How does Scanthra work?

Enter your domain and email, confirm with a 6-digit code we send you, then we passively scan headers, SSL, cookies, CMS and email security. You receive a clear PDF report by email, usually within a minute.

Is Scanthra safe to use on my website?

Yes. We only run passive checks. We never log in, brute force, or stress your server. The scan behaves like a normal visitor opening a few public pages.

Do I need a technical background to read the report?

No. Every finding is written in plain English with the business impact, a recommended fix, and which regulations it touches (GDPR Article 32, NIS2, OWASP Top 10).

How much does it cost?

Scanthra is free during the public launch. No account needed, no credit card. You can support us via Buy Me a Coffee if you find the report useful.

Will my data be kept?

The PDF report and scan metadata are kept for 30 days, then permanently deleted. Email logs are kept for 12 months for abuse prevention. You can request deletion at any time via the /privacy/delete endpoint.

Know what's actually risky on your website.

Scanthra checks your domain passively and emails you a friendly PDF report — written for business owners, not pentesters. No CVE codes. No jargon. Just clear answers: what's wrong, why it matters, and how to fix it.

Start a free scan See what we check

No account needed · Free to use · Results in under 2 minutes

example-shop.com

Scan complete · 8 findings

HIGH Missing HSTS — visitors could be redirected to fake sites.

MED Cookie without Secure flag — sessions may leak on public Wi-Fi.

OK SSL certificate valid — encrypted connection works.

+ 5 more findings in your full PDF report.

📄

Friendly PDF report

Every finding explained in plain English with business impact and a DIY fix tip.

⚖️

GDPR & NIS2 mapping

See which findings touch GDPR Art. 32, NIS2 and OWASP Top 10 — useful for audits.

🛡️

Passive & safe

No aggressive scanning. We never log in, brute force or stress your server.

How it works

Enter your domain

Just your URL and an email. That's it.

Confirm by code

We email a 6-digit code so we know it's you.

We scan passively

Headers, SSL, cookies, CMS, email security & more.

Get your PDF

A clear report by email — usually within a minute.

Scan your website now

Know what's actually risky on your website.

Friendly PDF report

GDPR & NIS2 mapping

Passive & safe

How it works

Thanks for your feedback

Help us improve Scanthra