolic (rwxr-xr-x) and octal (755) notation, toggle setuid/setgid/sticky bits, and copy the chmod command.