Terms of Service
Acceptable use, disclaimers, and limitations.
Acceptance of terms
By using SecHead ("the Service"), you agree to these Terms of Service. If you do not agree, do not use the Service.
What SecHead does
SecHead is a free tool that fetches a URL you provide, reads the HTTP response headers, and grades their security configuration. We do not store the HTML content of pages you scan. We do not perform penetration testing, vulnerability scanning, or any active attack.
Acceptable use
You agree not to: scan URLs you do not have permission to test, circumvent rate limits through automation or proxies, submit malicious or illegal URLs, degrade service availability for other users, or scrape scan results in bulk without prior permission. We reserve the right to block any IP or user agent that violates these terms.
Scan results are public
When you scan a domain, the result is stored and made publicly accessible at /report/[domain] and on the homepage. Do not scan domains where publicising their security header grade would cause you a problem.
No warranty
SecHead is provided "as is" without warranty of any kind. A high grade does not mean your site is secure - it means the specific HTTP headers we check are present and configured correctly. Security requires a defence-in-depth approach that goes well beyond HTTP headers.
Limitation of liability
To the maximum extent permitted by law, SecHead and its operators shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from use of the Service. Our total liability for any claim is zero.
Rate limits and availability
We rate-limit the scan endpoint to 10 scans per IP per hour. We do not guarantee uptime, availability, or response time. We may change or discontinue the Service at any time without notice.
Governing law
These Terms are governed by the laws of the jurisdiction in which the operator resides, without regard to conflict of law provisions.
Contact
Questions about these terms: sevenlabsolutions@gmail.com