The scanner fetched the public page, extracted deterministic facts, and stored scored results across SEO / AEO, security, accessibility, and design.
Submitted
https://www.freescan.app/
Final URL
https://www.freescan.app
Created
Jun 29, 2026, 3:25 AM
Safe fetch
52 ms
83
out of 100
100
out of 100
82/82 rule points
76
out of 100
58/76 rule points
72
out of 100
68/94 rule points
83
out of 100
91/110 rule points
Category point breakdown
Biggest score-losing checks
axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: color-contrast (3), svg-img-alt (1).
A small allowlist probe returned a public success response.
Detected 0 trust-signal keyword occurrence(s).
Horizontal overflow: 0px. Small tap targets: 3.
What failed
A small public allowlist probe found a sensitive-looking file path.
Evidence
A small allowlist probe returned a public success response.
Priority
Priority 1: fix before sharing the page publicly.
Why it matters
Publicly exposed config or backup files can leak implementation details or secrets.
How to fix it
Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.
What failed
The rendered page has accessibility rule violations detected by axe-core.
Evidence
axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: color-contrast (3), svg-img-alt (1).
Priority
Priority 5: fix before sharing the page publicly.
Why it matters
axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.
How to fix it
Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.
What failed
The browser-rendered page has layout or tap-target issues.
Evidence
Horizontal overflow: 0px. Small tap targets: 3.
Priority
Priority 13: fix during launch polish.
Why it matters
Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.
How to fix it
Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.
What failed
The page does not expose detectable proof, customer, review, security, or credibility signals.
Evidence
Detected 0 trust-signal keyword occurrence(s).
Priority
Priority 16: lower-risk cleanup after urgent launch blockers.
Why it matters
Trust signals reduce hesitation when strangers see the product for the first time.
How to fix it
Add honest proof such as customer quotes, usage stats, founder credibility, security notes, or relevant logos.
What failed
The scanner found text/background color pairs that may be hard to read, or could not verify contrast.
Evidence
7 of 93 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.
Priority
Priority 20: lower-risk cleanup after urgent launch blockers.
Why it matters
Low contrast makes a launch page feel less polished and can exclude users with low vision.
How to fix it
Review key text, buttons, and links against a 4.5:1 contrast target for normal text.
Cookie flags were not visible from the safe public metadata captured for this page.
Why it matters: Session and preference cookies should avoid unnecessary exposure before early users sign in or submit forms.
Manual check: Review application cookies in the browser and set Secure, HttpOnly where appropriate, SameSite, and narrow expiration values before launch.
Severity mix: 0 critical, 3 high, 6 medium, 2 low.
No failed checks in this category.
Severity mix: 2 critical, 3 high, 0 medium, 0 low.
A small allowlist probe returned a public success response.
Severity mix: 0 critical, 3 high, 5 medium, 0 low.
axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: color-contrast (3), svg-img-alt (1).
7 of 93 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.
Severity mix: 0 critical, 3 high, 6 medium, 2 low.
Detected 0 trust-signal keyword occurrence(s).
Horizontal overflow: 0px. Small tap targets: 3.
Showing failed checks.
These checks need attention.
A small allowlist probe returned a public success response.
Failed: earned 0 of 16 points.
Priority: Priority 1: fix before sharing the page publicly.
Why it matters: Publicly exposed config or backup files can leak implementation details or secrets.
Fix: Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.
7 of 93 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.
Failed: earned 0 of 8 points.
Priority: Priority 20: lower-risk cleanup after urgent launch blockers.
Why it matters: Low contrast makes a launch page feel less polished and can exclude users with low vision.
Fix: Review key text, buttons, and links against a 4.5:1 contrast target for normal text.
axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: color-contrast (3), svg-img-alt (1).
Failed: earned 0 of 18 points.
Priority: Priority 5: fix before sharing the page publicly.
Why it matters: axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.
Fix: Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.
Detected 0 trust-signal keyword occurrence(s).
Failed: earned 0 of 10 points.
Priority: Priority 16: lower-risk cleanup after urgent launch blockers.
Why it matters: Trust signals reduce hesitation when strangers see the product for the first time.
Fix: Add honest proof such as customer quotes, usage stats, founder credibility, security notes, or relevant logos.
Horizontal overflow: 0px. Small tap targets: 3.
Failed: earned 0 of 9 points.
Priority: Priority 13: fix during launch polish.
Why it matters: Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.
Fix: Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.
Security and accessibility checks are basic automated public checks. They are not a complete security audit, penetration test, privacy review, or WCAG certification.
Checked: https://www.freescan.app
Next/final: https://www.freescan.app
Content type: text/html; charset=utf-8
Checked: https://www.freescan.app
Next/final: https://www.freescan.app
Content type: text/html; charset=utf-8
Content hash: 91eeaa8e871a67cc36bf91252ee4546684fd577ed275871e2f2d82b8cdc4224d
Checked: https://www.freescan.app/robots.txt
Next/final: https://www.freescan.app/robots.txt
Content type: text/plain; charset=utf-8
Content hash: 497f8d681cce5d70edd5db84cdbdece3ab036bcf2cc87d60e63f413f5d20b9aa
Checked: https://www.freescan.app/sitemap.xml
Next/final: https://www.freescan.app/sitemap.xml
Content type: application/xml
Content hash: 196c800b4f317b5c5991283e829aa0a4fc55bc51c026ce0510b9ca3e567254bb
Checked: https://www.freescan.app/llms.txt
Next/final: https://www.freescan.app/llms.txt
Content type: text/plain; charset=utf-8
Content hash: d059dd88e5800a06709d2454fcf433b5b443e7c21a32da67750e8d3ce242df57
Checked: https://www.freescan.app/.env
Next/final: https://www.freescan.app/.env
Content type: text/html
Content hash: 6b56a6cb3002ae013f16d14deae0ae7eacbeb4352cf6311a183f34d6076d0511
Checked: https://www.freescan.app/.git/config
Next/final: https://www.freescan.app/.git/config
Content type: text/html
Content hash: 6b56a6cb3002ae013f16d14deae0ae7eacbeb4352cf6311a183f34d6076d0511
Checked: https://www.freescan.app/wp-config.php
Next/final: https://www.freescan.app/wp-config.php
Content type: text/html
Content hash: 6b56a6cb3002ae013f16d14deae0ae7eacbeb4352cf6311a183f34d6076d0511
Checked: https://www.freescan.app/backup.zip
Next/final: https://www.freescan.app/backup.zip
Content type: text/html
Content hash: 6b56a6cb3002ae013f16d14deae0ae7eacbeb4352cf6311a183f34d6076d0511
Captured public headers
content-type
text/html; charset=utf-8
referrer-policy
strict-origin-when-cross-origin
permissions-policy
camera=(), microphone=(), geolocation=(), payment=()
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://buildhop.io
strict-transport-security
max-age=63072000
Share preview
freescan.app website audit report
Close to ready: 83/100 overall, with prioritized fixes for SEO, security, accessibility, and design.
Public reports expose the scanned public URL, safe scores, sanitized public evidence, and fix guidance. They do not include credentials, cookies, hidden form values, or sensitive response bodies.