Features

Everything we check, explained.

No feature tables. No hidden upsells. Every scan on every plan runs the same audits — the plan only changes how often, how deep, and how long we keep the data.

WCAG 2.2 accessibility

We run axe-core (the same engine Deque, Google Lighthouse, and most enterprise auditing tools use) against every page we scan. Every finding tells you the exact element, the WCAG success criterion it fails, and why it matters.

What you'll see
  • Missing or meaningless alt attributes
  • Colour contrast below AA threshold
  • Form inputs without associated labels
  • Unreachable content via keyboard
  • Heading hierarchy violations
  • ARIA role misuse and landmark issues
  • Auto-playing or flashing content risks

SEO health

Google doesn't tell you what's broken. We do. Every page's metadata, structured data, and crawlability signals, parsed and graded against current best practice.

What you'll see
  • Missing or over-long title tags and meta descriptions
  • Duplicate or missing canonical URLs
  • Open Graph & Twitter Card completeness
  • JSON-LD structured data presence and type
  • H1 count and heading hierarchy
  • robots.txt and noindex sanity checks
  • Missing <html lang> attributes

Image audit

Images are often where sites go wrong — too big, poorly labelled, or straight-up broken. ScanForge catalogues every image it finds.

What you'll see
  • Every image's URL, file size, dimensions, and MIME type
  • Images missing alt attributes
  • Oversized images that slow your page load
  • Broken image links (404s)
  • Modern format opportunities (WebP/AVIF)

Form review

A contact form that drops submissions, a checkout missing autocomplete, a signup without CSRF — these are silent revenue killers. We find them.

What you'll see
  • Inputs missing proper <label> associations
  • Missing autocomplete hints on expected fields
  • Fields that should be required but aren't
  • CSRF token presence in POST forms
  • Accessibility attributes (aria-*, role)

Uptime & performance

We check whether your site is actually up, how fast it responds, and when your SSL certificate will expire — because an expired cert on a Monday morning ruins a week.

What you'll see
  • HTTP status code and response time per page
  • SSL certificate expiry dates
  • Redirect chains (301 → 301 → 200 kills SEO)
  • Mixed content warnings (HTTP on HTTPS pages)
  • Security header coverage (HSTS, CSP, X-Frame-Options)

CASL compliance

Canadian-specific, because no one else checks this. If you send marketing email from your site, Canada's Anti-Spam Legislation says every message needs a working unsubscribe. We verify.

What you'll see
  • Presence of an unsubscribe link on marketing pages
  • Unsubscribe links that actually resolve (no 404s)
  • List-Unsubscribe header audits (when applicable)
  • Cookie banner presence (for Law 25 / GDPR crossover)

One plan covers all six audits.

See how often you can scan, starting at $29/mo CAD.

See pricing Start scanning free