Home About Features Results Analytics Sign Up
Security Headers Scanner

Analyze Your Website's
Security Headers

Instantly scan and validate Content Security Policy (CSP) headers. Identify vulnerabilities and strengthen your web application's defense.

Real-time analysis
No registration required

Comprehensive Security Analysis

Deep inspection of your security headers and policies

CSP Validation

Comprehensive Content Security Policy analysis with directive-by-directive validation

XSS Protection

Detect potential cross-site scripting vulnerabilities and unsafe inline scripts

Security Headers

Check for X-Frame-Options, HSTS, and other critical security headers

Detailed Security Reports

Get actionable insights and recommendations

Security Analysis Results
Content-Security-Policy detected
default-src 'self'; script-src 'self' 'nonce-...'
Unsafe-inline detected in style-src
Consider using nonces or hashes instead
Missing X-Frame-Options header
Add X-Frame-Options: DENY to prevent clickjacking