Analyze HTTP security headers for any URL via a pay-per-call x402 endpoint.
What it does
This endpoint at netintel-production-440c.up.railway.app/security-headers/analyze provides HTTP security header analysis as a paid x402 service. It is hosted on Railway and responds with a 402 Payment Required challenge, confirming it is live and expects x402-protocol payment before returning results.
Based on the endpoint path, the service likely accepts a target URL and returns an analysis of its HTTP security headers — such as Content-Security-Policy, Strict-Transport-Security, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy. Security header analysis is a common component of web application security audits and compliance checks.
Documentation is extremely sparse: no OpenAPI spec, no docs page, no README, and no pricing page were found. The x402 challenge was captured but contained an empty challenge object, so the exact payment token, network, and price are unknown. All functional details about request parameters, response format, and pricing are inferred from the endpoint path alone and should be treated with caution.
Capabilities
Use cases
- —Audit a website's HTTP security headers before deployment
- —Automate security header compliance checks in CI/CD pipelines
- —Assess third-party sites for basic security posture
- —Generate security header reports for penetration testing
Fit
Best for
- —Developers needing quick security header checks via API
- —Automated agents performing web security assessments
- —CI/CD pipelines that gate on security header compliance
Not for
- —Full vulnerability scanning or penetration testing beyond headers
- —Free or high-volume bulk scanning (pay-per-call model)
Quick start
curl -X GET "https://netintel-production-440c.up.railway.app/security-headers/analyze?url=https://example.com" \
-H "X-Payment: <x402-payment-token>"Endpoint
Quality
The endpoint is live (402 response captured), but the x402 challenge object is empty, there is no documentation, no OpenAPI schema, no pricing information, and no crawlable content. Nearly all details are inferred from the URL path alone.
Warnings
- —Empty x402 challenge object — payment token, network, and price are unknown
- —No documentation, OpenAPI spec, or README available
- —Request parameters and response schema are entirely inferred from the endpoint path
- —Root domain returns 404; no supporting pages found
Citations
- —Endpoint returns HTTP 402 on GET, confirming it is live and uses x402 protocolhttps://netintel-production-440c.up.railway.app/security-headers/analyze
- —Root domain and all crawled paths return 'Cannot GET' errors with no documentationhttps://netintel-production-440c.up.railway.app