Analyze HTTP response headers and security score for any URL. Check HSTS, CSP, X-Frame-Options, and more.
HTTP security headers are response headers that help protect websites against common attacks like cross-site scripting (XSS), clickjacking, and data injection. Key security headers include Strict-Transport-Security (HSTS), Content-Security-Policy (CSP), X-Frame-Options, X-Content-Type-Options, and Referrer-Policy. Properly configured headers significantly improve your site's security posture.
Check headers programmatically: