FreeScan.app Start free audit

New scan Visit scanned site

Public status

completed

HTTP 200

0 redirects

36 checks

Website audit scorecard for freescan.app

The scanner fetched the public page, extracted deterministic facts, and stored scored results across SEO / AEO, security, accessibility, and design.

Submitted

https://www.freescan.app/

Final URL

https://www.freescan.app

Created

Jun 29, 2026, 3:25 AM

Safe fetch

52 ms

Four-score result

Close to ready (Needs polish): 30 passed, 5 failed, and 1 unknown. Strongest area: SEO / AEO. Weakest area: Accessibility.

Overall

out of 100

SEO / AEO

100

out of 100

82/82 rule points

Security

out of 100

58/76 rule points

Accessibility

out of 100

68/94 rule points

Design

out of 100

91/110 rule points

Why this scored this way

Scores are deterministic: each category earns rule points for verified public signals and loses points for failed checks. Unknown checks are shown separately instead of guessed.

Category point breakdown

SEO / AEO82/82

Security58/76

Accessibility68/94

Design91/110

Biggest score-losing checks

high

Accessibility

Rendered axe accessibility violations

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: color-contrast (3), svg-img-alt (1).

critical

Security

Sensitive file probes

A small allowlist probe returned a public success response.

medium

Design

Trust signals

Detected 0 trust-signal keyword occurrence(s).

medium

Design

Rendered layout ergonomics

Horizontal overflow: 0px. Small tap targets: 3.

Recommendations

Score-losing issues ordered by remediation priority, severity, and score impact.

5 fixes

6 opportunities

9 insights

critical

Security

Priority 1

Remove exposed sensitive files

-16 pts

What failed

A small public allowlist probe found a sensitive-looking file path.

Evidence

A small allowlist probe returned a public success response.

Priority

Priority 1: fix before sharing the page publicly.

Why it matters

Publicly exposed config or backup files can leak implementation details or secrets.

How to fix it

Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.

high

Accessibility

Priority 5

Fix rendered axe accessibility violations

-18 pts

What failed

The rendered page has accessibility rule violations detected by axe-core.

Evidence

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: color-contrast (3), svg-img-alt (1).

Priority

Priority 5: fix before sharing the page publicly.

Why it matters

axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.

How to fix it

Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.

medium

Design

Priority 13

Fix rendered layout ergonomics

-9 pts

What failed

The browser-rendered page has layout or tap-target issues.

Evidence

Horizontal overflow: 0px. Small tap targets: 3.

Priority

Priority 13: fix during launch polish.

Why it matters

Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.

How to fix it

Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.

medium

Design

Priority 16

Add trust signals

-10 pts

What failed

The page does not expose detectable proof, customer, review, security, or credibility signals.

Evidence

Detected 0 trust-signal keyword occurrence(s).

Priority

Priority 16: lower-risk cleanup after urgent launch blockers.

Why it matters

Trust signals reduce hesitation when strangers see the product for the first time.

How to fix it

Add honest proof such as customer quotes, usage stats, founder credibility, security notes, or relevant logos.

medium

Accessibility

Priority 20

Improve detectable color contrast

-8 pts

What failed

The scanner found text/background color pairs that may be hard to read, or could not verify contrast.

Evidence

7 of 93 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.

Priority

Priority 20: lower-risk cleanup after urgent launch blockers.

Why it matters

Low contrast makes a launch page feel less polished and can exclude users with low vision.

How to fix it

Review key text, buttons, and links against a 4.5:1 contrast target for normal text.

Unknown and not detected states

FreeScan.app keeps partial public data explicit. It marks unverifiable signals as unknown or not detected instead of inventing evidence.

1 unknown

Safe public scans cannot see private cookies, authenticated content, browser-rendered state, or reliable contrast values unless they are present in static public markup.

not detected

Security

Priority 20

Visible cookie flags

Cookie flags were not visible from the safe public metadata captured for this page.

Why it matters: Session and preference cookies should avoid unnecessary exposure before early users sign in or submit forms.

Manual check: Review application cookies in the browser and set Secure, HttpOnly where appropriate, SameSite, and narrow expiration values before launch.

Score aggregation details

Category scores come from earned rule points divided by available rule points. Failed checks are ordered by severity and score lost.

100/100

11 pass, 0 fail, 0 unknown

SEO / AEO

Severity mix: 0 critical, 3 high, 6 medium, 2 low.

No failed checks in this category.

76/100

4 pass, 1 fail, 1 unknown

Security

Severity mix: 2 critical, 3 high, 0 medium, 0 low.

critical

Sensitive file probes

-16 pts

A small allowlist probe returned a public success response.

72/100

6 pass, 2 fail, 0 unknown

Accessibility

Severity mix: 0 critical, 3 high, 5 medium, 0 low.

high

Rendered axe accessibility violations

-18 pts

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: color-contrast (3), svg-img-alt (1).

medium

Basic contrast

-8 pts

7 of 93 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.

83/100

9 pass, 2 fail, 0 unknown

Design

Severity mix: 0 critical, 3 high, 6 medium, 2 low.

medium

Trust signals

-10 pts

Detected 0 trust-signal keyword occurrence(s).

medium

Rendered layout ergonomics

-9 pts

Horizontal overflow: 0px. Small tap targets: 3.

Full check list

Failed, unknown, and passed checks are all shown so the report is transparent even when public data is partial.

Showing failed checks.

Failed checks

These checks need attention.

fail

critical

Security

Sensitive file probes

0/16

A small allowlist probe returned a public success response.

Failed: earned 0 of 16 points.

Priority: Priority 1: fix before sharing the page publicly.

Why it matters: Publicly exposed config or backup files can leak implementation details or secrets.

Fix: Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.

fail

medium

Accessibility

Basic contrast

0/8

7 of 93 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.

Failed: earned 0 of 8 points.

Priority: Priority 20: lower-risk cleanup after urgent launch blockers.

Why it matters: Low contrast makes a launch page feel less polished and can exclude users with low vision.

Fix: Review key text, buttons, and links against a 4.5:1 contrast target for normal text.

fail

high

Accessibility

Rendered axe accessibility violations

0/18

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: color-contrast (3), svg-img-alt (1).

Failed: earned 0 of 18 points.

Priority: Priority 5: fix before sharing the page publicly.

Why it matters: axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.

Fix: Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.

fail

medium

Design

Trust signals

0/10

Detected 0 trust-signal keyword occurrence(s).

Failed: earned 0 of 10 points.

Priority: Priority 16: lower-risk cleanup after urgent launch blockers.

Why it matters: Trust signals reduce hesitation when strangers see the product for the first time.

Fix: Add honest proof such as customer quotes, usage stats, founder credibility, security notes, or relevant logos.

fail

medium

Design

Rendered layout ergonomics

0/9

Horizontal overflow: 0px. Small tap targets: 3.

Failed: earned 0 of 9 points.

Priority: Priority 13: fix during launch polish.

Why it matters: Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.

Fix: Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.

Safe fetch metadata

Public headers and redirects captured during intake. Response bodies, cookies, and credentials are not stored.

Security and accessibility checks are basic automated public checks. They are not a complete security audit, penetration test, privacy review, or WCAG certification.

Landing page

Step 1HTTP 2006 captured header(s)

Checked: https://www.freescan.app

Next/final: https://www.freescan.app

Content type: text/html; charset=utf-8

Landing page

Step 2HTTP 2006 captured header(s)

Checked: https://www.freescan.app

Next/final: https://www.freescan.app

Content type: text/html; charset=utf-8

Content hash: 91eeaa8e871a67cc36bf91252ee4546684fd577ed275871e2f2d82b8cdc4224d

robots.txt

Step 3HTTP 2007 captured header(s)

Checked: https://www.freescan.app/robots.txt

Next/final: https://www.freescan.app/robots.txt

Content type: text/plain; charset=utf-8

Content hash: 497f8d681cce5d70edd5db84cdbdece3ab036bcf2cc87d60e63f413f5d20b9aa

sitemap.xml

Step 4HTTP 2006 captured header(s)

Checked: https://www.freescan.app/sitemap.xml

Next/final: https://www.freescan.app/sitemap.xml

Content type: application/xml

Content hash: 196c800b4f317b5c5991283e829aa0a4fc55bc51c026ce0510b9ca3e567254bb

llms.txt

Step 5HTTP 2006 captured header(s)

Checked: https://www.freescan.app/llms.txt

Next/final: https://www.freescan.app/llms.txt

Content type: text/plain; charset=utf-8

Content hash: d059dd88e5800a06709d2454fcf433b5b443e7c21a32da67750e8d3ce242df57

Security probe

Step 6HTTP 3076 captured header(s)

Checked: https://www.freescan.app/.env

Next/final: https://www.freescan.app/.env

Content type: text/html

Content hash: 6b56a6cb3002ae013f16d14deae0ae7eacbeb4352cf6311a183f34d6076d0511

Security probe

Step 7HTTP 3076 captured header(s)

Checked: https://www.freescan.app/.git/config

Next/final: https://www.freescan.app/.git/config

Content type: text/html

Content hash: 6b56a6cb3002ae013f16d14deae0ae7eacbeb4352cf6311a183f34d6076d0511

Security probe

Step 8HTTP 3076 captured header(s)

Checked: https://www.freescan.app/wp-config.php

Next/final: https://www.freescan.app/wp-config.php

Content type: text/html

Content hash: 6b56a6cb3002ae013f16d14deae0ae7eacbeb4352cf6311a183f34d6076d0511

Security probe

Step 9HTTP 3076 captured header(s)

Checked: https://www.freescan.app/backup.zip

Next/final: https://www.freescan.app/backup.zip

Content type: text/html

Content hash: 6b56a6cb3002ae013f16d14deae0ae7eacbeb4352cf6311a183f34d6076d0511

Captured public headers

content-type

text/html; charset=utf-8

referrer-policy

strict-origin-when-cross-origin

permissions-policy

camera=(), microphone=(), geolocation=(), payment=()

x-content-type-options

nosniff

content-security-policy

frame-ancestors 'self' https://buildhop.io

strict-transport-security

max-age=63072000

Public report link

Markdown export

Share the website audit report

Copy a public report link or a Markdown version with scores, fixes, opportunities, insights, and a normal link back to the scanned site.

Share preview

freescan.app website audit report

Close to ready: 83/100 overall, with prioritized fixes for SEO, security, accessibility, and design.

Public report link

Markdown report

# freescan.app Website Scan

Scanned URL: [https://www.freescan.app](https://www.freescan.app)
Report URL: /scan/freescan-app-83-launch-readiness-report-82952be7
Created: 2026-06-29T03:25:00.363Z

## Score Summary

- Overall: 83/100
- SEO / AEO: 100/100
- Security: 76/100
- Accessibility: 72/100
- Design: 83/100

## Launch Readiness

Close to ready (Needs polish).

Passed: 30. Failed: 5. Unknown: 1.
Strongest area: SEO / AEO. Weakest area: Accessibility.

## Prioritized Fixes

### 1. Remove exposed sensitive files

- Category: Security
- Severity: critical
- Score lost: 16
- Evidence: A small allowlist probe returned a public success response.
- Why it matters: Publicly exposed config or backup files can leak implementation details or secrets.
- Fix: Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.

### 2. Fix rendered axe accessibility violations

- Category: Accessibility
- Severity: high
- Score lost: 18
- Evidence: axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: color-contrast (3), svg-img-alt (1).
- Why it matters: axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.
- Fix: Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.

### 3. Fix rendered layout ergonomics

- Category: Design
- Severity: medium
- Score lost: 9
- Evidence: Horizontal overflow: 0px. Small tap targets: 3.
- Why it matters: Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.
- Fix: Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.

### 4. Add trust signals

- Category: Design
- Severity: medium
- Score lost: 10
- Evidence: Detected 0 trust-signal keyword occurrence(s).
- Why it matters: Trust signals reduce hesitation when strangers see the product for the first time.
- Fix: Add honest proof such as customer quotes, usage stats, founder credibility, security notes, or relevant logos.

### 5. Improve detectable color contrast

- Category: Accessibility
- Severity: medium
- Score lost: 8
- Evidence: 7 of 93 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.
- Why it matters: Low contrast makes a launch page feel less polished and can exclude users with low vision.
- Fix: Review key text, buttons, and links against a 4.5:1 contrast target for normal text.

## Opportunities

### Add answer-ready sections for common buyer questions

- Impact: high
- Category: SEO / AEO
- Evidence: Pricing signals: 1. Use-case signals: 1. Integration/API signals: 0.
- Why it matters: Answer engines and search visitors need concise textual answers to summarize who the product is for, how it works, what it costs, and what it connects with.
- Next step: Add short, crawlable sections for pricing or plans, ideal users, use cases, integrations, security, and how the product differs from alternatives.

### Expose important supporting pages in navigation or footer

- Impact: medium
- Category: SEO / AEO
- Evidence: No pricing, docs, contact, security, privacy, terms, or about links were detected in public internal links.
- Why it matters: Internal links help visitors, crawlers, and AI answer systems discover supporting facts instead of relying on one landing page.
- Next step: Link to the most useful public pages, especially pricing, docs, contact, security, privacy, terms, and about pages where applicable.

### Make trust and proof easier to detect

- Impact: medium
- Category: Design
- Evidence: Detected 0 trust-signal keyword occurrence(s).
- Why it matters: Visitors who arrive cold from search, social, or AI citations need proof before they submit a form, start a trial, or buy.
- Next step: Add honest proof such as customer quotes, recognizable logos, security notes, usage stats, reviews, case studies, or founder credibility.

### Tighten the live color system

- Impact: high
- Category: Accessibility
- Evidence: 7 of 93 rendered contrast sample(s) missed target. Worst ratio: 1.
- Why it matters: Computed contrast catches the actual colors visitors see after CSS, themes, and overlays are applied.
- Next step: Audit foreground/background token pairs for body text, muted text, links, buttons, inputs, and badges, then raise weak pairs to WCAG AA contrast targets.

### Polish rendered responsive ergonomics

- Impact: medium
- Category: Design
- Evidence: Horizontal overflow: 0px. Small tap targets: 3.
- Why it matters: Overflow and tiny controls are easy for static scans to miss but obvious to real users, especially on mobile and tablet layouts.
- Next step: Constrain wide elements, avoid fixed-width content that exceeds the viewport, and increase touch target sizes for interactive controls.

### Measure search performance with first-party data

- Impact: medium
- Category: SEO / AEO
- Evidence: robots.txt and sitemap.xml were reachable, so the site has the basics needed for Search Console verification and monitoring.
- Why it matters: A scan can identify technical readiness, but Search Console and analytics reveal impressions, queries, clicks, pages, and conversions over time.
- Next step: Verify the domain in Search Console, submit the sitemap, and pair query/page data with analytics events for signups, demo requests, and purchases.

## Insights

### The page appears basically crawlable

- Category: SEO / AEO
- Evidence: HTTP 200. robots.txt: HTTP 200. sitemap.xml: HTTP 200. noindex check: clear.
- Interpretation: The public page satisfies the basic crawl/index path the scan can verify.
- Recommended use: Use this as the first launch gate before deeper content, ranking, or AI visibility work.

### AEO depends on normal SEO plus answerable text

- Category: SEO / AEO
- Evidence: Visible words: 375. H1 count: 1. Audience signals: 5. CTA labels: Scan free, Scan your landing page free, Scan, What should I scan first?, What are the limits of the free scan?.
- Interpretation: Google AI features currently rely on standard Search eligibility; the extra advantage comes from content that is easy to quote, summarize, and verify.
- Recommended use: Prioritize clear text answers, crawlable support pages, accurate schema, and visible proof over speculative AI-only markup.

### Detected entity signals

- Category: SEO / AEO
- Evidence: Title: Free SEO / AEO Website Scan. H1: Find the fixes, opportunities, and insights hiding on your website. Schema types: BreadcrumbList, FAQPage, Organization, SoftwareApplication, WebSite.
- Interpretation: The stronger and more consistent these entity signals are, the easier it is for search and answer systems to identify the brand, product category, and page purpose.
- Recommended use: Keep the title, H1, meta description, Open Graph, schema, footer, and about/pricing/docs pages aligned around the same product facts.

### Structured data is present

- Category: SEO / AEO
- Evidence: JSON-LD blocks: 1. Types: BreadcrumbList, FAQPage, Organization, SoftwareApplication, WebSite. Parse errors: 0.
- Interpretation: The page exposes machine-readable facts, but quality still depends on whether those facts match visible content.
- Recommended use: Validate JSON-LD and use only accurate facts that are visible or clearly supported on the public page.

### Weakest score area

- Category: Accessibility
- Evidence: SEO / AEO: 100/100. Security: 76/100. Accessibility: 72/100. Design: 83/100
- Interpretation: The weakest area is Accessibility, so improvements there should have the most visible effect on readiness.
- Recommended use: Use the score mix to choose the next workstream instead of treating every issue as equally urgent.

### LLM-readable file found

- Category: SEO / AEO
- Evidence: https://www.freescan.app/llms.txt returned HTTP 200.
- Interpretation: llms.txt can be a useful optional summary for agents, but it should not be treated as a guaranteed AI search ranking factor.
- Recommended use: Invest first in crawlability, helpful visible content, internal links, and accurate schema; add llms.txt as a tidy supplement.

### Rendered page experience snapshot

- Category: Design
- Evidence: Rendered text samples: 93. Contrast failures: 7. Console errors: 0. Horizontal overflow: 0px.
- Interpretation: The scan inspected the browser-rendered page, so contrast, runtime, layout, and timing signals are more representative than static markup alone.
- Recommended use: Use rendered checks to prioritize issues that visitors actually experience after JavaScript and CSS load.

### Rendered speed snapshot

- Category: Design
- Evidence: DOMContentLoaded: 223ms. Load complete: 552ms. First contentful paint: not available. Resources: 17. Scripts: 11. Images: 2. Third-party origins: 3. Transfer: not available.
- Interpretation: These are lightweight browser timings from one rendered scan, so they are useful directional signals rather than real-user performance proof.
- Recommended use: Use slow timings, high script counts, heavy transfer size, and many third-party origins to choose focused speed work, then verify important changes with analytics or field data when available.

### Rendered axe accessibility snapshot

- Category: Accessibility
- Evidence: axe violations: 2. Critical: 0. Serious: 2. Top rules: color-contrast, svg-img-alt.
- Interpretation: axe-core catches common accessibility failures in the actual rendered DOM, but it is still automated coverage and not a full manual accessibility audit.
- Recommended use: Treat critical and serious axe failures as high-priority fixes, then manually review keyboard flow, focus states, screen reader meaning, and interaction states.

## Scope

FreeScan.app performs safe public checks only. It is not a penetration test, full SEO engagement, full accessibility audit, WCAG certification, backlink audit, rank tracker, or analytics platform.

Public reports expose the scanned public URL, safe scores, sanitized public evidence, and fix guidance. They do not include credentials, cookies, hidden form values, or sensitive response bodies.

Rescan same URL

Rerun the full deterministic scanner for freescan.app without re-entering the URL. The previous report stays saved so the next result can be compared against it.

FreeScan.app Start free audit

New scan Visit scanned site

Public status

completed

HTTP 200

0 redirects

36 checks

Website audit scorecard for freescan.app

The scanner fetched the public page, extracted deterministic facts, and stored scored results across SEO / AEO, security, accessibility, and design.

Submitted

https://www.freescan.app/

Final URL

https://www.freescan.app

Created

Jun 29, 2026, 3:25 AM

Safe fetch

52 ms

Four-score result

Close to ready (Needs polish): 30 passed, 5 failed, and 1 unknown. Strongest area: SEO / AEO. Weakest area: Accessibility.

Overall

out of 100

SEO / AEO

100

out of 100

82/82 rule points

Security

out of 100

58/76 rule points

Accessibility

out of 100

68/94 rule points

Design

out of 100

91/110 rule points

Why this scored this way

Scores are deterministic: each category earns rule points for verified public signals and loses points for failed checks. Unknown checks are shown separately instead of guessed.

Category point breakdown

SEO / AEO82/82

Security58/76

Accessibility68/94

Design91/110

Biggest score-losing checks

high

Accessibility

Rendered axe accessibility violations

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: color-contrast (3), svg-img-alt (1).

critical

Security

Sensitive file probes

A small allowlist probe returned a public success response.

medium

Design

Trust signals

Detected 0 trust-signal keyword occurrence(s).

medium

Design

Rendered layout ergonomics

Horizontal overflow: 0px. Small tap targets: 3.

Recommendations

Score-losing issues ordered by remediation priority, severity, and score impact.

5 fixes

6 opportunities

9 insights

critical

Security

Priority 1

Remove exposed sensitive files

-16 pts

What failed

A small public allowlist probe found a sensitive-looking file path.

Evidence

A small allowlist probe returned a public success response.

Priority

Priority 1: fix before sharing the page publicly.

Why it matters

Publicly exposed config or backup files can leak implementation details or secrets.

How to fix it

Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.

high

Accessibility

Priority 5

Fix rendered axe accessibility violations

-18 pts

What failed

The rendered page has accessibility rule violations detected by axe-core.

Evidence

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: color-contrast (3), svg-img-alt (1).

Priority

Priority 5: fix before sharing the page publicly.

Why it matters

axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.

How to fix it

Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.

medium

Design

Priority 13

Fix rendered layout ergonomics

-9 pts

What failed

The browser-rendered page has layout or tap-target issues.

Evidence

Horizontal overflow: 0px. Small tap targets: 3.

Priority

Priority 13: fix during launch polish.

Why it matters

Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.

How to fix it

Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.

medium

Design

Priority 16

Add trust signals

-10 pts

What failed

The page does not expose detectable proof, customer, review, security, or credibility signals.

Evidence

Detected 0 trust-signal keyword occurrence(s).

Priority

Priority 16: lower-risk cleanup after urgent launch blockers.

Why it matters

Trust signals reduce hesitation when strangers see the product for the first time.

How to fix it

Add honest proof such as customer quotes, usage stats, founder credibility, security notes, or relevant logos.

medium

Accessibility

Priority 20

Improve detectable color contrast

-8 pts

What failed

The scanner found text/background color pairs that may be hard to read, or could not verify contrast.

Evidence

7 of 93 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.

Priority

Priority 20: lower-risk cleanup after urgent launch blockers.

Why it matters

Low contrast makes a launch page feel less polished and can exclude users with low vision.

How to fix it

Review key text, buttons, and links against a 4.5:1 contrast target for normal text.

Unknown and not detected states

FreeScan.app keeps partial public data explicit. It marks unverifiable signals as unknown or not detected instead of inventing evidence.

1 unknown

Safe public scans cannot see private cookies, authenticated content, browser-rendered state, or reliable contrast values unless they are present in static public markup.

not detected

Security

Priority 20

Visible cookie flags

Cookie flags were not visible from the safe public metadata captured for this page.

Why it matters: Session and preference cookies should avoid unnecessary exposure before early users sign in or submit forms.

Manual check: Review application cookies in the browser and set Secure, HttpOnly where appropriate, SameSite, and narrow expiration values before launch.

Score aggregation details

Category scores come from earned rule points divided by available rule points. Failed checks are ordered by severity and score lost.

100/100

11 pass, 0 fail, 0 unknown

SEO / AEO

Severity mix: 0 critical, 3 high, 6 medium, 2 low.

No failed checks in this category.

76/100

4 pass, 1 fail, 1 unknown

Security

Severity mix: 2 critical, 3 high, 0 medium, 0 low.

critical

Sensitive file probes

-16 pts

A small allowlist probe returned a public success response.

72/100

6 pass, 2 fail, 0 unknown

Accessibility

Severity mix: 0 critical, 3 high, 5 medium, 0 low.

high

Rendered axe accessibility violations

-18 pts

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: color-contrast (3), svg-img-alt (1).

medium

Basic contrast

-8 pts

7 of 93 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.

83/100

9 pass, 2 fail, 0 unknown

Design

Severity mix: 0 critical, 3 high, 6 medium, 2 low.

medium

Trust signals

-10 pts

Detected 0 trust-signal keyword occurrence(s).

medium

Rendered layout ergonomics

-9 pts

Horizontal overflow: 0px. Small tap targets: 3.

Full check list

Failed, unknown, and passed checks are all shown so the report is transparent even when public data is partial.

Showing failed checks.

Failed checks

These checks need attention.

fail

critical

Security

Sensitive file probes

0/16

A small allowlist probe returned a public success response.

Failed: earned 0 of 16 points.

Priority: Priority 1: fix before sharing the page publicly.

Why it matters: Publicly exposed config or backup files can leak implementation details or secrets.

Fix: Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.

fail

medium

Accessibility

Basic contrast

0/8

7 of 93 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.

Failed: earned 0 of 8 points.

Priority: Priority 20: lower-risk cleanup after urgent launch blockers.

Why it matters: Low contrast makes a launch page feel less polished and can exclude users with low vision.

Fix: Review key text, buttons, and links against a 4.5:1 contrast target for normal text.

fail

high

Accessibility

Rendered axe accessibility violations

0/18

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: color-contrast (3), svg-img-alt (1).

Failed: earned 0 of 18 points.

Priority: Priority 5: fix before sharing the page publicly.

Why it matters: axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.

Fix: Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.

fail

medium

Design

Trust signals

0/10

Detected 0 trust-signal keyword occurrence(s).

Failed: earned 0 of 10 points.

Priority: Priority 16: lower-risk cleanup after urgent launch blockers.

Why it matters: Trust signals reduce hesitation when strangers see the product for the first time.

Fix: Add honest proof such as customer quotes, usage stats, founder credibility, security notes, or relevant logos.

fail

medium

Design

Rendered layout ergonomics

0/9

Horizontal overflow: 0px. Small tap targets: 3.

Failed: earned 0 of 9 points.

Priority: Priority 13: fix during launch polish.

Why it matters: Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.

Fix: Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.

Safe fetch metadata

Public headers and redirects captured during intake. Response bodies, cookies, and credentials are not stored.

Security and accessibility checks are basic automated public checks. They are not a complete security audit, penetration test, privacy review, or WCAG certification.

Landing page

Step 1HTTP 2006 captured header(s)

Checked: https://www.freescan.app

Next/final: https://www.freescan.app

Content type: text/html; charset=utf-8

Landing page

Step 2HTTP 2006 captured header(s)

Checked: https://www.freescan.app

Next/final: https://www.freescan.app

Content type: text/html; charset=utf-8

Content hash: 91eeaa8e871a67cc36bf91252ee4546684fd577ed275871e2f2d82b8cdc4224d

robots.txt

Step 3HTTP 2007 captured header(s)

Checked: https://www.freescan.app/robots.txt

Next/final: https://www.freescan.app/robots.txt

Content type: text/plain; charset=utf-8

Content hash: 497f8d681cce5d70edd5db84cdbdece3ab036bcf2cc87d60e63f413f5d20b9aa

sitemap.xml

Step 4HTTP 2006 captured header(s)

Checked: https://www.freescan.app/sitemap.xml

Next/final: https://www.freescan.app/sitemap.xml

Content type: application/xml

Content hash: 196c800b4f317b5c5991283e829aa0a4fc55bc51c026ce0510b9ca3e567254bb

llms.txt

Step 5HTTP 2006 captured header(s)

Checked: https://www.freescan.app/llms.txt

Next/final: https://www.freescan.app/llms.txt

Content type: text/plain; charset=utf-8

Content hash: d059dd88e5800a06709d2454fcf433b5b443e7c21a32da67750e8d3ce242df57

Security probe

Step 6HTTP 3076 captured header(s)

Checked: https://www.freescan.app/.env

Next/final: https://www.freescan.app/.env

Content type: text/html

Content hash: 6b56a6cb3002ae013f16d14deae0ae7eacbeb4352cf6311a183f34d6076d0511

Security probe

Step 7HTTP 3076 captured header(s)

Checked: https://www.freescan.app/.git/config

Next/final: https://www.freescan.app/.git/config

Content type: text/html

Content hash: 6b56a6cb3002ae013f16d14deae0ae7eacbeb4352cf6311a183f34d6076d0511

Security probe

Step 8HTTP 3076 captured header(s)

Checked: https://www.freescan.app/wp-config.php

Next/final: https://www.freescan.app/wp-config.php

Content type: text/html

Content hash: 6b56a6cb3002ae013f16d14deae0ae7eacbeb4352cf6311a183f34d6076d0511

Security probe

Step 9HTTP 3076 captured header(s)

Checked: https://www.freescan.app/backup.zip

Next/final: https://www.freescan.app/backup.zip

Content type: text/html

Content hash: 6b56a6cb3002ae013f16d14deae0ae7eacbeb4352cf6311a183f34d6076d0511

Captured public headers

content-type

text/html; charset=utf-8

referrer-policy

strict-origin-when-cross-origin

permissions-policy

camera=(), microphone=(), geolocation=(), payment=()

x-content-type-options

nosniff

content-security-policy

frame-ancestors 'self' https://buildhop.io

strict-transport-security

max-age=63072000

Public report link

Markdown export

Share the website audit report

Copy a public report link or a Markdown version with scores, fixes, opportunities, insights, and a normal link back to the scanned site.

Share preview

freescan.app website audit report

Close to ready: 83/100 overall, with prioritized fixes for SEO, security, accessibility, and design.

Public report link

Markdown report

# freescan.app Website Scan

Scanned URL: [https://www.freescan.app](https://www.freescan.app)
Report URL: /scan/freescan-app-83-launch-readiness-report-82952be7
Created: 2026-06-29T03:25:00.363Z

## Score Summary

- Overall: 83/100
- SEO / AEO: 100/100
- Security: 76/100
- Accessibility: 72/100
- Design: 83/100

## Launch Readiness

Close to ready (Needs polish).

Passed: 30. Failed: 5. Unknown: 1.
Strongest area: SEO / AEO. Weakest area: Accessibility.

## Prioritized Fixes

### 1. Remove exposed sensitive files

- Category: Security
- Severity: critical
- Score lost: 16
- Evidence: A small allowlist probe returned a public success response.
- Why it matters: Publicly exposed config or backup files can leak implementation details or secrets.
- Fix: Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.

### 2. Fix rendered axe accessibility violations

- Category: Accessibility
- Severity: high
- Score lost: 18
- Evidence: axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: color-contrast (3), svg-img-alt (1).
- Why it matters: axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.
- Fix: Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.

### 3. Fix rendered layout ergonomics

- Category: Design
- Severity: medium
- Score lost: 9
- Evidence: Horizontal overflow: 0px. Small tap targets: 3.
- Why it matters: Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.
- Fix: Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.

### 4. Add trust signals

- Category: Design
- Severity: medium
- Score lost: 10
- Evidence: Detected 0 trust-signal keyword occurrence(s).
- Why it matters: Trust signals reduce hesitation when strangers see the product for the first time.
- Fix: Add honest proof such as customer quotes, usage stats, founder credibility, security notes, or relevant logos.

### 5. Improve detectable color contrast

- Category: Accessibility
- Severity: medium
- Score lost: 8
- Evidence: 7 of 93 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.
- Why it matters: Low contrast makes a launch page feel less polished and can exclude users with low vision.
- Fix: Review key text, buttons, and links against a 4.5:1 contrast target for normal text.

## Opportunities

### Add answer-ready sections for common buyer questions

- Impact: high
- Category: SEO / AEO
- Evidence: Pricing signals: 1. Use-case signals: 1. Integration/API signals: 0.
- Why it matters: Answer engines and search visitors need concise textual answers to summarize who the product is for, how it works, what it costs, and what it connects with.
- Next step: Add short, crawlable sections for pricing or plans, ideal users, use cases, integrations, security, and how the product differs from alternatives.

### Expose important supporting pages in navigation or footer

- Impact: medium
- Category: SEO / AEO
- Evidence: No pricing, docs, contact, security, privacy, terms, or about links were detected in public internal links.
- Why it matters: Internal links help visitors, crawlers, and AI answer systems discover supporting facts instead of relying on one landing page.
- Next step: Link to the most useful public pages, especially pricing, docs, contact, security, privacy, terms, and about pages where applicable.

### Make trust and proof easier to detect

- Impact: medium
- Category: Design
- Evidence: Detected 0 trust-signal keyword occurrence(s).
- Why it matters: Visitors who arrive cold from search, social, or AI citations need proof before they submit a form, start a trial, or buy.
- Next step: Add honest proof such as customer quotes, recognizable logos, security notes, usage stats, reviews, case studies, or founder credibility.

### Tighten the live color system

- Impact: high
- Category: Accessibility
- Evidence: 7 of 93 rendered contrast sample(s) missed target. Worst ratio: 1.
- Why it matters: Computed contrast catches the actual colors visitors see after CSS, themes, and overlays are applied.
- Next step: Audit foreground/background token pairs for body text, muted text, links, buttons, inputs, and badges, then raise weak pairs to WCAG AA contrast targets.

### Polish rendered responsive ergonomics

- Impact: medium
- Category: Design
- Evidence: Horizontal overflow: 0px. Small tap targets: 3.
- Why it matters: Overflow and tiny controls are easy for static scans to miss but obvious to real users, especially on mobile and tablet layouts.
- Next step: Constrain wide elements, avoid fixed-width content that exceeds the viewport, and increase touch target sizes for interactive controls.

### Measure search performance with first-party data

- Impact: medium
- Category: SEO / AEO
- Evidence: robots.txt and sitemap.xml were reachable, so the site has the basics needed for Search Console verification and monitoring.
- Why it matters: A scan can identify technical readiness, but Search Console and analytics reveal impressions, queries, clicks, pages, and conversions over time.
- Next step: Verify the domain in Search Console, submit the sitemap, and pair query/page data with analytics events for signups, demo requests, and purchases.

## Insights

### The page appears basically crawlable

- Category: SEO / AEO
- Evidence: HTTP 200. robots.txt: HTTP 200. sitemap.xml: HTTP 200. noindex check: clear.
- Interpretation: The public page satisfies the basic crawl/index path the scan can verify.
- Recommended use: Use this as the first launch gate before deeper content, ranking, or AI visibility work.

### AEO depends on normal SEO plus answerable text

- Category: SEO / AEO
- Evidence: Visible words: 375. H1 count: 1. Audience signals: 5. CTA labels: Scan free, Scan your landing page free, Scan, What should I scan first?, What are the limits of the free scan?.
- Interpretation: Google AI features currently rely on standard Search eligibility; the extra advantage comes from content that is easy to quote, summarize, and verify.
- Recommended use: Prioritize clear text answers, crawlable support pages, accurate schema, and visible proof over speculative AI-only markup.

### Detected entity signals

- Category: SEO / AEO
- Evidence: Title: Free SEO / AEO Website Scan. H1: Find the fixes, opportunities, and insights hiding on your website. Schema types: BreadcrumbList, FAQPage, Organization, SoftwareApplication, WebSite.
- Interpretation: The stronger and more consistent these entity signals are, the easier it is for search and answer systems to identify the brand, product category, and page purpose.
- Recommended use: Keep the title, H1, meta description, Open Graph, schema, footer, and about/pricing/docs pages aligned around the same product facts.

### Structured data is present

- Category: SEO / AEO
- Evidence: JSON-LD blocks: 1. Types: BreadcrumbList, FAQPage, Organization, SoftwareApplication, WebSite. Parse errors: 0.
- Interpretation: The page exposes machine-readable facts, but quality still depends on whether those facts match visible content.
- Recommended use: Validate JSON-LD and use only accurate facts that are visible or clearly supported on the public page.

### Weakest score area

- Category: Accessibility
- Evidence: SEO / AEO: 100/100. Security: 76/100. Accessibility: 72/100. Design: 83/100
- Interpretation: The weakest area is Accessibility, so improvements there should have the most visible effect on readiness.
- Recommended use: Use the score mix to choose the next workstream instead of treating every issue as equally urgent.

### LLM-readable file found

- Category: SEO / AEO
- Evidence: https://www.freescan.app/llms.txt returned HTTP 200.
- Interpretation: llms.txt can be a useful optional summary for agents, but it should not be treated as a guaranteed AI search ranking factor.
- Recommended use: Invest first in crawlability, helpful visible content, internal links, and accurate schema; add llms.txt as a tidy supplement.

### Rendered page experience snapshot

- Category: Design
- Evidence: Rendered text samples: 93. Contrast failures: 7. Console errors: 0. Horizontal overflow: 0px.
- Interpretation: The scan inspected the browser-rendered page, so contrast, runtime, layout, and timing signals are more representative than static markup alone.
- Recommended use: Use rendered checks to prioritize issues that visitors actually experience after JavaScript and CSS load.

### Rendered speed snapshot

- Category: Design
- Evidence: DOMContentLoaded: 223ms. Load complete: 552ms. First contentful paint: not available. Resources: 17. Scripts: 11. Images: 2. Third-party origins: 3. Transfer: not available.
- Interpretation: These are lightweight browser timings from one rendered scan, so they are useful directional signals rather than real-user performance proof.
- Recommended use: Use slow timings, high script counts, heavy transfer size, and many third-party origins to choose focused speed work, then verify important changes with analytics or field data when available.

### Rendered axe accessibility snapshot

- Category: Accessibility
- Evidence: axe violations: 2. Critical: 0. Serious: 2. Top rules: color-contrast, svg-img-alt.
- Interpretation: axe-core catches common accessibility failures in the actual rendered DOM, but it is still automated coverage and not a full manual accessibility audit.
- Recommended use: Treat critical and serious axe failures as high-priority fixes, then manually review keyboard flow, focus states, screen reader meaning, and interaction states.

## Scope

FreeScan.app performs safe public checks only. It is not a penetration test, full SEO engagement, full accessibility audit, WCAG certification, backlink audit, rank tracker, or analytics platform.

Public reports expose the scanned public URL, safe scores, sanitized public evidence, and fix guidance. They do not include credentials, cookies, hidden form values, or sensitive response bodies.

Rescan same URL

Rerun the full deterministic scanner for freescan.app without re-entering the URL. The previous report stays saved so the next result can be compared against it.