The scanner fetched the public page, extracted deterministic facts, and stored scored results across SEO / AEO, security, accessibility, and design.
Submitted
https://buildhop.io/
Final URL
https://buildhop.io
Created
Jun 29, 2026, 3:46 AM
Safe fetch
59 ms
99
out of 100
100
out of 100
82/82 rule points
100
out of 100
76/76 rule points
100
out of 100
94/94 rule points
94
out of 100
103/110 rule points
Category point breakdown
Biggest score-losing checks
Detected 0 console error(s) and 2 uncaught page error(s) during render.
What failed
The rendered page produced console or uncaught JavaScript errors.
Evidence
Detected 0 console error(s) and 2 uncaught page error(s) during render.
Priority
Priority 15: fix during launch polish.
Why it matters
Runtime errors can break forms, CTAs, animations, tracking, or responsive behavior even when the static HTML looks fine.
How to fix it
Open the page in a browser, reproduce the console errors, and fix missing assets, hydration problems, client-side exceptions, or failing third-party scripts.
This scan did not produce unknown checks. If a future page has partial public data, the report will show those checks here instead of guessing.
Severity mix: 0 critical, 3 high, 6 medium, 2 low.
No failed checks in this category.
Severity mix: 2 critical, 3 high, 0 medium, 0 low.
No failed checks in this category.
Severity mix: 0 critical, 3 high, 5 medium, 0 low.
No failed checks in this category.
Severity mix: 0 critical, 3 high, 6 medium, 2 low.
Detected 0 console error(s) and 2 uncaught page error(s) during render.
Showing failed checks.
These checks need attention.
Detected 0 console error(s) and 2 uncaught page error(s) during render.
Failed: earned 0 of 7 points.
Priority: Priority 15: fix during launch polish.
Why it matters: Runtime errors can break forms, CTAs, animations, tracking, or responsive behavior even when the static HTML looks fine.
Fix: Open the page in a browser, reproduce the console errors, and fix missing assets, hydration problems, client-side exceptions, or failing third-party scripts.
Security and accessibility checks are basic automated public checks. They are not a complete security audit, penetration test, privacy review, or WCAG certification.
Checked: https://buildhop.io
Next/final: https://buildhop.io
Content type: text/html; charset=utf-8
Checked: https://buildhop.io
Next/final: https://buildhop.io
Content type: text/html; charset=utf-8
Content hash: 2f8d73deab0f03b0a951f780161e4852845b729c227eb5f7d05c55815ebdf92d
Checked: https://buildhop.io/robots.txt
Next/final: https://buildhop.io/robots.txt
Content type: text/plain; charset=utf-8
Content hash: 6115c91c76b507a54c35bd5b71e42f4baace05e32c71ae67e959cc02af833cfe
Checked: https://buildhop.io/sitemap.xml
Next/final: https://buildhop.io/sitemap.xml
Content type: application/xml
Content hash: e293e1876b1ff5be4a29fa1a701fc7b25b8cb4b0e36b13d7d8c0cccf37404cfb
Checked: https://buildhop.io/llms.txt
Next/final: https://buildhop.io/llms.txt
Content type: text/plain; charset=utf-8
Content hash: 624c57893daf2a7d08562c22120158f04cdc25e2aed0c009fbb990b48aa9a183
Checked: https://buildhop.io/.env
Next/final: https://buildhop.io/.env
Content type: text/html; charset=utf-8
Fetch result: HTTP 404 returned for security_probe.
Checked: https://buildhop.io/.git/config
Next/final: https://buildhop.io/.git/config
Content type: text/html; charset=utf-8
Fetch result: HTTP 404 returned for security_probe.
Checked: https://buildhop.io/wp-config.php
Next/final: https://buildhop.io/wp-config.php
Content type: text/html; charset=utf-8
Fetch result: HTTP 403 returned for security_probe.
Checked: https://buildhop.io/backup.zip
Next/final: https://buildhop.io/backup.zip
Content type: text/html; charset=utf-8
Fetch result: HTTP 404 returned for security_probe.
Captured public headers
content-type
text/html; charset=utf-8
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
permissions-policy
camera=(), microphone=(), geolocation=(), payment=(), usb=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:; font-src 'self' data:; connect-src 'self' https://*.supabase.co wss://*.supabase.co https://react-tweet.vercel.app https://*.posthog.com https://*.i.posthog.com; frame-src 'self' http: https:; worker-src 'self' blob:; manifest-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
Share preview
buildhop.io website audit report
Ready to share: 99/100 overall, with prioritized fixes for SEO, security, accessibility, and design.
Public reports expose the scanned public URL, safe scores, sanitized public evidence, and fix guidance. They do not include credentials, cookies, hidden form values, or sensitive response bodies.