# Security headers
>Web
>Points - 100
>Can you please check the security-relevant HTTP response headers on www.senork.de. Do they reflect current best practices?
---
One of the easier web challenges. Simply take a look at the response headers the web server sends you when you request the page.
Here you'll find one interesting one: `Flag-Policy`. The value is the flag: `syskronCTF{y0u-f0und-a-header-flag}`