HTTP Headers

Headers your browser sent with this request.

accept */*
accept-encoding gzip, br
cf-connecting-ip 216.73.216.209
cf-connecting-o2o 1
cf-ipcountry US
cf-ray 9dd6c1c91b012877-CMH
cf-visitor {"scheme":"https"}
connection Keep-Alive
host iprobe.net
user-agent Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])
x-forwarded-for 216.73.216.209
x-forwarded-proto https
x-real-ip 216.73.216.209

Security Headers

⚠️
HSTS
Not set — consider adding
⚠️
CSP
Not set — consider adding
⚠️
X-Frame-Options
Not set — consider adding
⚠️
X-Content-Type-Options
Not set — consider adding
⚠️
Referrer-Policy
Not set — consider adding
⚠️
Permissions-Policy
Not set — consider adding

Understanding HTTP Headers

Every time your browser requests a web page, it sends request headers — metadata about your browser, preferred languages, accepted formats, and more. The server responds with response headers that control caching, security, and content delivery.

Security headers are especially important. They protect against common attacks:

  • HSTS forces HTTPS, preventing downgrade attacks
  • CSP (Content Security Policy) blocks XSS and injection attacks
  • X-Frame-Options prevents your site from being embedded in malicious iframes
  • Referrer-Policy controls how much URL information is shared with other sites

This tool shows the headers your browser sent to iprobe.net. To check a different website's response headers, use browser DevTools (F12 → Network tab).

FAQ

What are HTTP headers?

HTTP headers are metadata sent with every web request. They contain information about your browser, accepted formats, cookies, and more. Servers also send response headers that control caching, security, and content delivery.

What are security headers?

Security headers like HSTS, CSP, and X-Frame-Options protect against common web attacks. They're set by the server and tell your browser how to handle the response securely.