Security Status

Last updated: February 15, 2026

NibbleMaps maintains strong website hardening controls and currently holds an A+ security headers score from independent scanning.

NibbleMaps A+ website security scorecard — Latest A+ security scorecard snapshot for nibblemaps.com.

What This Means

Strict browser security headers are enabled by default.
Content Security Policy is enforced to reduce script injection risk.
Transport security and browser permission controls are hardened.
Static-site architecture minimizes attack surface.

What Was Tested

Content Security Policy (CSP)
HTTP Strict Transport Security (HSTS)
Frame protections and MIME sniffing protections
Referrer policy and browser feature permissions
Cache-control behavior for security-sensitive assets

Independent Verification

External report: SecurityHeaders / Probely scan results .