AuditOpsSite Inspector
AuditOps · Site Inspector

Open a case file on any website.

Paste a URL, get a forensic dossier on any website — performance, Core Web Vitals, SEO, accessibility, best-practices & security signals, no signup.

Run a new scan
Device

Queries Google PageSpeed Insights live from your browser. Nothing is stored on our servers. Not affiliated with Google.

Case FileCASE-2026-2719
Sample — run a scan on your own URL
Target https://www.example-store.test/
Strategy MOBILE · Source Google PSI / Lighthouse
Redirected from https://example-store.test/
4 CRITICALfindings · 11 warnings · 8 passing checks. Report severity = CRITICAL (worst section).
Performance38/100CRITICAL
SEO82/100WARN
Accessibility79/100WARN
Best Practices67/100WARN
CrUX field data — real Chrome users (28-day) origin-level
LCP — Largest Contentful Paint
4.10 s
SLOW
INP — Interaction to Next Paint
240 ms
AVERAGE
CLS — Cumulative Layout Shift
0.06
FAST
FCP — First Contentful Paint
2.30 s
AVERAGE
Performance & Core Web Vitals (lab) CRITICAL
CRITICAL
Server response time (TTFB)
1.4 s
CRITICAL
Largest Contentful Paint
4.8 s
WARN
Total Blocking Time
780 ms
WARN
Speed Index
5.1 s
PASS
Cumulative Layout Shift
0.04
WARN
First Contentful Paint
2.1 s
FIX THIS → Slow server response (TTFB) and lab LCP usually trace back to the host. Faster managed hosting moves the needle most. (affiliate · matched to the issue above, not paid placement)
Try managed hosting
Asset delivery & caching CRITICAL
CRITICAL
Render-blocking resources
Est. 1.2 s savings
WARN
Text compression
Enable gzip/br
WARN
Unused JavaScript
Est. 210 KiB
PASS
HTTP/2
Pass
FIX THIS → Render-blocking assets, missing HTTP/2 or no compression are delivery problems — a CDN / edge cache fixes them across all visitors. (affiliate · matched to the issue above, not paid placement)
Try a CDN / edge cache
Best-practices & security signals CRITICAL
CRITICAL
No known-vulnerable libraries
jQuery 1.12.4 flagged
WARN
CSP effective against XSS
No CSP found
WARN
No console errors
2 errors
PASS
Served over HTTPS
Pass
FIX THIS → Vulnerable libraries, a weak CSP or no HTTPS are exploitable. A dependency scanner watches your supply chain continuously. (affiliate · matched to the issue above, not paid placement)
Try a dependency security scanner
SEO signals WARN
WARN
Meta description
Missing
WARN
Structured data
None detected
PASS
Document has <title>
Pass
PASS
Page is crawlable
Pass
PASS
Canonical link
Pass
FIX THIS → Missing titles, descriptions or canonicals are crawl/indexing risks. An SEO toolkit catches them site-wide. (affiliate · matched to the issue above, not paid placement)
Try an SEO & accessibility toolkit
Accessibility WARN
WARN
Color contrast
6 low-contrast elements
WARN
Image alt text
3 images missing alt
PASS
Tap targets sized
Pass
PASS
Viewport meta
Pass
FIX THIS → Contrast, alt text and tap-target failures hurt real users and indirectly SEO. A toolkit with an a11y checker flags every page. (affiliate · matched to the issue above, not paid placement)
Try an SEO & accessibility toolkit
Prioritised remediation — fix worst-first
  1. CRITICAL Server response time (TTFB) — measured 1.4 s
  2. CRITICAL Largest Contentful Paint — measured 4.8 s
  3. CRITICAL Render-blocking resources — measured Est. 1.2 s savings
  4. CRITICAL No known-vulnerable libraries — measured jQuery 1.12.4 flagged
  5. WARN Total Blocking Time — measured 780 ms
  6. WARN Speed Index — measured 5.1 s
  7. WARN First Contentful Paint — measured 2.1 s
  8. WARN Text compression — measured Enable gzip/br
  9. WARN Unused JavaScript — measured Est. 210 KiB
  10. WARN CSP effective against XSS — measured No CSP found
  11. WARN No console errors — measured 2 errors
  12. WARN Meta description — measured Missing
  13. WARN Structured data — measured None detected
  14. WARN Color contrast — measured 6 low-contrast elements
  15. WARN Image alt text — measured 3 images missing alt
Known coverage gap — read this

Lighthouse evaluates only a handful of security signals (HTTPS, known-vulnerable libraries, a basic CSP/XSS heuristic, console errors). It does not inspect security response headers such as HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy or a full Content-Security-Policy. A clean "Best Practices" score is not a security guarantee — treat this dossier as triage, then run a dedicated header/penetration scan.

Affiliate disclosure: some "FIX THIS" recommendations are affiliate links. If you sign up through one we may earn a commission, at no extra cost to you. Recommendations are triggered by issues detected in your dossier, never by payment. Full details in our affiliate disclosure.

How it reads your site

1 · Pull the lab + field record

We query Google PageSpeed Insights live from your browser. That returns a Lighthouse lab run (one throttled load) plus, when enough Chrome users exist, CrUX field data (real users, 28 days).

2 · Triage every signal

Each of the four Lighthouse categories and ~25 individual audits is graded against a fixed severity model — PASS WARN CRITICAL — never colour alone.

3 · File the dossier

Sections are sorted worst-first: Performance/CWV, asset delivery, SEO, accessibility, and best-practices & security signals — each citing the exact measured value.

4 · Prioritised remediation

A single ranked fix-list, and where an issue maps to a tool we trust we surface a matched FIX THIS → recommendation (clearly labelled affiliate, triggered by the issue, not paid).

What the severity grades mean

PASS
Category or audit score ≥ 0.90. Matches the green Lighthouse gauge. Nothing to action here.
WARN
Score 0.50–0.89 (Lighthouse "needs improvement"). Real but non-blocking — schedule a fix.
CRITICAL
Score below 0.50, or a forced escalation: no HTTPS, or a known-vulnerable library. Fix first.

Full details on the methodology page, and a section-by-section walkthrough in how to read a website audit.

Questions, answered

Is this a real audit or an estimate?
It is real Google data. The lab scores come from a Lighthouse run performed by Google's PageSpeed Insights servers; the field metrics come from the Chrome UX Report (CrUX) — anonymised data from real Chrome users. AuditOps only formats and grades that data. We are not affiliated with Google.
Why do the lab and field numbers disagree?
Lab is one load on an emulated mid-tier phone with throttled network — repeatable, but artificial. Field is what real visitors actually experienced over the last 28 days across many devices and connections. When they diverge, trust the field data for "is this fast for users?" and the lab data for "what should I fix?".
Does a clean score mean my site is secure?
No. Lighthouse checks only a few security signals (HTTPS, known-vulnerable JS libraries, a basic CSP/XSS heuristic, console errors). It does not inspect security response headers such as HSTS, X-Frame-Options or a full Content-Security-Policy. Treat the dossier as triage, then run a dedicated security scan.
Do you store my URL or my results?
No. The scan runs from your browser straight to Google's API; results render locally and are never saved on our servers. Reload the page and the dossier is gone. See our privacy page.
Why did my scan get rate-limited?
By default we run keyless, which shares a small public Google quota. If many people scan at once you may see a "rate-limited" message — wait roughly 30 seconds and retry. An operator can add a free PageSpeed API key to raise the limit.
What does a CASE number mean?
It is a stable label derived from the URL you scanned (e.g. CASE-2026-4821) so two scans of the same site read the same. It is cosmetic — it is not stored and carries no tracking.
Is it free?
Yes — free, no signup, no account. Some "FIX THIS" links are affiliate links that help fund the tool at no extra cost to you.