Public status

completed

HTTP 200

0 redirects

36 checks

Website audit scorecard for promptjoy.app

The scanner fetched the public page, extracted deterministic facts, and stored scored results across SEO / AEO, security, accessibility, and design.

Submitted

https://promptjoy.app/

Final URL

https://promptjoy.app

Created

Jun 29, 2026, 3:45 AM

Safe fetch

157 ms

Four-score result

Close to ready (Needs polish): 31 passed, 5 failed, and 0 unknown. Strongest area: SEO / AEO. Weakest area: Accessibility.

Overall

out of 100

SEO / AEO

100

out of 100

82/82 rule points

Security

out of 100

60/76 rule points

Accessibility

out of 100

68/94 rule points

Design

out of 100

94/110 rule points

Why this scored this way

Scores are deterministic: each category earns rule points for verified public signals and loses points for failed checks. Unknown checks are shown separately instead of guessed.

Category point breakdown

SEO / AEO82/82

Security60/76

Accessibility68/94

Design94/110

Biggest score-losing checks

high

Accessibility

Rendered axe accessibility violations

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: button-name (1), color-contrast (5).

critical

Security

Sensitive file probes

A small allowlist probe returned a public success response.

medium

Design

Rendered layout ergonomics

Horizontal overflow: 0px. Small tap targets: 18.

medium

Accessibility

Basic contrast

4 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.

Recommendations

Score-losing issues ordered by remediation priority, severity, and score impact.

5 fixes

7 opportunities

9 insights

critical

Security

Priority 1

Remove exposed sensitive files

-16 pts

What failed

A small public allowlist probe found a sensitive-looking file path.

Evidence

A small allowlist probe returned a public success response.

Priority

Priority 1: fix before sharing the page publicly.

Why it matters

Publicly exposed config or backup files can leak implementation details or secrets.

How to fix it

Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.

high

Accessibility

Priority 5

Fix rendered axe accessibility violations

-18 pts

What failed

The rendered page has accessibility rule violations detected by axe-core.

Evidence

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: button-name (1), color-contrast (5).

Priority

Priority 5: fix before sharing the page publicly.

Why it matters

axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.

How to fix it

Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.

medium

Design

Priority 13

Fix rendered layout ergonomics

-9 pts

What failed

The browser-rendered page has layout or tap-target issues.

Evidence

Horizontal overflow: 0px. Small tap targets: 18.

Priority

Priority 13: fix during launch polish.

Why it matters

Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.

How to fix it

Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.

low

Design

Priority 15

Fix runtime browser errors

-7 pts

What failed

The rendered page produced console or uncaught JavaScript errors.

Evidence

Detected 1 console error(s) and 0 uncaught page error(s) during render.

Priority

Priority 15: fix during launch polish.

Why it matters

Runtime errors can break forms, CTAs, animations, tracking, or responsive behavior even when the static HTML looks fine.

How to fix it

Open the page in a browser, reproduce the console errors, and fix missing assets, hydration problems, client-side exceptions, or failing third-party scripts.

medium

Accessibility

Priority 20

Improve detectable color contrast

-8 pts

What failed

The scanner found text/background color pairs that may be hard to read, or could not verify contrast.

Evidence

4 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.

Priority

Priority 20: lower-risk cleanup after urgent launch blockers.

Why it matters

Low contrast makes a launch page feel less polished and can exclude users with low vision.

How to fix it

Review key text, buttons, and links against a 4.5:1 contrast target for normal text.

Unknown and not detected states

FreeScan.app keeps partial public data explicit. It marks unverifiable signals as unknown or not detected instead of inventing evidence.

0 unknown

Safe public scans cannot see private cookies, authenticated content, browser-rendered state, or reliable contrast values unless they are present in static public markup.

This scan did not produce unknown checks. If a future page has partial public data, the report will show those checks here instead of guessing.

Score aggregation details

Category scores come from earned rule points divided by available rule points. Failed checks are ordered by severity and score lost.

100/100

11 pass, 0 fail, 0 unknown

SEO / AEO

Severity mix: 0 critical, 3 high, 6 medium, 2 low.

No failed checks in this category.

79/100

5 pass, 1 fail, 0 unknown

Security

Severity mix: 2 critical, 3 high, 0 medium, 0 low.

critical

Sensitive file probes

-16 pts

A small allowlist probe returned a public success response.

72/100

6 pass, 2 fail, 0 unknown

Accessibility

Severity mix: 0 critical, 3 high, 5 medium, 0 low.

high

Rendered axe accessibility violations

-18 pts

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: button-name (1), color-contrast (5).

medium

Basic contrast

-8 pts

4 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.

85/100

9 pass, 2 fail, 0 unknown

Design

Severity mix: 0 critical, 3 high, 6 medium, 2 low.

medium

Rendered layout ergonomics

-9 pts

Horizontal overflow: 0px. Small tap targets: 18.

low

Runtime console health

-7 pts

Detected 1 console error(s) and 0 uncaught page error(s) during render.

Full check list

Failed, unknown, and passed checks are all shown so the report is transparent even when public data is partial.

Showing failed checks.

Failed checks

These checks need attention.

fail

critical

Security

Sensitive file probes

0/16

A small allowlist probe returned a public success response.

Failed: earned 0 of 16 points.

Priority: Priority 1: fix before sharing the page publicly.

Why it matters: Publicly exposed config or backup files can leak implementation details or secrets.

Fix: Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.

fail

medium

Accessibility

Basic contrast

0/8

4 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.

Failed: earned 0 of 8 points.

Priority: Priority 20: lower-risk cleanup after urgent launch blockers.

Why it matters: Low contrast makes a launch page feel less polished and can exclude users with low vision.

Fix: Review key text, buttons, and links against a 4.5:1 contrast target for normal text.

fail

high

Accessibility

Rendered axe accessibility violations

0/18

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: button-name (1), color-contrast (5).

Failed: earned 0 of 18 points.

Priority: Priority 5: fix before sharing the page publicly.

Why it matters: axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.

Fix: Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.

fail

low

Design

Runtime console health

0/7

Detected 1 console error(s) and 0 uncaught page error(s) during render.

Failed: earned 0 of 7 points.

Priority: Priority 15: fix during launch polish.

Why it matters: Runtime errors can break forms, CTAs, animations, tracking, or responsive behavior even when the static HTML looks fine.

Fix: Open the page in a browser, reproduce the console errors, and fix missing assets, hydration problems, client-side exceptions, or failing third-party scripts.

fail

medium

Design

Rendered layout ergonomics

0/9

Horizontal overflow: 0px. Small tap targets: 18.

Failed: earned 0 of 9 points.

Priority: Priority 13: fix during launch polish.

Why it matters: Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.

Fix: Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.

Safe fetch metadata

Public headers and redirects captured during intake. Response bodies, cookies, and credentials are not stored.

Security and accessibility checks are basic automated public checks. They are not a complete security audit, penetration test, privacy review, or WCAG certification.

Landing page

Step 1HTTP 2006 captured header(s)

Checked: https://promptjoy.app

Next/final: https://promptjoy.app

Content type: text/html; charset=utf-8

Landing page

Step 2HTTP 2006 captured header(s)

Checked: https://promptjoy.app

Next/final: https://promptjoy.app

Content type: text/html; charset=utf-8

Content hash: dd5d6070be8880ec5cecc6f80787d7ada548dc103c81b3bd74732aa0d27dccee

robots.txt

Step 3HTTP 3076 captured header(s)

Checked: https://promptjoy.app/robots.txt

Next/final: https://promptjoy.app/robots.txt

Content type: text/html

Content hash: af6ce320d3a273a4839d41ed852cf0110c344deaa92de4540fd2c5202a5ddb49

sitemap.xml

Step 4HTTP 3076 captured header(s)

Checked: https://promptjoy.app/sitemap.xml

Next/final: https://promptjoy.app/sitemap.xml

Content type: text/html

Content hash: f420d397cab3b93102cece399cc07c73f9d59e2c0385f3f5bb9cf58422cb576d

llms.txt

Step 5HTTP 3076 captured header(s)

Checked: https://promptjoy.app/llms.txt

Next/final: https://promptjoy.app/llms.txt

Content type: text/html

Content hash: faaa6116a2e7260662056144f8e985c3d80a9261fa5765224bf72029524f923d

Security probe

Step 6HTTP 3076 captured header(s)

Checked: https://promptjoy.app/.env

Next/final: https://promptjoy.app/.env

Content type: text/html

Content hash: c043fa5286f7b2504cdf6bb3429a578eee583c5e604727d60ba7b53fedb33cfe

Security probe

Step 7HTTP 3076 captured header(s)

Checked: https://promptjoy.app/.git/config

Next/final: https://promptjoy.app/.git/config

Content type: text/html

Content hash: 392ca49921e8b2cc60d073e6fe68283576ae751509e93a9c5decefe3bb87b413

Security probe

Step 8HTTP 3076 captured header(s)

Checked: https://promptjoy.app/wp-config.php

Next/final: https://promptjoy.app/wp-config.php

Content type: text/html

Content hash: 47aa9d49afd0f55d70d1ee39ba4d9226534ccdbfb85435d9cd2cb695b669a4e6

Security probe

Step 9HTTP 3076 captured header(s)

Checked: https://promptjoy.app/backup.zip

Next/final: https://promptjoy.app/backup.zip

Content type: text/html

Content hash: 97fa1b149c373734f29bfea8ec8f9c5f7013d4441e30236306cde209e0a8f863

Captured public headers

content-type

text/html; charset=utf-8

referrer-policy

strict-origin-when-cross-origin

permissions-policy

camera=(), microphone=(), geolocation=(), payment=(), usb=(), browsing-topics=()

x-content-type-options

nosniff

content-security-policy

default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' https: wss:; media-src 'self' data: blob: https:; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self' https://buildhop.io https://www.buildhop.io; upgrade-insecure-requests

strict-transport-security

max-age=63072000; includeSubDomains; preload

Public report link

Markdown export

Share the website audit report

Copy a public report link or a Markdown version with scores, fixes, opportunities, insights, and a normal link back to the scanned site.

Share preview

promptjoy.app website audit report

Close to ready: 84/100 overall, with prioritized fixes for SEO, security, accessibility, and design.

Public report link

Markdown report

# promptjoy.app Website Scan

Scanned URL: [https://promptjoy.app](https://promptjoy.app)
Report URL: /scan/promptjoy-app-84-launch-readiness-report-63a49bb2
Created: 2026-06-29T03:45:55.411Z

## Score Summary

- Overall: 84/100
- SEO / AEO: 100/100
- Security: 79/100
- Accessibility: 72/100
- Design: 85/100

## Launch Readiness

Close to ready (Needs polish).

Passed: 31. Failed: 5. Unknown: 0.
Strongest area: SEO / AEO. Weakest area: Accessibility.

## Prioritized Fixes

### 1. Remove exposed sensitive files

- Category: Security
- Severity: critical
- Score lost: 16
- Evidence: A small allowlist probe returned a public success response.
- Why it matters: Publicly exposed config or backup files can leak implementation details or secrets.
- Fix: Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.

### 2. Fix rendered axe accessibility violations

- Category: Accessibility
- Severity: high
- Score lost: 18
- Evidence: axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: button-name (1), color-contrast (5).
- Why it matters: axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.
- Fix: Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.

### 3. Fix rendered layout ergonomics

- Category: Design
- Severity: medium
- Score lost: 9
- Evidence: Horizontal overflow: 0px. Small tap targets: 18.
- Why it matters: Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.
- Fix: Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.

### 4. Fix runtime browser errors

- Category: Design
- Severity: low
- Score lost: 7
- Evidence: Detected 1 console error(s) and 0 uncaught page error(s) during render.
- Why it matters: Runtime errors can break forms, CTAs, animations, tracking, or responsive behavior even when the static HTML looks fine.
- Fix: Open the page in a browser, reproduce the console errors, and fix missing assets, hydration problems, client-side exceptions, or failing third-party scripts.

### 5. Improve detectable color contrast

- Category: Accessibility
- Severity: medium
- Score lost: 8
- Evidence: 4 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.
- Why it matters: Low contrast makes a launch page feel less polished and can exclude users with low vision.
- Fix: Review key text, buttons, and links against a 4.5:1 contrast target for normal text.

## Opportunities

### Add answer-ready sections for common buyer questions

- Impact: high
- Category: SEO / AEO
- Evidence: Pricing signals: 2. Use-case signals: 3. Integration/API signals: 0.
- Why it matters: Answer engines and search visitors need concise textual answers to summarize who the product is for, how it works, what it costs, and what it connects with.
- Next step: Add short, crawlable sections for pricing or plans, ideal users, use cases, integrations, security, and how the product differs from alternatives.

### Expose important supporting pages in navigation or footer

- Impact: medium
- Category: SEO / AEO
- Evidence: No pricing, docs, contact, security, privacy, terms, or about links were detected in public internal links.
- Why it matters: Internal links help visitors, crawlers, and AI answer systems discover supporting facts instead of relying on one landing page.
- Next step: Link to the most useful public pages, especially pricing, docs, contact, security, privacy, terms, and about pages where applicable.

### Make trust and proof easier to detect

- Impact: medium
- Category: Design
- Evidence: Detected 1 trust-signal keyword occurrence(s).
- Why it matters: Visitors who arrive cold from search, social, or AI citations need proof before they submit a form, start a trial, or buy.
- Next step: Add honest proof such as customer quotes, recognizable logos, security notes, usage stats, reviews, case studies, or founder credibility.

### Review snippet and preview controls

- Impact: low
- Category: SEO / AEO
- Evidence: Open Graph image was detected. Preview controls detected: 0.
- Why it matters: Preview controls can clarify how much text, image, and video content search systems may show from the page.
- Next step: Only add robots preview controls when you intentionally want to limit snippets or image/video previews; otherwise leave previews open.

### Tighten the live color system

- Impact: high
- Category: Accessibility
- Evidence: 4 of 100 rendered contrast sample(s) missed target. Worst ratio: 1.
- Why it matters: Computed contrast catches the actual colors visitors see after CSS, themes, and overlays are applied.
- Next step: Audit foreground/background token pairs for body text, muted text, links, buttons, inputs, and badges, then raise weak pairs to WCAG AA contrast targets.

### Polish rendered responsive ergonomics

- Impact: medium
- Category: Design
- Evidence: Horizontal overflow: 0px. Small tap targets: 18.
- Why it matters: Overflow and tiny controls are easy for static scans to miss but obvious to real users, especially on mobile and tablet layouts.
- Next step: Constrain wide elements, avoid fixed-width content that exceeds the viewport, and increase touch target sizes for interactive controls.

### Measure search performance with first-party data

- Impact: medium
- Category: SEO / AEO
- Evidence: robots.txt and sitemap.xml were reachable, so the site has the basics needed for Search Console verification and monitoring.
- Why it matters: A scan can identify technical readiness, but Search Console and analytics reveal impressions, queries, clicks, pages, and conversions over time.
- Next step: Verify the domain in Search Console, submit the sitemap, and pair query/page data with analytics events for signups, demo requests, and purchases.

## Insights

### The page appears basically crawlable

- Category: SEO / AEO
- Evidence: HTTP 200. robots.txt: HTTP 307. sitemap.xml: HTTP 307. noindex check: clear.
- Interpretation: The public page satisfies the basic crawl/index path the scan can verify.
- Recommended use: Use this as the first launch gate before deeper content, ranking, or AI visibility work.

### AEO depends on normal SEO plus answerable text

- Category: SEO / AEO
- Evidence: Visible words: 420. H1 count: 1. Audience signals: 8. CTA labels: Sign up, Sign up, Sign up.
- Interpretation: Google AI features currently rely on standard Search eligibility; the extra advantage comes from content that is easy to quote, summarize, and verify.
- Recommended use: Prioritize clear text answers, crawlable support pages, accurate schema, and visible proof over speculative AI-only markup.

### Detected entity signals

- Category: SEO / AEO
- Evidence: Title: Find, Create, and Grade Prompts for Any Workflow. H1: Find, create, and    grade prompts         for any workflow. Schema types: CollectionPage, FAQPage, Organization, WebSite.
- Interpretation: The stronger and more consistent these entity signals are, the easier it is for search and answer systems to identify the brand, product category, and page purpose.
- Recommended use: Keep the title, H1, meta description, Open Graph, schema, footer, and about/pricing/docs pages aligned around the same product facts.

### Structured data is present

- Category: SEO / AEO
- Evidence: JSON-LD blocks: 1. Types: CollectionPage, FAQPage, Organization, WebSite. Parse errors: 0.
- Interpretation: The page exposes machine-readable facts, but quality still depends on whether those facts match visible content.
- Recommended use: Validate JSON-LD and use only accurate facts that are visible or clearly supported on the public page.

### Weakest score area

- Category: Accessibility
- Evidence: SEO / AEO: 100/100. Security: 79/100. Accessibility: 72/100. Design: 85/100
- Interpretation: The weakest area is Accessibility, so improvements there should have the most visible effect on readiness.
- Recommended use: Use the score mix to choose the next workstream instead of treating every issue as equally urgent.

### LLM-readable file found

- Category: SEO / AEO
- Evidence: https://promptjoy.app/llms.txt returned HTTP 307.
- Interpretation: llms.txt can be a useful optional summary for agents, but it should not be treated as a guaranteed AI search ranking factor.
- Recommended use: Invest first in crawlability, helpful visible content, internal links, and accurate schema; add llms.txt as a tidy supplement.

### Rendered page experience snapshot

- Category: Design
- Evidence: Rendered text samples: 100. Contrast failures: 4. Console errors: 1. Horizontal overflow: 0px.
- Interpretation: The scan inspected the browser-rendered page, so contrast, runtime, layout, and timing signals are more representative than static markup alone.
- Recommended use: Use rendered checks to prioritize issues that visitors actually experience after JavaScript and CSS load.

### Rendered speed snapshot

- Category: Design
- Evidence: DOMContentLoaded: 1224ms. Load complete: 2482ms. First contentful paint: 784ms. Resources: 33. Scripts: 17. Images: 3. Third-party origins: 2. Transfer: not available.
- Interpretation: These are lightweight browser timings from one rendered scan, so they are useful directional signals rather than real-user performance proof.
- Recommended use: Use slow timings, high script counts, heavy transfer size, and many third-party origins to choose focused speed work, then verify important changes with analytics or field data when available.

### Rendered axe accessibility snapshot

- Category: Accessibility
- Evidence: axe violations: 2. Critical: 1. Serious: 1. Top rules: button-name, color-contrast.
- Interpretation: axe-core catches common accessibility failures in the actual rendered DOM, but it is still automated coverage and not a full manual accessibility audit.
- Recommended use: Treat critical and serious axe failures as high-priority fixes, then manually review keyboard flow, focus states, screen reader meaning, and interaction states.

## Scope

FreeScan.app performs safe public checks only. It is not a penetration test, full SEO engagement, full accessibility audit, WCAG certification, backlink audit, rank tracker, or analytics platform.

Public reports expose the scanned public URL, safe scores, sanitized public evidence, and fix guidance. They do not include credentials, cookies, hidden form values, or sensitive response bodies.

Rescan same URL

Rerun the full deterministic scanner for promptjoy.app without re-entering the URL. The previous report stays saved so the next result can be compared against it.

FreeScan.app Start free audit

New scan Visit scanned site

Public status

completed

HTTP 200

0 redirects

36 checks

Website audit scorecard for promptjoy.app

The scanner fetched the public page, extracted deterministic facts, and stored scored results across SEO / AEO, security, accessibility, and design.

Submitted

https://promptjoy.app/

Final URL

https://promptjoy.app

Created

Jun 29, 2026, 3:45 AM

Safe fetch

157 ms

Four-score result

Close to ready (Needs polish): 31 passed, 5 failed, and 0 unknown. Strongest area: SEO / AEO. Weakest area: Accessibility.

Overall

out of 100

SEO / AEO

100

out of 100

82/82 rule points

Security

out of 100

60/76 rule points

Accessibility

out of 100

68/94 rule points

Design

out of 100

94/110 rule points

Why this scored this way

Scores are deterministic: each category earns rule points for verified public signals and loses points for failed checks. Unknown checks are shown separately instead of guessed.

Category point breakdown

SEO / AEO82/82

Security60/76

Accessibility68/94

Design94/110

Biggest score-losing checks

high

Accessibility

Rendered axe accessibility violations

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: button-name (1), color-contrast (5).

critical

Security

Sensitive file probes

A small allowlist probe returned a public success response.

medium

Design

Rendered layout ergonomics

Horizontal overflow: 0px. Small tap targets: 18.

medium

Accessibility

Basic contrast

4 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.

Recommendations

Score-losing issues ordered by remediation priority, severity, and score impact.

5 fixes

7 opportunities

9 insights

critical

Security

Priority 1

Remove exposed sensitive files

-16 pts

What failed

A small public allowlist probe found a sensitive-looking file path.

Evidence

A small allowlist probe returned a public success response.

Priority

Priority 1: fix before sharing the page publicly.

Why it matters

Publicly exposed config or backup files can leak implementation details or secrets.

How to fix it

Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.

high

Accessibility

Priority 5

Fix rendered axe accessibility violations

-18 pts

What failed

The rendered page has accessibility rule violations detected by axe-core.

Evidence

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: button-name (1), color-contrast (5).

Priority

Priority 5: fix before sharing the page publicly.

Why it matters

axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.

How to fix it

Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.

medium

Design

Priority 13

Fix rendered layout ergonomics

-9 pts

What failed

The browser-rendered page has layout or tap-target issues.

Evidence

Horizontal overflow: 0px. Small tap targets: 18.

Priority

Priority 13: fix during launch polish.

Why it matters

Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.

How to fix it

Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.

low

Design

Priority 15

Fix runtime browser errors

-7 pts

What failed

The rendered page produced console or uncaught JavaScript errors.

Evidence

Detected 1 console error(s) and 0 uncaught page error(s) during render.

Priority

Priority 15: fix during launch polish.

Why it matters

Runtime errors can break forms, CTAs, animations, tracking, or responsive behavior even when the static HTML looks fine.

How to fix it

Open the page in a browser, reproduce the console errors, and fix missing assets, hydration problems, client-side exceptions, or failing third-party scripts.

medium

Accessibility

Priority 20

Improve detectable color contrast

-8 pts

What failed

The scanner found text/background color pairs that may be hard to read, or could not verify contrast.

Evidence

4 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.

Priority

Priority 20: lower-risk cleanup after urgent launch blockers.

Why it matters

Low contrast makes a launch page feel less polished and can exclude users with low vision.

How to fix it

Review key text, buttons, and links against a 4.5:1 contrast target for normal text.

Unknown and not detected states

FreeScan.app keeps partial public data explicit. It marks unverifiable signals as unknown or not detected instead of inventing evidence.

0 unknown

Safe public scans cannot see private cookies, authenticated content, browser-rendered state, or reliable contrast values unless they are present in static public markup.

This scan did not produce unknown checks. If a future page has partial public data, the report will show those checks here instead of guessing.

Score aggregation details

Category scores come from earned rule points divided by available rule points. Failed checks are ordered by severity and score lost.

100/100

11 pass, 0 fail, 0 unknown

SEO / AEO

Severity mix: 0 critical, 3 high, 6 medium, 2 low.

No failed checks in this category.

79/100

5 pass, 1 fail, 0 unknown

Security

Severity mix: 2 critical, 3 high, 0 medium, 0 low.

critical

Sensitive file probes

-16 pts

A small allowlist probe returned a public success response.

72/100

6 pass, 2 fail, 0 unknown

Accessibility

Severity mix: 0 critical, 3 high, 5 medium, 0 low.

high

Rendered axe accessibility violations

-18 pts

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: button-name (1), color-contrast (5).

medium

Basic contrast

-8 pts

4 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.

85/100

9 pass, 2 fail, 0 unknown

Design

Severity mix: 0 critical, 3 high, 6 medium, 2 low.

medium

Rendered layout ergonomics

-9 pts

Horizontal overflow: 0px. Small tap targets: 18.

low

Runtime console health

-7 pts

Detected 1 console error(s) and 0 uncaught page error(s) during render.

Full check list

Failed, unknown, and passed checks are all shown so the report is transparent even when public data is partial.

Showing failed checks.

Failed checks

These checks need attention.

fail

critical

Security

Sensitive file probes

0/16

A small allowlist probe returned a public success response.

Failed: earned 0 of 16 points.

Priority: Priority 1: fix before sharing the page publicly.

Why it matters: Publicly exposed config or backup files can leak implementation details or secrets.

Fix: Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.

fail

medium

Accessibility

Basic contrast

0/8

4 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.

Failed: earned 0 of 8 points.

Priority: Priority 20: lower-risk cleanup after urgent launch blockers.

Why it matters: Low contrast makes a launch page feel less polished and can exclude users with low vision.

Fix: Review key text, buttons, and links against a 4.5:1 contrast target for normal text.

fail

high

Accessibility

Rendered axe accessibility violations

0/18

axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: button-name (1), color-contrast (5).

Failed: earned 0 of 18 points.

Priority: Priority 5: fix before sharing the page publicly.

Why it matters: axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.

Fix: Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.

fail

low

Design

Runtime console health

0/7

Detected 1 console error(s) and 0 uncaught page error(s) during render.

Failed: earned 0 of 7 points.

Priority: Priority 15: fix during launch polish.

Why it matters: Runtime errors can break forms, CTAs, animations, tracking, or responsive behavior even when the static HTML looks fine.

Fix: Open the page in a browser, reproduce the console errors, and fix missing assets, hydration problems, client-side exceptions, or failing third-party scripts.

fail

medium

Design

Rendered layout ergonomics

0/9

Horizontal overflow: 0px. Small tap targets: 18.

Failed: earned 0 of 9 points.

Priority: Priority 13: fix during launch polish.

Why it matters: Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.

Fix: Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.

Safe fetch metadata

Public headers and redirects captured during intake. Response bodies, cookies, and credentials are not stored.

Security and accessibility checks are basic automated public checks. They are not a complete security audit, penetration test, privacy review, or WCAG certification.

Landing page

Step 1HTTP 2006 captured header(s)

Checked: https://promptjoy.app

Next/final: https://promptjoy.app

Content type: text/html; charset=utf-8

Landing page

Step 2HTTP 2006 captured header(s)

Checked: https://promptjoy.app

Next/final: https://promptjoy.app

Content type: text/html; charset=utf-8

Content hash: dd5d6070be8880ec5cecc6f80787d7ada548dc103c81b3bd74732aa0d27dccee

robots.txt

Step 3HTTP 3076 captured header(s)

Checked: https://promptjoy.app/robots.txt

Next/final: https://promptjoy.app/robots.txt

Content type: text/html

Content hash: af6ce320d3a273a4839d41ed852cf0110c344deaa92de4540fd2c5202a5ddb49

sitemap.xml

Step 4HTTP 3076 captured header(s)

Checked: https://promptjoy.app/sitemap.xml

Next/final: https://promptjoy.app/sitemap.xml

Content type: text/html

Content hash: f420d397cab3b93102cece399cc07c73f9d59e2c0385f3f5bb9cf58422cb576d

llms.txt

Step 5HTTP 3076 captured header(s)

Checked: https://promptjoy.app/llms.txt

Next/final: https://promptjoy.app/llms.txt

Content type: text/html

Content hash: faaa6116a2e7260662056144f8e985c3d80a9261fa5765224bf72029524f923d

Security probe

Step 6HTTP 3076 captured header(s)

Checked: https://promptjoy.app/.env

Next/final: https://promptjoy.app/.env

Content type: text/html

Content hash: c043fa5286f7b2504cdf6bb3429a578eee583c5e604727d60ba7b53fedb33cfe

Security probe

Step 7HTTP 3076 captured header(s)

Checked: https://promptjoy.app/.git/config

Next/final: https://promptjoy.app/.git/config

Content type: text/html

Content hash: 392ca49921e8b2cc60d073e6fe68283576ae751509e93a9c5decefe3bb87b413

Security probe

Step 8HTTP 3076 captured header(s)

Checked: https://promptjoy.app/wp-config.php

Next/final: https://promptjoy.app/wp-config.php

Content type: text/html

Content hash: 47aa9d49afd0f55d70d1ee39ba4d9226534ccdbfb85435d9cd2cb695b669a4e6

Security probe

Step 9HTTP 3076 captured header(s)

Checked: https://promptjoy.app/backup.zip

Next/final: https://promptjoy.app/backup.zip

Content type: text/html

Content hash: 97fa1b149c373734f29bfea8ec8f9c5f7013d4441e30236306cde209e0a8f863

Captured public headers

content-type

text/html; charset=utf-8

referrer-policy

strict-origin-when-cross-origin

permissions-policy

camera=(), microphone=(), geolocation=(), payment=(), usb=(), browsing-topics=()

x-content-type-options

nosniff

content-security-policy

strict-transport-security

max-age=63072000; includeSubDomains; preload

Public report link

Markdown export

Share the website audit report

Copy a public report link or a Markdown version with scores, fixes, opportunities, insights, and a normal link back to the scanned site.

Share preview

promptjoy.app website audit report

Close to ready: 84/100 overall, with prioritized fixes for SEO, security, accessibility, and design.

Public report link

Markdown report

# promptjoy.app Website Scan

Scanned URL: [https://promptjoy.app](https://promptjoy.app)
Report URL: /scan/promptjoy-app-84-launch-readiness-report-63a49bb2
Created: 2026-06-29T03:45:55.411Z

## Score Summary

- Overall: 84/100
- SEO / AEO: 100/100
- Security: 79/100
- Accessibility: 72/100
- Design: 85/100

## Launch Readiness

Close to ready (Needs polish).

Passed: 31. Failed: 5. Unknown: 0.
Strongest area: SEO / AEO. Weakest area: Accessibility.

## Prioritized Fixes

### 1. Remove exposed sensitive files

- Category: Security
- Severity: critical
- Score lost: 16
- Evidence: A small allowlist probe returned a public success response.
- Why it matters: Publicly exposed config or backup files can leak implementation details or secrets.
- Fix: Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.

### 2. Fix rendered axe accessibility violations

- Category: Accessibility
- Severity: high
- Score lost: 18
- Evidence: axe found 2 violation rule(s), including 2 serious or critical rule(s). Top rules: button-name (1), color-contrast (5).
- Why it matters: axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.
- Fix: Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.

### 3. Fix rendered layout ergonomics

- Category: Design
- Severity: medium
- Score lost: 9
- Evidence: Horizontal overflow: 0px. Small tap targets: 18.
- Why it matters: Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.
- Fix: Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.

### 4. Fix runtime browser errors

- Category: Design
- Severity: low
- Score lost: 7
- Evidence: Detected 1 console error(s) and 0 uncaught page error(s) during render.
- Why it matters: Runtime errors can break forms, CTAs, animations, tracking, or responsive behavior even when the static HTML looks fine.
- Fix: Open the page in a browser, reproduce the console errors, and fix missing assets, hydration problems, client-side exceptions, or failing third-party scripts.

### 5. Improve detectable color contrast

- Category: Accessibility
- Severity: medium
- Score lost: 8
- Evidence: 4 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.
- Why it matters: Low contrast makes a launch page feel less polished and can exclude users with low vision.
- Fix: Review key text, buttons, and links against a 4.5:1 contrast target for normal text.

## Opportunities

### Add answer-ready sections for common buyer questions

- Impact: high
- Category: SEO / AEO
- Evidence: Pricing signals: 2. Use-case signals: 3. Integration/API signals: 0.
- Why it matters: Answer engines and search visitors need concise textual answers to summarize who the product is for, how it works, what it costs, and what it connects with.
- Next step: Add short, crawlable sections for pricing or plans, ideal users, use cases, integrations, security, and how the product differs from alternatives.

### Expose important supporting pages in navigation or footer

- Impact: medium
- Category: SEO / AEO
- Evidence: No pricing, docs, contact, security, privacy, terms, or about links were detected in public internal links.
- Why it matters: Internal links help visitors, crawlers, and AI answer systems discover supporting facts instead of relying on one landing page.
- Next step: Link to the most useful public pages, especially pricing, docs, contact, security, privacy, terms, and about pages where applicable.

### Make trust and proof easier to detect

- Impact: medium
- Category: Design
- Evidence: Detected 1 trust-signal keyword occurrence(s).
- Why it matters: Visitors who arrive cold from search, social, or AI citations need proof before they submit a form, start a trial, or buy.
- Next step: Add honest proof such as customer quotes, recognizable logos, security notes, usage stats, reviews, case studies, or founder credibility.

### Review snippet and preview controls

- Impact: low
- Category: SEO / AEO
- Evidence: Open Graph image was detected. Preview controls detected: 0.
- Why it matters: Preview controls can clarify how much text, image, and video content search systems may show from the page.
- Next step: Only add robots preview controls when you intentionally want to limit snippets or image/video previews; otherwise leave previews open.

### Tighten the live color system

- Impact: high
- Category: Accessibility
- Evidence: 4 of 100 rendered contrast sample(s) missed target. Worst ratio: 1.
- Why it matters: Computed contrast catches the actual colors visitors see after CSS, themes, and overlays are applied.
- Next step: Audit foreground/background token pairs for body text, muted text, links, buttons, inputs, and badges, then raise weak pairs to WCAG AA contrast targets.

### Polish rendered responsive ergonomics

- Impact: medium
- Category: Design
- Evidence: Horizontal overflow: 0px. Small tap targets: 18.
- Why it matters: Overflow and tiny controls are easy for static scans to miss but obvious to real users, especially on mobile and tablet layouts.
- Next step: Constrain wide elements, avoid fixed-width content that exceeds the viewport, and increase touch target sizes for interactive controls.

### Measure search performance with first-party data

- Impact: medium
- Category: SEO / AEO
- Evidence: robots.txt and sitemap.xml were reachable, so the site has the basics needed for Search Console verification and monitoring.
- Why it matters: A scan can identify technical readiness, but Search Console and analytics reveal impressions, queries, clicks, pages, and conversions over time.
- Next step: Verify the domain in Search Console, submit the sitemap, and pair query/page data with analytics events for signups, demo requests, and purchases.

## Insights

### The page appears basically crawlable

- Category: SEO / AEO
- Evidence: HTTP 200. robots.txt: HTTP 307. sitemap.xml: HTTP 307. noindex check: clear.
- Interpretation: The public page satisfies the basic crawl/index path the scan can verify.
- Recommended use: Use this as the first launch gate before deeper content, ranking, or AI visibility work.

### AEO depends on normal SEO plus answerable text

- Category: SEO / AEO
- Evidence: Visible words: 420. H1 count: 1. Audience signals: 8. CTA labels: Sign up, Sign up, Sign up.
- Interpretation: Google AI features currently rely on standard Search eligibility; the extra advantage comes from content that is easy to quote, summarize, and verify.
- Recommended use: Prioritize clear text answers, crawlable support pages, accurate schema, and visible proof over speculative AI-only markup.

### Detected entity signals

- Category: SEO / AEO
- Evidence: Title: Find, Create, and Grade Prompts for Any Workflow. H1: Find, create, and    grade prompts         for any workflow. Schema types: CollectionPage, FAQPage, Organization, WebSite.
- Interpretation: The stronger and more consistent these entity signals are, the easier it is for search and answer systems to identify the brand, product category, and page purpose.
- Recommended use: Keep the title, H1, meta description, Open Graph, schema, footer, and about/pricing/docs pages aligned around the same product facts.

### Structured data is present

- Category: SEO / AEO
- Evidence: JSON-LD blocks: 1. Types: CollectionPage, FAQPage, Organization, WebSite. Parse errors: 0.
- Interpretation: The page exposes machine-readable facts, but quality still depends on whether those facts match visible content.
- Recommended use: Validate JSON-LD and use only accurate facts that are visible or clearly supported on the public page.

### Weakest score area

- Category: Accessibility
- Evidence: SEO / AEO: 100/100. Security: 79/100. Accessibility: 72/100. Design: 85/100
- Interpretation: The weakest area is Accessibility, so improvements there should have the most visible effect on readiness.
- Recommended use: Use the score mix to choose the next workstream instead of treating every issue as equally urgent.

### LLM-readable file found

- Category: SEO / AEO
- Evidence: https://promptjoy.app/llms.txt returned HTTP 307.
- Interpretation: llms.txt can be a useful optional summary for agents, but it should not be treated as a guaranteed AI search ranking factor.
- Recommended use: Invest first in crawlability, helpful visible content, internal links, and accurate schema; add llms.txt as a tidy supplement.

### Rendered page experience snapshot

- Category: Design
- Evidence: Rendered text samples: 100. Contrast failures: 4. Console errors: 1. Horizontal overflow: 0px.
- Interpretation: The scan inspected the browser-rendered page, so contrast, runtime, layout, and timing signals are more representative than static markup alone.
- Recommended use: Use rendered checks to prioritize issues that visitors actually experience after JavaScript and CSS load.

### Rendered speed snapshot

- Category: Design
- Evidence: DOMContentLoaded: 1224ms. Load complete: 2482ms. First contentful paint: 784ms. Resources: 33. Scripts: 17. Images: 3. Third-party origins: 2. Transfer: not available.
- Interpretation: These are lightweight browser timings from one rendered scan, so they are useful directional signals rather than real-user performance proof.
- Recommended use: Use slow timings, high script counts, heavy transfer size, and many third-party origins to choose focused speed work, then verify important changes with analytics or field data when available.

### Rendered axe accessibility snapshot

- Category: Accessibility
- Evidence: axe violations: 2. Critical: 1. Serious: 1. Top rules: button-name, color-contrast.
- Interpretation: axe-core catches common accessibility failures in the actual rendered DOM, but it is still automated coverage and not a full manual accessibility audit.
- Recommended use: Treat critical and serious axe failures as high-priority fixes, then manually review keyboard flow, focus states, screen reader meaning, and interaction states.

## Scope

FreeScan.app performs safe public checks only. It is not a penetration test, full SEO engagement, full accessibility audit, WCAG certification, backlink audit, rank tracker, or analytics platform.

Public reports expose the scanned public URL, safe scores, sanitized public evidence, and fix guidance. They do not include credentials, cookies, hidden form values, or sensitive response bodies.

Rescan same URL

Rerun the full deterministic scanner for promptjoy.app without re-entering the URL. The previous report stays saved so the next result can be compared against it.