HTTP Security Headers API

Paid x402 API for AI agents that audits HTTP security headers, HSTS, Content-Security-Policy, X-Frame-Options, Referrer-Policy, Permissions-Policy and web security scan findings for a public URL.

Request

Method: POST
URL: https://api.x402dataapi.com/v1/http-security
Price: 0.002 USDC

Input Schema

{
  "type": "object",
  "properties": {
    "url": {
      "type": "string",
      "format": "uri",
      "description": "Public http or https URL to inspect"
    }
  },
  "required": [
    "url"
  ]
}

Input Example

{
  "url": "https://example.com"
}

Response Example

{
  "url": "https://example.com",
  "status": 200,
  "score": 80,
  "missing": []
}

Errors

PAYMENT_REQUIREDNo valid x402 payment signature was provided.

INVALID_PAYMENTThe signature was malformed, expired, replayed or does not match the endpoint price/resource.

VALIDATION_ERRORThe JSON input does not match the documented schema.

SSRF_PRIVATE_HOSTThe target resolves to a private or blocked address.

curl without payment

curl -X POST https://api.x402dataapi.com/v1/http-security \
  -H "Content-Type: application/json" \
  -d '{"url":"https://example.com"}'

curl with PAYMENT-SIGNATURE

curl -X POST https://api.x402dataapi.com/v1/http-security \
  -H "Content-Type: application/json" \
  -H "PAYMENT-SIGNATURE: <x402-payment-payload>" \
  -d '{"url":"https://example.com"}'

Intent

x402 security headers API, HTTP security headers API, HSTS CSP scanner API, web security scan API

x402ai-agentshttp-securitysecurity-headershstscspx-frame-optionsreferrer-policypermissions-policyweb-security-scan

x402 agent flow

Read /llms.txt.
Fetch /openapi.json or /.well-known/x402-catalog.json.
Inspect schema, price and network.
Pay with x402 and retry with PAYMENT-SIGNATURE.

Agent use case

HTTP security headers, response status, score and missing header analysis for a public URL.

Discovery keywords