Quick Answer
This tool fetches any URL and grades its HTTP security headers — HSTS, Content-Security-Policy, X-Frame-Options and more. Missing headers leave a site open to XSS, clickjacking and downgrade attacks, and increasingly hurt trust signals.
Q2 slots filling fast, only 3 new client spots open· Ends in 0 d 0 h 0 m
This tool fetches any URL and grades its HTTP security headers — HSTS, Content-Security-Policy, X-Frame-Options and more. Missing headers leave a site open to XSS, clickjacking and downgrade attacks, and increasingly hurt trust signals.