HTTP
HTTP Headers Inspector
Paste headers to parse, filter, and spot common security/caching issues. Local only.
Local only Paste & parse
Paste headers
Accepts a raw header block, or a full line like Content-Security-Policy: ....
Parsed output
Filter by name or value.
Headers: 0 Showing: 0
Headers
Paste headers to see a parsed list here.
Common paste sources
- Browser DevTools → Network → Headers
- curl -I https://example.com
- Server logs (sanitize secrets)
Security headers
- Content-Security-Policy (CSP)
- Strict-Transport-Security (HSTS)
- X-Content-Type-Options
- Referrer-Policy
Caching & CORS hints
- Cache-Control, ETag, Vary
- Access-Control-Allow-Origin, Access-Control-Allow-Credentials
- Avoid sharing tokens/cookies in pasted headers