Analyze HTTP security headers to identify vulnerabilities and security misconfigurations. Perfect for web security audits, penetration testing, and compliance checks.
Enter URL to Analyze
Paste Raw Headers
Analysis Results
Analyzing headers...
Enter a URL or paste headers to begin analysis...
Security Headers Analyzed:
Content Security Policy (CSP)
Prevents XSS attacks by controlling resource loading
HTTP Strict Transport Security (HSTS)
Forces HTTPS connections and prevents downgrade attacks
X-Frame-Options
Prevents clickjacking attacks by controlling framing
X-Content-Type-Options
Prevents MIME type sniffing vulnerabilities
Referrer-Policy
Controls how much referrer information is sent
Permissions-Policy
Controls which browser features can be used
Perfect for:
- Web security audits and penetration testing
- Compliance checks (OWASP, PCI DSS, etc.)
- Bug bounty reconnaissance and analysis
- Security header implementation validation
- Identifying missing or misconfigured headers
- Comparing security posture across domains