Alpha

HTTPScan

Cookie & Header Inspector

Privacy-First Security Misconfiguration Checker.

Inspect any domain’s HTTP headers and cookies to find missing HSTS or CSP, weak cookie flags, overly permissive CORS, and technology exposure.


https://

We request https://<domain>/, follow any redirects, and read only the response headers.

Cookie values never leave your browser - only safety-related metadata is processed. Nothing is stored, tracked, or transmitted.