About Scout
An open, transparent privacy and security audit tool.
What Scout does
Scout performs a passive audit of a website by fetching its homepage and inspecting the HTTP response. No login required, no intrusive scanning — Scout only reads what any browser would see.
✓HTTPS enforcement and HSTS header
✓Security response headers (CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy, COOP)
✓Third-party tracker scripts (Google Analytics, Facebook Pixel, and 13 more)
✓GDPR signals — privacy policy link and cookie consent banners
Privacy by design
✓Scanned URLs are never stored — only the domain name and a timestamp are recorded for rate limiting
✓No user accounts, no cookies, no analytics on Scout itself
✓Scan history is deleted after 90 days
✓Rate limit: 1 scan per domain per day (access codes available for more)
Scoring
Scout scores 0–100 and assigns a letter grade:
A
90–100
B
75–89
C
60–74
D
45–59
E
30–44
F
0–29
HTTPS & HSTS — 20 pts
Security headers — 40 pts
Tracker-free — 20 pts
GDPR signals — 20 pts