source ↗
Passive header inspection

Read your site's security signals before an attacker does.

Enter any URL. The inspector fetches it the way a browser would, reads the transport, headers and cookies it gets back, and returns a graded report with the fixes that matter most — in order.

inspector://analyze
Reads: HTTPS · HSTS · CSP · framing · cookies · disclosure · see a sample report

establishing connection