HTTP Security Headers Analyzer

HTTP Security Headers Analyzer

HTTP Security Headers Analyzer

Evaluate the security posture of your website's HTTP response headers.

Note: CORS policies may block some direct browser requests. If fetch fails, use "Paste Raw Headers".
Paste headers from Chrome DevTools (Network Tab > Headers) or curl -I output.
?
Security Score

Analysis Configuration

Customize which headers impact your score.

Strict Transport Security (HSTS)
Content Security Policy (CSP)
X-Frame-Options
X-Content-Type-Options
Referrer-Policy
Permissions-Policy
Scroll to Top