Steelbridge GTM

Free Website Audit

Your Website Has Bugs You Don't Know About

We Find Them

Most QA tools require you to write tests. This one doesn't — point it at any website and it crawls every page automatically, checking dozens of things that silently hurt your visitors and your search rankings.

Request a Free Audit

What gets checked

Every Page. Every Issue. Nothing Missed.

60+ distinct checks, most running on every crawled page across three viewports

Per-Page Checks

Run on every crawled page — desktop, tablet, and mobile

Performance

  • HTTP status code (200 expected) — desktop, tablet, mobile
  • Page load time — desktop, tablet, mobile
  • First Contentful Paint (FCP)
  • Largest Contentful Paint (LCP)
  • Cumulative Layout Shift (CLS)
  • Time to First Byte (TTFB)
  • Total page weight (threshold: 3 MB)
  • Total HTTP request count (threshold: 100)
  • HTML compression (gzip/Brotli)
  • Redirect hop count (threshold: 2)

Layout & Responsiveness

  • Horizontal scroll / layout overflow — desktop, tablet, mobile
  • JS console errors — desktop, tablet, mobile
  • JS console warnings (logged, not flagged as failures)
  • Mixed content (HTTP resources on HTTPS page)

Images

  • Broken images
  • Missing alt text
  • Missing width/height attributes (causes layout shift)
  • Below-fold images missing loading="lazy"

Links

  • Broken internal links
  • Broken external links
  • Broken anchor links (#fragment pointing to non-existent ID)

Content

  • Word count (minimum 300 words)
  • Placeholder "lorem ipsum" text
  • Key phrases present (configurable)
  • Navigation element present
  • CTA / button elements present
  • Footer present
  • Copyright year current

SEO & Metadata

  • Page title (present, 4–60 chars)
  • Meta description (present, 11–160 chars)
  • OG title, OG description, OG image
  • Canonical tag
  • Noindex meta tag (accidental indexing block)
  • H1 present, exactly one
  • Heading hierarchy (no skipped levels, e.g. H1→H3)
  • HTML lang attribute
  • Viewport meta tag
  • Favicon
  • Structured data / JSON-LD present
  • Duplicate titles across pages
  • Duplicate meta descriptions across pages

Security & Integrity

  • CSS/JS assets loading (no 4xx/5xx)
  • Subresource Integrity (SRI) on third-party scripts/styles

Accessibility

  • Axe-core scan (critical and serious violations)
  • Skip navigation link (WCAG keyboard requirement)
  • Touch target sizes (44×44px minimum, WCAG 2.5.5)

Forms

On pages that have them

  • Form fields present and fillable
  • Submission triggers expected API call
  • Thank-you page / success state reached

Site-Level Checks

Run once across the entire site

Infrastructure

  • HTTP → HTTPS redirect
  • www → non-www redirect consistency
  • sitemap.xml accessible
  • robots.txt accessible and not blocking crawlers or the sitemap
  • SSL certificate validity and expiry
  • DNS resolution

Security

  • HSTS header
  • X-Content-Type-Options
  • X-Frame-Options
  • Content-Security-Policy
  • Referrer-Policy
  • Permissions-Policy
  • Cookie security flags (Secure, HttpOnly, SameSite)
  • Directory listing disabled on common paths (/images/, /assets/, etc.)

Tech Stack Detection

Fingerprints the site's tech stack — CMS, hosting, JS framework, analytics, payment processors, e-commerce platform — and runs e-commerce-specific checks if a store is detected.

The Report

A clean PDF: a pass/fail summary at the top, followed by every issue found with enough detail to act on immediately.