Origin

Anatoly Oshmanovsky

HTTP Headers Advanced Health Score PageSpeed Security SEO Audit Redirect Chain Broken Links HTTP/2 & HTTP/3 HAR Analyzer HTTP Status Code Checker HTTP Compare

DNS DNS Propagation MX Lookup WHOIS Subdomains Reverse IP CMS Detector Tech Stack Detector Screenshot

Ping Traceroute IP ASN Lookup Online Port Scanner API Latency

SSL CSP CORS Cookie Mixed Content Malware Spam Lists IP Abuse Check RKN Check

Email Deliverability Email Headers SMTP Relay Test DKIM Generator

Schema Checker OG Preview Keywords Robots.txt Site Comparison AI Readiness llms.txt Carbon

Formatter JWT Decoder Cron Tester TTL Calculator IP/CIDR Calculator Uptime / SLA Calculator Downtime Cost Batch Heartbeat

All Tools → Articles Contact Help

Pricing RU Sign In

Site Analysis

(12)

HTTP Headers Advanced Health Score PageSpeed Security SEO Audit Redirect Chain Broken Links HTTP/2 & HTTP/3 HAR Analyzer HTTP Status Code Checker HTTP Compare

Domain & DNS

(9)

DNS DNS Propagation MX Lookup WHOIS Subdomains Reverse IP CMS Detector Tech Stack Detector Screenshot

Network

(6)

Ping Traceroute IP ASN Lookup Online Port Scanner API Latency

Security

(9)

SSL CSP CORS Cookie Mixed Content Malware Spam Lists IP Abuse Check RKN Check

(4)

Email Deliverability Email Headers SMTP Relay Test DKIM Generator

SEO & AI

(8)

Schema Checker OG Preview Keywords Robots.txt Site Comparison AI Readiness llms.txt Carbon

Utilities

(9)

Formatter JWT Decoder Cron Tester TTL Calculator IP/CIDR Calculator Uptime / SLA Calculator Downtime Cost Batch Heartbeat

Information

(8)

API Documentation Articles Pricing Help Contact Sign In Sign Up

Home / HTTP Headers / Origin

← All HTTP Headers

Request

Indicates the origin (scheme, host, port) from which a cross-origin request is made.

Syntax

Origin: <scheme>://<hostname>:<port>

Example

Origin: https://enterno.io

Description

The Origin header is sent with cross-origin requests (and same-origin POST requests). It tells the server where the request originated, allowing the server to decide whether to grant access via CORS.

Unlike Referer, Origin does not include the path. It is automatically set by the browser and cannot be overridden by JavaScript.

Check if your website sends this header correctly

Check your headers →

Expired SSL Certificate: How to Fix NET::ERR_CERT_DATE_INVALID

Expired SSL certificate? Learn how to quickly diagnose and fix NET::ERR_CERT_DATE_INVALID, renew the certificate, and set up monitoring to prevent it.

Subresource Integrity (SRI): Protecting CDN Scripts

Subresource Integrity (SRI) — integrity attribute for <script> and <link>. CDN compromise protection, hash generation, CSP require-sri-for.

Cookie Security: HttpOnly, Secure, SameSite, __Host-

Cookie security flags: HttpOnly, Secure, SameSite (Strict/Lax/None), __Host- prefix, Max-Age vs Expires. PHP, Express, nginx examples.

Related Headers

Accept

Specifies the media types the client can process in the response.

Accept-Encoding

Indicates which content encodings the client can understand.

Accept-Language

Advertises the natural languages the client prefers in the response.

Authorization

Carries credentials to authenticate the client with the server.

Cookie

Sends previously stored cookies from the server back with each request.

Host

Specifies the domain name and port of the server being requested.

Related guides

Longer-form reading on this topic from the knowledge base.

→ How to Debug nginx Errors — 2026
→ LRU Cache — Least Recently Used
→ RAG (Retrieval-Augmented Generation)

Automate this check

Set up continuous monitoring and get an alert when something breaks. No manual runs to remember.

Start free

HTTP

Start monitoring for free

Create Account API Documentation

Weekly KB digest 10+ new pages a week — SSL errors, ports, glossary, how-tos. No spam.

Website

enterno.io

Website monitoring and analysis tools

SITE AUDIT HTTP Headers Advanced Health Score PageSpeed Security SEO Audit Redirect Chain Broken Links HTTP/2 & HTTP/3 HAR Analyzer HTTP Status Code Checker HTTP Compare

DNS & DOMAIN DNS Lookup DNS Propagation MX Lookup WHOIS Subdomains Reverse IP CMS Detector Tech Stack Detector Screenshot NETWORK & IP Ping Traceroute IP Geolocation ASN Lookup Online Port Scanner API Latency

SECURITY SSL Check CSP CORS Cookie Mixed Content Malware Spam Lists IP Abuse Check RKN Check EMAIL Email Deliverability Email Headers SMTP Relay Test DKIM Generator

SEO & AI Schema Checker OG Preview Keywords Robots.txt Compare Sites AI Readiness llms.txt Carbon DEV TOOLS Formatter JWT Decoder Cron Tester TTL Calculator IP/CIDR Calculator Uptime / SLA Calculator Downtime Cost Batch Heartbeat

ABOUT About us All Tools Pricing API Documentation MCP Server (Claude Desktop) Articles Help Comparisons Referral Program Contact HTTP Headers Reference HTTP Status Codes SSL Errors TCP/UDP Ports Glossary How-to Guides Research Alternatives

4 883 checks total · 29 active monitors · 18 verified users

PHP 8.4 · Hosted on Selectel

Origin

Syntax

Example

Description

Related Articles

Related Headers

Related guides

Automate this check

Related Articles

Server-Sent Events vs WebSockets: Choosing Real-Time Communication

HTTP 404 Not Found Error: 7 Causes and How to Fix

The Complete HTTP Request Lifecycle: From URL to Rendered Page

Start monitoring for free