HTTP headers

Analyses the HTTP response for the most important security headers: HSTS, Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, Referrer-Policy and Permissions-Policy.

Recently checked

amazon.de· basf.com· google.com· comdirect.de· web.de· bvb.de· focus.de· ing.de· stepstone.de· bayer.com· dfb.de· ikea.com

Need the full audit? The full Webscan Radar security check combines HTTP headers with all other areas plus GDPR audit, CMS detection, CVE matching and performance measurement in one report — also free.

Other tools

SSL check

TLS certificate, validity, cipher.

DMARC lookup

SPF, DMARC, DKIM and MX records.

DNS lookup

A, AAAA, MX, NS, TXT, CAA, SOA.

Whois / RDAP

Registrar, expiry, status, name servers.

Port scan

20 common TCP ports, critical ones flagged.

Cookie audit

Set-Cookie headers, flags, tracker detection.