HSTS Checker - Rocketeers app

  [ Rocketeers ](/)   

[Login](https://rocketeersapp.com/login) 

 Tool HSTS checker  

  No tools match “”

 Free tool HSTS checker
============

 Check whether a site enforces HTTPS with a Strict-Transport-Security header — and whether its policy is strong enough for the browser preload list.

 URL to check Check Checking…

Try:  

 Result for  
-------------

 Strict-Transport-Security header

 ``

  max-age

includeSubDomains

preload-ready

What is HSTS?
-------------

**HTTP Strict Transport Security** is a response header (Strict-Transport-Security) that tells browsers to only ever connect to a site over HTTPS. Once seen, the browser refuses plain-HTTP connections for the duration of max-age, closing the window for downgrade and cookie-hijacking attacks.

 Add includeSubDomains to cover every subdomain, and preload with a year-long max-age to qualify for the browser [preload list](https://hstspreload.org/), which enforces HTTPS even on a visitor's very first request.