Check if a website has rate limiting configured on its endpoints
Rate limiting controls how many requests a client can make to a server within a given time window. It's a critical defense against brute-force attacks, API abuse, DDoS, and credential stuffing.
This tool checks for standard RateLimit-* headers (IETF draft), vendor-specificX-RateLimit-* headers, and Retry-After across common endpoints.
RateLimit-Limit, RateLimit-Remaining, RateLimit-Reset, RateLimit-PolicyX-RateLimit-Limit, X-RateLimit-Remaining, X-Rate-Limit