← All tools
Free security tool
Check missing and misconfigured security headers
Scan for HSTS, X-Frame-Options, CSP, Referrer-Policy, Permissions-Policy, and other browser hardening headers.
Run the full scan
Get this check plus the complete WebSentry security report for the URL.
What it checks
Strict-Transport-Security
Content-Security-Policy
X-Frame-Options
Referrer-Policy
Permissions-Policy
Why it matters
Security headers tell browsers how to protect visitors from clickjacking, insecure transport, data leakage, and unsafe resource loading.
Common fixes
Add HSTS with a long max-age
Use CSP or frame-ancestors to control embedding
Set a strict referrer policy
Turn one check into ongoing protection.
Create an account to save scan history, export reports, and monitor sites for security grade drops.