The scanner fetched the public page, extracted deterministic facts, and stored scored results across SEO / AEO, security, accessibility, and design.
Submitted
Https://vidwath.com
Final URL
https://vidwath.com
Created
Jul 2, 2026, 9:34 AM
Safe fetch
1426 ms
67
out of 100
85
out of 100
78/92 rule points
55
out of 100
42/76 rule points
47
out of 100
44/94 rule points
79
out of 100
87/110 rule points
Category point breakdown
Biggest score-losing checks
Detected 0 of 5 common public security headers. Present: none. Missing: strict-transport-security, content-security-policy, x-content-type-options, x-frame-options, referrer-policy.
axe found 3 violation rule(s), including 0 serious or critical rule(s). Top rules: landmark-one-main (1), page-has-heading-one (1), region (1).
A small allowlist probe returned a public success response.
Detected labels or accessible names for 2 of 5 form control(s).
What failed
A small public allowlist probe found a sensitive-looking file path.
Evidence
A small allowlist probe returned a public success response.
Priority
Priority 1: fix before sharing the page publicly.
Why it matters
Publicly exposed config or backup files can leak implementation details or secrets.
How to fix it
Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.
What failed
Several basic browser protection headers were not visible.
Evidence
Detected 0 of 5 common public security headers. Present: none. Missing: strict-transport-security, content-security-policy, x-content-type-options, x-frame-options, referrer-policy.
Priority
Priority 5: fix before sharing the page publicly.
Why it matters
These headers reduce avoidable browser-side risk and show a baseline of care before launch.
How to fix it
Configure headers such as Strict-Transport-Security, Content-Security-Policy, X-Content-Type-Options, X-Frame-Options, and Referrer-Policy.
What failed
The rendered page has accessibility rule violations detected by axe-core.
Evidence
axe found 3 violation rule(s), including 0 serious or critical rule(s). Top rules: landmark-one-main (1), page-has-heading-one (1), region (1).
Priority
Priority 5: fix before sharing the page publicly.
Why it matters
axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.
How to fix it
Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.
What failed
The page does not expose a strong short summary for search and answer engines.
Evidence
No meta description was detected.
Priority
Priority 3: fix before sharing the page publicly.
Why it matters
A missing description makes previews weaker when early users share or find the page.
How to fix it
Add a meta description around 50 to 170 characters that says who the product helps and what outcome it creates.
What failed
Some form controls do not have a detectable label or accessible name.
Evidence
Detected labels or accessible names for 2 of 5 form control(s).
Priority
Priority 7: fix during launch polish.
Why it matters
Unlabeled inputs make email capture, demo requests, and signups harder for assistive technology users.
How to fix it
Connect each input to a visible label or an accurate aria-label/aria-labelledby value.
This scan did not produce unknown checks. If a future page has partial public data, the report will show those checks here instead of guessing.
Severity mix: 0 critical, 6 high, 3 medium, 2 low.
No meta description was detected.
HTTP 404 returned for llms_txt.
Severity mix: 2 critical, 3 high, 0 medium, 0 low.
A small allowlist probe returned a public success response.
Detected 0 of 5 common public security headers. Present: none. Missing: strict-transport-security, content-security-policy, x-content-type-options, x-frame-options, referrer-policy.
Severity mix: 0 critical, 3 high, 5 medium, 0 low.
axe found 3 violation rule(s), including 0 serious or critical rule(s). Top rules: landmark-one-main (1), page-has-heading-one (1), region (1).
Detected labels or accessible names for 2 of 5 form control(s).
Detected 1 semantic control(s) out of 4.
Severity mix: 0 critical, 3 high, 6 medium, 2 low.
Detected 1 H1 heading(s) and 0 meta-description characters.
Detected 0 trust-signal keyword occurrence(s).
Showing failed checks.
These checks need attention.
No meta description was detected.
Failed: earned 0 of 10 points.
Priority: Priority 3: fix before sharing the page publicly.
Why it matters: A missing description makes previews weaker when early users share or find the page.
Fix: Add a meta description around 50 to 170 characters that says who the product helps and what outcome it creates.
HTTP 404 returned for llms_txt.
Failed: earned 0 of 4 points.
Priority: Priority 24: lower-risk cleanup after urgent launch blockers.
Why it matters: A short LLM-readable file can help answer engines and AI tools summarize your product accurately.
Fix: Add /llms.txt or /.well-known/llms.txt with the product name, audience, value proposition, and key public links.
Detected 0 of 5 common public security headers. Present: none. Missing: strict-transport-security, content-security-policy, x-content-type-options, x-frame-options, referrer-policy.
Failed: earned 0 of 18 points.
Priority: Priority 5: fix before sharing the page publicly.
Why it matters: These headers reduce avoidable browser-side risk and show a baseline of care before launch.
Fix: Configure headers such as Strict-Transport-Security, Content-Security-Policy, X-Content-Type-Options, X-Frame-Options, and Referrer-Policy.
A small allowlist probe returned a public success response.
Failed: earned 0 of 16 points.
Priority: Priority 1: fix before sharing the page publicly.
Why it matters: Publicly exposed config or backup files can leak implementation details or secrets.
Fix: Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.
Detected labels or accessible names for 2 of 5 form control(s).
Failed: earned 0 of 14 points.
Priority: Priority 7: fix during launch polish.
Why it matters: Unlabeled inputs make email capture, demo requests, and signups harder for assistive technology users.
Fix: Connect each input to a visible label or an accurate aria-label/aria-labelledby value.
Detected 1 semantic control(s) out of 4.
Failed: earned 0 of 10 points.
Priority: Priority 17: lower-risk cleanup after urgent launch blockers.
Why it matters: Non-semantic controls can be hard to use with keyboards and screen readers.
Fix: Use button for actions and anchor links for navigation, with clear accessible names.
2 of 3 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.
Failed: earned 0 of 8 points.
Priority: Priority 20: lower-risk cleanup after urgent launch blockers.
Why it matters: Low contrast makes a launch page feel less polished and can exclude users with low vision.
Fix: Review key text, buttons, and links against a 4.5:1 contrast target for normal text.
axe found 3 violation rule(s), including 0 serious or critical rule(s). Top rules: landmark-one-main (1), page-has-heading-one (1), region (1).
Failed: earned 0 of 18 points.
Priority: Priority 5: fix before sharing the page publicly.
Why it matters: axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.
Fix: Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.
Detected 1 H1 heading(s) and 0 meta-description characters.
Failed: earned 0 of 13 points.
Priority: Priority 6: fix during launch polish.
Why it matters: Visitors decide quickly whether the product is relevant; a vague hero weakens every acquisition channel.
Fix: Use one clear H1 plus supporting copy that names the audience, problem, and outcome.
Detected 0 trust-signal keyword occurrence(s).
Failed: earned 0 of 10 points.
Priority: Priority 16: lower-risk cleanup after urgent launch blockers.
Why it matters: Trust signals reduce hesitation when strangers see the product for the first time.
Fix: Add honest proof such as customer quotes, usage stats, founder credibility, security notes, or relevant logos.
Security and accessibility checks are basic automated public checks. They are not a complete security audit, penetration test, privacy review, or WCAG certification.
Checked: https://vidwath.com
Next/final: https://vidwath.com
Content type: text/html; charset=UTF-8
Checked: https://vidwath.com
Next/final: https://vidwath.com
Content type: text/html; charset=UTF-8
Content hash: 97da724d9149e8523b31b954c8d66e71076e40234278feee695ab6bf87ab07a7
Checked: https://vidwath.com/robots.txt
Next/final: https://vidwath.com/robots.txt
Content type: text/plain
Content hash: 02cecf5e6443fb6e26b3faf678f3eafae3b8613bb339869977065f391c830b99
Checked: https://vidwath.com/sitemap.xml
Next/final: https://vidwath.com/sitemap.xml
Content type: text/html; charset=UTF-8
Checked: https://vidwath.com/llms.txt
Next/final: https://vidwath.com/llms.txt
Content type: text/html; charset=UTF-8
Fetch result: HTTP 404 returned for llms_txt.
Checked: https://vidwath.com/.env
Next/final: https://vidwath.com/.env
Content type: text/html; charset=UTF-8
Fetch result: HTTP 404 returned for security_probe.
Checked: https://vidwath.com/.git/config
Next/final: https://vidwath.com/.git/config
Content type: text/html; charset=UTF-8
Fetch result: HTTP 404 returned for security_probe.
Checked: https://vidwath.com/wp-config.php
Next/final: https://vidwath.com/wp-config.php
Content type: text/html; charset=utf-8
Content hash: ffa2656973aaa802e4076be32ded5483b90318244762c5c4d5b89394b3ab4f55
Checked: https://vidwath.com/backup.zip
Next/final: https://vidwath.com/backup.zip
Content type: text/html; charset=utf-8
Content hash: 4d9103742e439c72d45ea4a1f882e01eb9ed9be4a6ee29645c2cafd7cc5dd697
Captured public headers
content-type
text/html; charset=UTF-8
Share preview
vidwath.com website audit report
Needs fixes before launch: 67/100 overall, with prioritized fixes for SEO, security, accessibility, and design.
Public reports expose the scanned public URL, safe scores, sanitized public evidence, and fix guidance. They do not include credentials, cookies, hidden form values, or sensitive response bodies.