Free Security Headers Checker
Get an A-F grade on your site's HTTP security headers, including CSP, HSTS, and cross-origin isolation policies.
Frequently asked
Which headers do you check?
Content-Security-Policy, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, COOP, and COEP.
How is the grade computed?
Each header carries a weight based on impact. Present headers earn their weight; the total is normalized to 0-100 and mapped to A through F.
Run a full security scan →