Network Tools
Find clear answers to common questions about HSTS Checker, including usage, output, and common issues.
Use this HSTS checker to verify whether a domain returns the Strict-Transport-Security header and inspect key values such as max-age, includeSubDomains, and preload. It is useful for HTTPS hardening, security reviews, deployment checks, and header validation.
HSTS Checker is useful for quick network checks, validation, and troubleshooting when you want a simple browser-based result.
HSTS stands for HTTP Strict Transport Security. It tells browsers to use HTTPS for future requests to the site.
It checks whether the Strict-Transport-Security header is present and reads important directives such as max-age, includeSubDomains, and preload.
Enter a domain or hostname like example.com.
It helps reduce downgrade and insecure transport risks by forcing browsers to prefer HTTPS.
It means the HSTS policy also applies to subdomains, not just the main hostname.
It signals that the domain may be intended for browser preload lists, though preload status itself is a separate process.
HSTS Checker is useful for quick network checks, validation, and troubleshooting when you want a simple browser-based result.
Start by checking the input format, removing accidental spaces or unsupported characters, and comparing your input against the example pattern on the page.
Fix: Enter only the domain or hostname, such as example.com.
Fix: Retry with the canonical HTTPS domain and confirm the site is reachable.
Fix: Check the final secure hostname that serves the HTTPS response.
Fix: Review max-age, includeSubDomains, and preload separately in the output.
If you want to see realistic input and output patterns, open the examples page. If you want step-by-step usage guidance, open the guide page.
Open the main HSTS Checker page to test your own input and generate a live result.