Security header audit — 10 headers checked: CSP, HSTS, X-Content-Type-Options, X-Frame-Options, Referrer-Policy, Permissions-Policy, X-XSS-Protection, CORP, COEP, COOP. Information leakage detection via Server/X-Powered-By headers. A-F security grade. Accepts USDC payments on Base and Solana