Security · Technical · Performance · SEO — 78 checks in one report

Technical & security
website audit in 60 seconds

Enter a URL and the system automatically checks the security, technical health, and speed of your website — plus SEO and accessibility. A professional report instantly, no signup.

Free, no signup. Report downloadable as HTML.

SEOTitle tag
SEOMeta description
SecurityContent Security Policy
SecurityHSTS header
TechnicalHTTPS / SSL
PerformanceLCP < 2.5s
UXWCAG 2.1 violations
+ 85 more

How it works

Three steps to a professional audit

01

Enter a URL

Paste your website URL into the form. No registration or payment for a basic audit.

02

The system audits

Puppeteer loads the page with JS, Google PageSpeed Insights measures TTFB from Google infrastructure, axe-core checks accessibility.

03

Download the report

A professional HTML report with a prioritized action plan. Instantly, no waiting.

What we audit

92 deterministic checks across 6 categories. No AI — just code. Cookie & privacy checks follow the EDPB Website Auditing Tool methodology.

Security

21 checks — CSP quality scoring (nonce/hash), HSTS, cookie security (Secure/SameSite), security.txt, X-Frame-Options, SRI, WP login.

Technical audit

29 checks — HTTPS, compression, caching, WebP, font optimization (display:swap), third-party scripts, JS errors, lazy loading, analytics.

SEO Analysis

22 checks — title, meta, H1, canonical, structured data (Product schema quality), OG image availability, sitemap, robots.txt and more.

Performance

7 metrics — LCP, CLS, TBT, Lighthouse performance score (3 levels), render-blocking resources, image optimization.

Accessibility (UX)

7 checks via axe-core — WCAG 2.1, color contrast, touch targets, mobile usability, contact details.

Legal

6 checks — cookie consent banner, privacy policy link, tracking cookies before consent, third-party trackers, third-country data transfer (Schrems II) and unencrypted forms — per EDPB methodology.

Scoring & Report

Weighted 0–100 score per category. HTML + PDF report, prioritized action plan, offline-first.

Clear score, clear priorities

Each category gets a 0–100 score. Findings are sorted by severity — critical issues on top, low priority at the bottom.

SEO
82
Security
41
Performance
76
Technical
91
UX
68
audit-report.html
CRIT
Missing Content-Security-Policy
Security
HIGH
LCP is 3800ms — poor performance
Performance
HIGH
HSTS header is not set
Security
MED
Title tag is too long (74 characters)
SEO
LOW
Twitter Card meta is missing
SEO
Agency plan — exclusive checks

A professional audit that doesn't stop at basic SEO checks

Free and Pro plans cover 78 checks. The Agency plan adds 14 advanced analyses — Google Safe Browsing, VirusTotal (70+ AV engines), CrUX field data from real Chrome users, DNS email security, and CVE detection of JS libraries.

78Free / Pro
92Agency
Security — advanced+5 checks
Google Safe Browsing
Checks the URL against Google's threat database (malware, phishing, unwanted software). The same system Chrome uses.
Agency
SPF record
Verifies the domain's authorized email servers. Without SPF, anyone can send email "from you" — phishing, spam.
Agency
DKIM signature
A cryptographic email signature verifies the sender's authenticity. Checked for 7 common selectors.
Agency
Real SSL expiry
Exact number of days until the TLS certificate expires via a real TLS handshake — not just "the page loaded".
Agency
VirusTotal URL analysis
Checks the URL against a database of 70+ antivirus engines. Detects malware, phishing, and malicious software — the same database security firms use.
Agency
Performance, Technical & SEO analysis+8 checks
CrUX Field Data (real users)
LCP and FCP from the Chrome UX Report — data from real visitors, not a simulation. Google uses it as a ranking factor.
Agency
Vulnerable JS libraries (CVE)
Detects jQuery, Bootstrap, Angular.js, Lodash with CVE vulnerabilities. Compared against a security database.
Agency
Redirect chain
Number of URL redirects (A→B→C). Each hop = latency + SEO link juice loss. Ideal: max 2 redirects.
Agency
Broken images (404)
Detects images that don't display due to incorrect URLs or files deleted from the server.
Agency
Number of HTTP requests
Total number of network requests for the page. More than 100 requests negatively affects Core Web Vitals.
Agency
Total page size
Sum of all resource sizes. Over 5 MB = slow loading on mobile internet.
Agency
Social media links
Presence of links to Facebook, Instagram, LinkedIn, YouTube, TikTok, Twitter/X. A trust signal.
Agency
Hreflang (multilingual)
Correct hreflang tag implementation for multilingual sites. Errors cause duplicate content across languages.
Agency

No credit card · Cancel anytime

Simple pricing

Basic audit always free · 14-day trial, no credit card

Free

For a one-off website check

Site owners, developers

€0

No signup, instantly · 14-day trial, no card

  • 78 automated checks
  • Downloadable HTML report
  • No signup
  • 14-day Agency trial — no credit card
  • Limit: 1 audit / hour
  • !"WebsiteAudit" watermark
  • PDF export
  • Audit history (15 days)
  • Tracked URLs
  • Audit comparison
Start free
Most popular

Pro

For freelancers and small agencies

Web designers, SEO specialists

€9/mo

✓ 14-day free trial · no credit card

12 audits/h · 45-day history · 5 tracked URLs

  • 78 automated checks
  • HTML + PDF report (no watermark)
  • Limit: 12 audits / hour
  • Audit history — 45 days
  • Tracked URLs (max 5)
  • Compare 3 audits side by side
  • Re-audit a specific category
  • White-label report
  • API access
  • Priority support

Agency

For agencies with multiple clients

Digital agencies, consultants

€29/mo

✓ 14-day free trial · no credit card

200 audits/h · 1-year history · unlimited sites + URLs

  • 92 automated checks (including 14 Agency-exclusive)
  • HTML + PDF report (no watermark)
  • 200 audits / hour
  • Audit history — 1 year
  • Tracked URLs + Sites (unlimited)
  • Compare 3 audits side by side
  • White-label report (custom logo)
  • API access + CSV/JSON export

Detailed comparison

Exactly what you get in each plan

FeatureFreeProAgency
Automated checks787892
Google Safe Browsing (malware/phishing scan)
SPF, DMARC, DKIM (email security)
CrUX Field Data — real Chrome users
Vulnerable JS libraries (jQuery, Bootstrap CVE)
Redirect chain, broken images, SSL expiry
HTML report
PDF export
CSV / JSON export
RegistrationNoYesYes
Audit limit / hour112200
Audit history15 days45 days1 year
Tracked URLs (no time limit)Max 5 URLs
Side-by-side audit comparisonMax 3Max 3
Category re-audit
Watermark in reportYesNoNo
White-label (custom logo)
API access
Multi-client management
Priority support

Start auditing today

Find out what's slowing down your website or hurting your search ranking.

Built on proven technologies

Google PageSpeed Insights
Puppeteer (Headless Chrome)
axe-core (WCAG 2.1)
Lighthouse
VirusTotal (70+ engines)
Google Safe Browsing
EDPB methodology
W3C Validator
Chrome UX Report (CrUX)