netpulse.fyi
LIVE
🌐 Network
πŸ“‘Ping ToolπŸ”ŒPort CheckerπŸ”„Reverse DNSπŸ—ΊοΈIP LookupπŸ”Site Status
πŸ” DNS
πŸ”ŽDNS Lookup🌍DNS PropagationπŸ“§MX Records
πŸ“§ Email Auth
πŸ›‘οΈSPF CheckerπŸ”‘DKIM CheckerπŸ“‹DMARC Checker
πŸ”’ Security
πŸ”SSL CertificateπŸ“„HTTP HeadersπŸ“WHOIS Lookup
βœ‰οΈ support@netpulse.fyi
πŸ“„

HTTP Headers Inspector

Fetch and display HTTP response headers for any URL. Calculates a security score based on the presence of recommended security headers.

URL

What are HTTP headers?

HTTP headers are key-value pairs sent at the beginning of every HTTP request and response. Response headers tell the browser what type the content is, how long to cache it, what security policies apply, and which server sent it. Essential for developers and security researchers.

Security headers explained

The security score is based on six key headers. Content-Security-Policy prevents XSS attacks. Strict-Transport-Security forces HTTPS. X-Frame-Options prevents clickjacking. X-Content-Type-Options prevents MIME sniffing. Referrer-Policy controls the Referer header. Permissions-Policy controls access to browser features.

Common headers and their meaning

Server reveals web server software. Cache-Control defines caching behaviour. CF-Ray identifies a Cloudflare edge node. X-Powered-By reveals backend technology (often removed for security). Via shows proxy servers in the request path. Content-Type specifies the MIME type and character encoding.

Improving your security score

Adding security headers is typically a web server or CDN configuration change. On nginx, add headers in the server block. On Apache, use mod_headers. On Cloudflare, use Transform Rules. Start with HSTS and X-Content-Type-Options as they have minimal compatibility risk, then add CSP once tuned for your site.