Stepwik 2.0

Turn GitHub repos, docs, PDFs, blogs, and slides into interactive hands-on codelabs in minutes. Reduce churn and cut support costs with Stepwik.

stepwik.com · Added June 11, 2026 · Last analysed June 11, 2026 · via · 67% unique tagline

Own this Launch?

StackScope is a free public catalogue of indie launches. We find launches on Product Hunt, Hacker News and similar feeds, then crawl each site to detect its tech stack and score it for launch readiness: DNS, security headers, SEO basics. This page is what we saw on 11 June 2026; the live site may have changed since.

Stepwik 2.0 scores well across the board, with complete legal pages, a thorough launch checklist, and clean crawl signals. Main gaps: missing several security headers, analytics without a consent banner, and incomplete email security.

Launched on Product Hunt on June 11, 2026. The domain was registered in 2025. The crawl picked up 15 technologies on this site, covering analytics, hosting, advertising, and CSS frameworks. The stack includes Nuxt, Tailwind CSS, and Vue.js.

For context, it's the only launch we've crawled on this exact stack.

If you own this site, refresh the snapshot and see the full fix list any time →

8.1

StackScope Score

Excellent

100/100 Launch Readiness

Launch ready

2/6 Security Headers

Weak

3/3* Legal

Complete*

2/2 Web Standards

Complete

40/100 Performance

Slow

Vibe Score 0 · No AI signals

Informational pattern-match signal. Does not feed the StackScope Score. See which fingerprints fired →

Tech Stack (15)

Infrastructure

DNS	Cloudflare DNS
Hosting	Firebase App Hosting
Hosting	Google Cloud
Protocol	HTTP/3
Proxy	Envoy

Business email	Google Workspace (2)
Transactional email	ZeptoMail

Build & Framework

CSS framework	Tailwind CSS
Framework	Vue.js
Meta-framework	Nuxt

Analytics & Marketing

Advertising	Google Ads (2)
Analytics	Google Analytics (4)
Analytics	PostHog (3)
SEO	Google Search Console
Tag management	Google Tag Manager

Infrastructure

Network

AS15169 19527 · US

DNS

Cloudflare DNS

Authoritative nameserver

DNSSEC

Not enabled

DNS responses unsigned. Cache-poisoning vulnerable.

SSL Certificate

Google Trust Services

Valid 25 Apr 2026 to 24 Jul 2026

Certificate as captured in this snapshot, not a live check.

Domain Age

1 year

Registered Jun 2025 · GoDaddy.com, LLC

Email Security

✓

SPF -all Strict (-all). Strong.

DKIM Not detected at common selectors. Your provider may use a custom one.

✗

DMARC p=none None (p=none). Monitoring only.

MTA-STS Not deployed. Mail to your domain can be downgraded to plaintext en route.

TLS-RPT Not configured. You won't hear about silent SMTP TLS handshake failures.

Storage (10)

Cookies (5)

Name	Lifetime	Detected as
ph_phc_EKp7Z8MA2a5EnMZeJWzsbVrfIs19kNiCadkY0oqr65u_posthog	1y	PostHog
_ga	1y	Google Analytics
_ga_LMJNLR3G96	1y	Google Analytics
_gcl_au	3mo	Google Ads
__Secure-stepwik.sid	14d	-

Local storage (3)

Key	Size	Detected as
ph_phc_EKp7Z8MA2a5EnMZeJWzsbVrfIs19kNiCadkY0oqr65u_posthog	717 B	PostHog
stepwik_ip_info	594 B	-
_gcl_ls	277 B	Google Ads

Session storage (2)

Key	Size	Detected as
ph_phc_EKp7Z8MA2a5EnMZeJWzsbVrfIs19kNiCadkY0oqr65u_posthog	90 B	PostHog
ph_phc_EKp7Z8MA2a5EnMZeJWzsbVrfIs19kNiCadkY0oqr65u_primary_window_exists	4 B	PostHog

Readiness Breakdown How?

✓ Custom title and meta description

✓ Open Graph tags (title, image, description)

✓ Twitter card meta tags

✓ Canonical URL declared

✓ Responsive viewport meta tag

✓ Favicon present

✓ Semantic HTML (nav, main, article)

Performance How?

744 ms Server response

20% Faster than peers

4144 ms Largest contentful paint

0.04 Cumulative layout shift

5.6 MB Page weight

1.9 MB Image weight

4 Third-party domains

1 Console errors

1 Failed requests

⚠ 29 images: 8 oversized, 24 without width/height, 2 missing alt text

Broken first-party requests (1), worth fixing

401 /revamp/api/v1/auth/status

Indicative grade from a single automated render, not a substitute for Lighthouse or field data, and not part of the StackScope score.

AI Stance

Welcomes AI crawlers

✓ llms.txt published

✓ No AI bots blocked in robots.txt

Content-Signal

? No directive declared

Link headers

? None advertised

Well-Known Files

✓ robots.txt

✓ sitemap.xml (226 URLs)

✗ security.txt

✓ llms.txt

✓ ads.txt

✗ humans.txt

Legal

✓ Privacy Policy

✓ Terms of Service

? Consent manager not detected

Analytics detected; tracking fires without visitor opt-in.

88% unique

Mentions:

Cookies DPO Do Not Sell Updated: Jan 12, 2026

Security Headers (2/6)

✗

Referrer-Policy

✓

X-Frame-Options

✗

Permissions-Policy experimental (check browser support)

✗

X-Content-Type-Options

✓

Content-Security-Policy

✗

Strict-Transport-Security

–

X-XSS-Protection deprecated (use Content-Security-Policy)

Build

✓ HTML minified

✗ CSS minified

✗ JS minified

✓ Code splitting

5 JS files

55 CSS files

4 Third-party domains

Brand Colours

Something not look right? If a technology shown here is wrong or out of date, email [email protected] and we'll review it.