No retrieval yet.
View Security Headers
From March 18, 2025 - redirect safe conditionally - defense-in-depth with "always" option - analyze server headers - issues on GitHub - janwillemstegink.nl
CategoryHeaderIPv4 without wwwIPv6 without wwwIPv4 with wwwIPv6 with www
Portport 80
Client URLhttp:// curl (error)
Generalhttp:// HTTP code
Generalhttp:// rewritten URL
Generalhttp:// effective URL
Generalhttp:// HTTP protocol
Generalhttp:// server
Portport 443
Client URLhttps:// curl (error)
Generalhttps:// HTTP code
Generalhttps:// effective URL
Generalhttps:// HTTP protocol
Generalhttps:// server
Generaldate
Generalcontent type
Server Disclosure HeadersX-Powered-By - header
Server Disclosure HeadersX-Powered-By - body
Strict Transport & Connection SecurityHTTP Public-Key-Pinning (HPKP) - obsolete
Strict Transport & Connection SecurityHTTP Strict-Transport-Security (HSTS)
Content Restrictions & Injection ProtectionContent-Security-Policy (CSP)
Content Restrictions & Injection ProtectionX-Content-Type-Options
Content Restrictions & Injection ProtectionX-XSS-Protection - deprecated but used
Cross-Origin & Embedding SecurityX-Frame-Options
Cross-Origin & Embedding SecurityCross-Origin-Embedder-Policy (COEP)
Cross-Origin & Embedding SecurityCross-Origin-Opener-Policy (COOP)
Cross-Origin & Embedding SecurityCross-Origin-Resource-Policy (CORP)
Cross-Origin & Embedding SecurityCross-Origin-Embedder-Policy-Report-Only
Cross-Origin & Embedding SecurityCross-Origin-Opener-Policy-Report-Only
Cross-Origin & Embedding SecurityCross-Origin-Resource-Policy-Report-Only
Feature & Permissions ControlFeature-Policy - not for use anymore
Feature & Permissions ControlPermissions-Policy
Referrer & Privacy ControlReferrer-Policy
Certificate & Caching SecurityExpect-CT (Certificate Transparency) - old
Certificate & Caching SecurityCache-Control
Certificate & Caching SecurityPragma