We fetch the public pages of your site and surface concrete evidence: visibility, structure, page performance, accessibility and baseline technical security.
What is inspected
The inspection only fetches publicly reachable pages. No logins, no port scans, no active security probing.
Four steps. Fully automated. Results in minutes.
Provide your domain and a business email. Authority is verified through your domain.
Click the confirmation link. That authorises the passive inspection.
Up to 25 public pages are fetched and analysed for visibility, structure, performance, accessibility and passive security.
You get the result link by email — with score, top findings and a link to the full evidence report.
After reading the short report you can unlock the full evidence report or request implementation.
What is inspected
What is not inspected
The short check and the full evidence report inspect public pages only — no port scanning, no exploit probes, no testing of authenticated areas. After the report we implement the fixes. A penetration test is a separate engagement that requires a signed scope.
10+ years enterprise experience
Penetration tests and implementation are delivered by engineers with more than ten years of experience in enterprise software and security.
Free short inspection
Free always
Full evidence report
€49 § 19 UStG (no VAT charged)
Penetration test
On request scoped engagement
Delivered by certified experts with 10+ years enterprise security experience.
Implementation
On request per project
Delivered by full-stack engineers with 10+ years enterprise experience.
The report does not replace a legal security assessment. Active security testing requires a signed engagement.
When your email does not match the target domain, prove authority via a DNS TXT record or request manual approval. Built for agencies inspecting client sites.
DNS TXT verification
Record name
_seitenbefund.firma.de
Record value
seitenbefund-verify=a3f9c1b2e8d4…
DNS changes typically propagate within 5–15 minutes.
Everything important about the passive short inspection.
So we can confirm that the requester is connected to the domain. For agencies and external operators, DNS TXT verification or a manual approval are available.
Yes. Authorise client domains via DNS TXT record or operator approval, without needing an email at the client domain.
The full evidence report is €49 (no VAT charged under § 19 UStG, German small-business rule). It includes every finding with evidence, a prioritised action plan, a PDF download, and unlimited follow-up audits for 90 days.
No. The short inspection is purely passive — only public pages. Active testing is a separate engagement with a signed scope.
Penetration tests, implementation services and agency access are scoped in person. We respond within one business day.
Penetration test
Active security engagement with signed scope. OWASP Top 10, business logic, authenticated surfaces.
Implementation service
We resolve findings from the report: visibility, performance, accessibility, baseline security.
Agency access
DNS verification, bulk pipeline, white-label delivery, API access.