Modules
Nine checks. One report.
SSL/TLS
Grade A+ to F. Protocol version, key strength, chain validity, expiry countdown.
Security Headers
HSTS, CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy scored.
DNS Records
A, AAAA, MX, NS, TXT, CNAME, SOA, CAA. Provider detection included.
Email Auth
SPF, DKIM, and DMARC verification to prevent email spoofing attacks.
HTTP/2 & HTTP/3
Modern protocol support verification for optimal performance.
HSTS Preload
Preload list status and eligibility for forced HTTPS everywhere.
DNSSEC
Validates DNSSEC signing, DS records, and chain-of-trust integrity.
Redirect Chain
Traces HTTP→HTTPS redirects, detects mixed-scheme hops and long chains.
Cookie Security
Audits Secure, HttpOnly, and SameSite flags on server-set cookies.
Live Results
See how popular sites score.
Guides
Learn how to fix what we find.
How to Get an A+ SSL Rating
Step-by-step guide to achieving the highest SSL grade — protocols, ciphers, HSTS, and certificate chain.
Read guideSecurity Headers Explained
Everything you need to know about CSP, HSTS, X-Frame-Options, and the rest of the HTTP security headers.
Read guideSPF, DKIM, DMARC Guide
Prevent email spoofing by properly configuring email authentication records for your domain.
Read guideDNS Records Explained
Every DNS record type — A, AAAA, CNAME, MX, TXT, NS, SOA, and CAA — with practical examples.
Read guideFix Missing Security Headers
Copy-paste configs for Nginx, Apache, Cloudflare, Express, and Caddy — HSTS, CSP, and more.
Read guidePlans
Free security audit. Ongoing protection.
Unlimited free scans for everyone. Upgrade for automated monitoring with email and webhook alerts.