HTTP Header Analyzer
Analyze HTTP response headers for security issues. Checks HSTS, CSP, X-Frame-Options, and more.
Last updated:
How to Use HTTP Header Analyzer
- 1Paste HTTP response headers into the textarea (one header per line in "Name: Value" format).
- 2View the parsed headers in a structured table.
- 3Check the Security Audit section for missing or weak security headers.
- 4Review the color-coded results: green (present), red (missing), yellow (weak).
Frequently Asked Questions
What security headers does it check?
Strict-Transport-Security (HSTS), Content-Security-Policy (CSP), X-Content-Type-Options, X-Frame-Options, Referrer-Policy, and Permissions-Policy. Each is evaluated with specific recommendations.
How do I get my response headers?
Open your browser DevTools (F12), go to the Network tab, click a request, and look at the Response Headers section. Copy and paste them into this tool. You can also use "curl -I https://example.com" from the command line.
Is my data sent to a server?
No. All header parsing and analysis happens entirely in your browser. Your headers never leave your device.
Related Tools
Word Counter
Count words, characters, sentences, and paragraphs online. Estimate reading time.
IP Subnet Calculator
Calculate IPv4 subnets, split networks into subnets, plan address space with visual binary breakdown and exportable subnet plans.
DNS Lookup
Look up DNS records for any domain. Query A, AAAA, MX, TXT, NS, and CNAME records using DNS-over-HTTPS.
SSL Certificate Checker
Check SSL/TLS certificate details for any domain. View expiry date, issuer, and security status.