Free Tools
Audit a site's privacy and security headers.
Check Content-Security-Policy, Referrer-Policy, Permissions-Policy, HSTS and more. Get a graded report on how a site protects its visitors.
Security~2 secondsNo sign-up required
About this tool
We fetch your URL and inspect the response headers that matter for privacy and security: Content-Security-Policy, Strict-Transport-Security, Referrer-Policy, Permissions-Policy, X-Frame-Options, X-Content-Type-Options and Cross-Origin-Opener-Policy.
Each header is graded A–F using current OWASP and web.dev guidance. The overall score is the average across all seven checks.
