HTTPS enforcement diagnostics
HSTS Status Checker
Inspect whether a domain enforces HTTP Strict Transport Security and how modern browsers treat HTTPS enforcement and downgrade protection.
HSTS tells browsers to never connect over HTTP and prevents downgrade attacks, cookie leakage, and accidental insecure access.
Once enabled, HSTS can persist in browsers for months or years, making correct SSL configuration critical.
About this tool
This HSTS checker inspects live HTTPS responses and parses the
Strict-Transport-Security header. No traffic is altered,
intercepted, or stored.
Results reflect how modern browsers interpret the domain at the time of inspection.
Free • No account • No data stored
HSTS summary
HSTS status
Browser behaviour
Raw response header
Learn more about HSTS
Clear answers and technical details about HSTS behaviour, preload lists, and browser enforcement.