Website audit scorecard for nyt-sudoku.net
The scanner fetched the public page, extracted deterministic facts, and stored scored results across SEO / AEO, security, accessibility, and design.
Submitted
https://nyt-sudoku.net/
Final URL
https://nyt-sudoku.net
Created
Jul 12, 2026, 3:31 AM
Safe fetch
307 ms
77
out of 100
84
out of 100
96/114 rule points
76
out of 100
58/76 rule points
72
out of 100
68/94 rule points
74
out of 100
81/110 rule points
Category point breakdown
Biggest score-losing checks
Detected 0 of 5 common public security headers. Present: none. Missing: strict-transport-security, content-security-policy, x-content-type-options, x-frame-options, referrer-policy.
axe found 3 violation rule(s), including 1 serious or critical rule(s). Top rules: aria-required-children (1), landmark-unique (1), region (2).
FreeScan.app reached the public page with HTTP 200. robots.txt blocks Googlebot, Bingbot, DuckDuckBot, and 9 more for this page path.
Detected about 3131 visible word(s).
Unblock public crawlers
-14 rule ptsWhat failed
The public page appears blocked for FreeScan.app or for important search and AI crawler user agents.
Evidence
FreeScan.app reached the public page with HTTP 200. robots.txt blocks Googlebot, Bingbot, DuckDuckBot, and 9 more for this page path.
Priority
Priority 2: fix before sharing the page publicly.
Why it matters
If crawlers cannot access the page, search engines and answer engines may not discover, index, or summarize the launch page correctly.
How to fix it
Review robots.txt, Cloudflare/WAF bot rules, rate limits, and security challenges. Allow legitimate search and AI crawler access to public launch pages while keeping private, admin, and authenticated paths protected.
Copyable agent prompt
Add common public security headers
-18 rule ptsWhat failed
Several basic browser protection headers were not visible.
Evidence
Detected 0 of 5 common public security headers. Present: none. Missing: strict-transport-security, content-security-policy, x-content-type-options, x-frame-options, referrer-policy.
Priority
Priority 5: fix before sharing the page publicly.
Why it matters
These headers reduce avoidable browser-side risk and show a baseline of care before launch.
How to fix it
Configure headers such as Strict-Transport-Security, Content-Security-Policy, X-Content-Type-Options, X-Frame-Options, and Referrer-Policy.
Copyable agent prompt
Fix rendered axe accessibility violations
-18 rule ptsWhat failed
The rendered page has accessibility rule violations detected by axe-core.
Evidence
axe found 3 violation rule(s), including 1 serious or critical rule(s). Top rules: aria-required-children (1), landmark-unique (1), region (2).
Priority
Priority 5: fix before sharing the page publicly.
Why it matters
axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.
How to fix it
Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.
Copyable agent prompt
Fix rendered layout ergonomics
-9 rule ptsWhat failed
The browser-rendered page has layout or tap-target issues.
Evidence
Horizontal overflow: 0px. Small tap targets: 36.
Priority
Priority 13: fix during launch polish.
Why it matters
Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.
How to fix it
Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.
Copyable agent prompt
Add trust signals
-10 rule ptsWhat failed
The page does not expose detectable proof, customer, review, security, or credibility signals.
Evidence
Detected 0 trust-signal keyword occurrence(s).
Priority
Priority 16: lower-risk cleanup after urgent launch blockers.
Why it matters
Trust signals reduce hesitation when strangers see the product for the first time.
How to fix it
Add honest proof such as customer quotes, usage stats, founder credibility, security notes, or relevant logos.
Copyable agent prompt
SEO / AEO
Severity mix: 1 critical, 7 high, 3 medium, 2 low.
Crawler access
-14 rule ptsFreeScan.app reached the public page with HTTP 200. robots.txt blocks Googlebot, Bingbot, DuckDuckBot, and 9 more for this page path.
LLM-readable file
-4 rule ptsHTTP 404 returned for llms_txt.
Security
Severity mix: 2 critical, 3 high, 0 medium, 0 low.
Common security headers
-18 rule ptsDetected 0 of 5 common public security headers. Present: none. Missing: strict-transport-security, content-security-policy, x-content-type-options, x-frame-options, referrer-policy.
Accessibility
Severity mix: 0 critical, 3 high, 5 medium, 0 low.
Rendered axe accessibility violations
-18 rule ptsaxe found 3 violation rule(s), including 1 serious or critical rule(s). Top rules: aria-required-children (1), landmark-unique (1), region (2).
Basic contrast
-8 rule pts6 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.02.
Design
Severity mix: 0 critical, 3 high, 6 medium, 2 low.
Text density
-10 rule ptsDetected about 3131 visible word(s).
Trust signals
-10 rule ptsDetected 0 trust-signal keyword occurrence(s).
Rendered layout ergonomics
-9 rule ptsHorizontal overflow: 0px. Small tap targets: 36.
Showing failed checks.
Failed checks
These checks need attention.
Crawler access
0/14FreeScan.app reached the public page with HTTP 200. robots.txt blocks Googlebot, Bingbot, DuckDuckBot, and 9 more for this page path.
Failed: earned 0 of 14 points.
Priority: Priority 2: fix before sharing the page publicly.
Why it matters: If crawlers cannot access the page, search engines and answer engines may not discover, index, or summarize the launch page correctly.
Fix: Review robots.txt, Cloudflare/WAF bot rules, rate limits, and security challenges. Allow legitimate search and AI crawler access to public launch pages while keeping private, admin, and authenticated paths protected.
Copyable agent prompt
LLM-readable file
0/4HTTP 404 returned for llms_txt.
Failed: earned 0 of 4 points.
Priority: Priority 24: lower-risk cleanup after urgent launch blockers.
Why it matters: A short LLM-readable file can help answer engines and AI tools summarize your product accurately.
Fix: Add /llms.txt or /.well-known/llms.txt with the product name, audience, value proposition, and key public links.
Copyable agent prompt
Common security headers
0/18Detected 0 of 5 common public security headers. Present: none. Missing: strict-transport-security, content-security-policy, x-content-type-options, x-frame-options, referrer-policy.
Failed: earned 0 of 18 points.
Priority: Priority 5: fix before sharing the page publicly.
Why it matters: These headers reduce avoidable browser-side risk and show a baseline of care before launch.
Fix: Configure headers such as Strict-Transport-Security, Content-Security-Policy, X-Content-Type-Options, X-Frame-Options, and Referrer-Policy.
Copyable agent prompt
Basic contrast
0/86 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.02.
Failed: earned 0 of 8 points.
Priority: Priority 20: lower-risk cleanup after urgent launch blockers.
Why it matters: Low contrast makes a launch page feel less polished and can exclude users with low vision.
Fix: Review key text, buttons, and links against a 4.5:1 contrast target for normal text.
Copyable agent prompt
Rendered axe accessibility violations
0/18axe found 3 violation rule(s), including 1 serious or critical rule(s). Top rules: aria-required-children (1), landmark-unique (1), region (2).
Failed: earned 0 of 18 points.
Priority: Priority 5: fix before sharing the page publicly.
Why it matters: axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.
Fix: Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.
Copyable agent prompt
Text density
0/10Detected about 3131 visible word(s).
Failed: earned 0 of 10 points.
Priority: Priority 21: lower-risk cleanup after urgent launch blockers.
Why it matters: Too little copy can leave visitors confused; too much copy can bury the value proposition.
Fix: Add concise sections for value, proof, how it works, and next steps, then remove repetitive copy.
Copyable agent prompt
Trust signals
0/10Detected 0 trust-signal keyword occurrence(s).
Failed: earned 0 of 10 points.
Priority: Priority 16: lower-risk cleanup after urgent launch blockers.
Why it matters: Trust signals reduce hesitation when strangers see the product for the first time.
Fix: Add honest proof such as customer quotes, usage stats, founder credibility, security notes, or relevant logos.
Copyable agent prompt
Rendered layout ergonomics
0/9Horizontal overflow: 0px. Small tap targets: 36.
Failed: earned 0 of 9 points.
Priority: Priority 13: fix during launch polish.
Why it matters: Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.
Fix: Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.
Copyable agent prompt
Share preview
nyt-sudoku.net website audit report
Close to ready: 77/100 overall, with prioritized fixes for SEO, security, accessibility, and design.
Public reports expose the scanned public URL, safe scores, sanitized public evidence, and fix guidance. They do not include credentials, cookies, hidden form values, or sensitive response bodies.