IPOK.CC
Home
Tools
Docs
Auto
▼
English
▼
Security
Idle
Back
Security
Review HTTP security headers and related signals to reduce browser attack surface.
Run
Clear
Export
Notes
Missing headers can enable clickjacking, MIME sniffing, or downgrade risks.
Use CSP to restrict script sources and reduce XSS impact; validate after changes.
HSTS requires HTTPS on all subdomains; set carefully to avoid lockouts.
Learn More
HTTP Headers
No result
No data collected yet: security
FAQ
Which headers matter most?
CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy.
Do security headers affect performance?
Usually minimal, but overly strict rules can break assets or embeds.
Quick links
Home
Network Overview
DNS Integrity Check
TLS/HTTP3 Details
IP Type Detection
WebRTC
Security
Privacy
Consistency
User Agent
Graphics
Environment
System
Performance
Features
Media
Security | IPOK