The scanner fetched the public page, extracted deterministic facts, and stored scored results across SEO / AEO, security, accessibility, and design.
Submitted
https://promptjoy.app/
Final URL
https://promptjoy.app
Created
Jun 29, 2026, 3:45 AM
Safe fetch
157 ms
84
out of 100
100
out of 100
82/82 rule points
79
out of 100
60/76 rule points
72
out of 100
68/94 rule points
85
out of 100
94/110 rule points
Category point breakdown
Biggest score-losing checks
axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: button-name (1), color-contrast (5).
A small allowlist probe returned a public success response.
Horizontal overflow: 0px. Small tap targets: 18.
4 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.
What failed
A small public allowlist probe found a sensitive-looking file path.
Evidence
A small allowlist probe returned a public success response.
Priority
Priority 1: fix before sharing the page publicly.
Why it matters
Publicly exposed config or backup files can leak implementation details or secrets.
How to fix it
Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.
What failed
The rendered page has accessibility rule violations detected by axe-core.
Evidence
axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: button-name (1), color-contrast (5).
Priority
Priority 5: fix before sharing the page publicly.
Why it matters
axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.
How to fix it
Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.
What failed
The browser-rendered page has layout or tap-target issues.
Evidence
Horizontal overflow: 0px. Small tap targets: 18.
Priority
Priority 13: fix during launch polish.
Why it matters
Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.
How to fix it
Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.
What failed
The rendered page produced console or uncaught JavaScript errors.
Evidence
Detected 1 console error(s) and 0 uncaught page error(s) during render.
Priority
Priority 15: fix during launch polish.
Why it matters
Runtime errors can break forms, CTAs, animations, tracking, or responsive behavior even when the static HTML looks fine.
How to fix it
Open the page in a browser, reproduce the console errors, and fix missing assets, hydration problems, client-side exceptions, or failing third-party scripts.
What failed
The scanner found text/background color pairs that may be hard to read, or could not verify contrast.
Evidence
4 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.
Priority
Priority 20: lower-risk cleanup after urgent launch blockers.
Why it matters
Low contrast makes a launch page feel less polished and can exclude users with low vision.
How to fix it
Review key text, buttons, and links against a 4.5:1 contrast target for normal text.
This scan did not produce unknown checks. If a future page has partial public data, the report will show those checks here instead of guessing.
Severity mix: 0 critical, 3 high, 6 medium, 2 low.
No failed checks in this category.
Severity mix: 2 critical, 3 high, 0 medium, 0 low.
A small allowlist probe returned a public success response.
Severity mix: 0 critical, 3 high, 5 medium, 0 low.
axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: button-name (1), color-contrast (5).
4 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.
Severity mix: 0 critical, 3 high, 6 medium, 2 low.
Horizontal overflow: 0px. Small tap targets: 18.
Detected 1 console error(s) and 0 uncaught page error(s) during render.
Showing failed checks.
These checks need attention.
A small allowlist probe returned a public success response.
Failed: earned 0 of 16 points.
Priority: Priority 1: fix before sharing the page publicly.
Why it matters: Publicly exposed config or backup files can leak implementation details or secrets.
Fix: Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.
4 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.
Failed: earned 0 of 8 points.
Priority: Priority 20: lower-risk cleanup after urgent launch blockers.
Why it matters: Low contrast makes a launch page feel less polished and can exclude users with low vision.
Fix: Review key text, buttons, and links against a 4.5:1 contrast target for normal text.
axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: button-name (1), color-contrast (5).
Failed: earned 0 of 18 points.
Priority: Priority 5: fix before sharing the page publicly.
Why it matters: axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.
Fix: Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.
Detected 1 console error(s) and 0 uncaught page error(s) during render.
Failed: earned 0 of 7 points.
Priority: Priority 15: fix during launch polish.
Why it matters: Runtime errors can break forms, CTAs, animations, tracking, or responsive behavior even when the static HTML looks fine.
Fix: Open the page in a browser, reproduce the console errors, and fix missing assets, hydration problems, client-side exceptions, or failing third-party scripts.
Horizontal overflow: 0px. Small tap targets: 18.
Failed: earned 0 of 9 points.
Priority: Priority 13: fix during launch polish.
Why it matters: Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.
Fix: Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.
Security and accessibility checks are basic automated public checks. They are not a complete security audit, penetration test, privacy review, or WCAG certification.
Checked: https://promptjoy.app
Next/final: https://promptjoy.app
Content type: text/html; charset=utf-8
Checked: https://promptjoy.app
Next/final: https://promptjoy.app
Content type: text/html; charset=utf-8
Content hash: dd5d6070be8880ec5cecc6f80787d7ada548dc103c81b3bd74732aa0d27dccee
Checked: https://promptjoy.app/robots.txt
Next/final: https://promptjoy.app/robots.txt
Content type: text/html
Content hash: af6ce320d3a273a4839d41ed852cf0110c344deaa92de4540fd2c5202a5ddb49
Checked: https://promptjoy.app/sitemap.xml
Next/final: https://promptjoy.app/sitemap.xml
Content type: text/html
Content hash: f420d397cab3b93102cece399cc07c73f9d59e2c0385f3f5bb9cf58422cb576d
Checked: https://promptjoy.app/llms.txt
Next/final: https://promptjoy.app/llms.txt
Content type: text/html
Content hash: faaa6116a2e7260662056144f8e985c3d80a9261fa5765224bf72029524f923d
Checked: https://promptjoy.app/.env
Next/final: https://promptjoy.app/.env
Content type: text/html
Content hash: c043fa5286f7b2504cdf6bb3429a578eee583c5e604727d60ba7b53fedb33cfe
Checked: https://promptjoy.app/.git/config
Next/final: https://promptjoy.app/.git/config
Content type: text/html
Content hash: 392ca49921e8b2cc60d073e6fe68283576ae751509e93a9c5decefe3bb87b413
Checked: https://promptjoy.app/wp-config.php
Next/final: https://promptjoy.app/wp-config.php
Content type: text/html
Content hash: 47aa9d49afd0f55d70d1ee39ba4d9226534ccdbfb85435d9cd2cb695b669a4e6
Checked: https://promptjoy.app/backup.zip
Next/final: https://promptjoy.app/backup.zip
Content type: text/html
Content hash: 97fa1b149c373734f29bfea8ec8f9c5f7013d4441e30236306cde209e0a8f863
Captured public headers
content-type
text/html; charset=utf-8
referrer-policy
strict-origin-when-cross-origin
permissions-policy
camera=(), microphone=(), geolocation=(), payment=(), usb=(), browsing-topics=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' https: wss:; media-src 'self' data: blob: https:; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self' https://buildhop.io https://www.buildhop.io; upgrade-insecure-requests
strict-transport-security
max-age=63072000; includeSubDomains; preload
Share preview
promptjoy.app website audit report
Close to ready: 84/100 overall, with prioritized fixes for SEO, security, accessibility, and design.
Public reports expose the scanned public URL, safe scores, sanitized public evidence, and fix guidance. They do not include credentials, cookies, hidden form values, or sensitive response bodies.