How much does Zorva Labs cost?

$57 per month, all-in. That includes the custom website build (no setup fee), domain registration with DNS management, Zorva Edge hosting, SSL, daily backups, uptime monitoring, and monthly content changes. Larger custom work is billed at $33/hour, always quoted upfront.

Does Zorva Labs handle SEO and AI search optimization?

Yes — every site we build comes with on-page SEO and AI search optimization (AIO, AEO, GEO) baked in. That covers schema markup, llms.txt, structured FAQs, conversational headings, and the entity graph that ChatGPT, Claude, Gemini, and Perplexity rely on. Zorva Grow adds high-authority backlinks as a $257/month add-on.

Is the website really free?

Yes. We design and build your custom 3-page website at no upfront cost — it's bundled into the $57/month plan. As long as you stay subscribed, your site is live and maintained.

How long does it take to launch a website?

Most websites are live within 7 days. We request your content on day 1, send a preview by day 4, and launch after your approval.

Can I cancel anytime?

Yes — no contracts, cancel from your Stripe portal anytime. We do ask for a 90-day minimum after launch to cover the initial build cost.

Why not just use Wix, Squarespace, or WordPress?

Those builders look cheap but cost more once you add apps, plugins, hosting, and your own time to build. Wix Business with apps runs $72/mo. WordPress with hosting and plugins runs $60/mo plus your time. And the sites are template-driven, hard to customize, and don't get optimized for AI search engines like ChatGPT, Claude, Gemini, or Perplexity. Plus, you have to build it yourself or pay a developer.

What kind of website changes are included?

Text edits, photo swaps, hours and price updates, contact info changes, small layout tweaks, and any change under 15 minutes — all included. Larger projects like new pages, redesigns, or integrations are quoted at $33/hour.

Where is Zorva Labs based?

Zorva Labs is based in Nashville, Tennessee. We serve small businesses across the United States and Canada.

Yes. You own your domain, the source code, the design, your logo, your content, and your brand. If you ever leave Zorva Labs, you take everything with you intact — no rebuild required. Unlike Wix, Squarespace, or most agencies, there's no vendor lock-in.

SEOMay 16, 2026·10 min read

Free SEO + AI Search Scanner: What 38 Checks Across SEO, Mobile, Performance, Schema, AEO, and Trust Actually Find

Our free site scanner runs 38 checks across six dimensions — SEO basics, mobile and security, Core Web Vitals via Google PageSpeed Insights, structured data, AI search readiness, and trust signals. Here's every check, the scoring math, and how it compares to the 5-check 'free audits' that exist to capture an email.

Michael Blair

Founder, Zorva Labs

TL;DR

The Zorva Labs scanner runs 38 free checks across six categories: SEO basics (10 checks), mobile + security (8), performance via real Google PSI data (5), structured data (4), AI search readiness (4), and trust + E-E-A-T (2). No signup, no email gate, no upsell hidden behind a paywall. The score is calculated as ((passes × 1) + (warns × 0.5)) / scoreable_checks × 100, and every failing check ships with a concrete fix recommendation.

Most "free SEO audits" exist to capture your email

Type "free SEO audit" into Google and you'll find dozens of tools that ask for your domain, your email, your company name, your phone number, and "what stage you're at" — and then return a 5-check report scored so generously that almost any site gets a 72/100. The score is theatre. The email is the product.

We built our scanner the opposite way. No signup, no email, no qualification quiz. Drop in a domain, get an honest 38-check report in about 25 seconds, and walk away with a written fix list. This post is the methodology — what every check measures, why it matters, and what a passing or failing result actually means.

The six categories of checks

The 38 checks are organized into six categories. A site needs strength across all six to score in the 90s — single-dimension fixes plateau a score in the 70s.

SEO basics — 10 checks. Title, meta description, H1, canonical, sitemap, robots.txt, HTML lang, favicon, 404 handling, title-vs-H1 differentiation.
Mobile + security — 8 checks. Viewport, zoom blocked, fixed-width overflow, HTTPS, HSTS, HTTP→HTTPS redirect, mixed content, security headers.
Performance + Core Web Vitals — 5 checks. Mobile PageSpeed score, LCP, CLS, INP (real-user data from CrUX), TTFB.
Structured data — 4 checks. Any JSON-LD present, business entity (Organization/LocalBusiness), FAQPage schema, Article/BlogPosting schema (on blog URLs).
AI search readiness — 4 checks. llms.txt presence, AI crawler permissions (GPTBot, ClaudeBot, PerplexityBot, etc.), Speakable specification, sitemap referenced in robots.txt.
Trust + E-E-A-T — 2 checks. Person schema (named author entity), image alt text coverage.

Plus three performance-environment checks: HTML payload size measured on the wire (gzipped), compression, and HTTP/2 or HTTP/3.

SEO basics — what each of the 10 checks looks at

Page title (50–60 characters)

Google truncates titles at ~580 pixels of width, which works out to roughly 60 characters for most fonts. Titles under 30 characters are flagged as too thin; over 65, the back half is hidden in the search result. The sweet spot is 50–60 — long enough to include your primary keyword, brand, and a differentiator, short enough to render in full.

Meta description (150–160 characters)

Same logic, different field. Under 120 chars and Google often rewrites your description to fill space — you lose control of your SERP messaging. Over 165 and the tail gets ellipsis'd. 150–160 is the sweet spot.

Single H1

Multiple H1s confuse both Google and AI engines about which heading captures the page's intent. We flag pages with zero or two-plus H1s.

Canonical URL

Tells search engines which version of a URL is authoritative (e.g., www vs non-www, trailing-slash vs not). Without it you risk duplicate-content dilution.

Sitemap.xml

Lets crawlers see your full URL inventory without having to spider the entire site. Sites without sitemaps lose long-tail page indexing on first crawl.

robots.txt + Sitemap directive

Two separate checks. The first confirms robots.txt exists. The second confirms it points crawlers at your sitemap. Many sites have one without the other.

HTML lang attribute

<html lang="en">. Screen readers, accessibility tools, and AI engines all use this to determine your content's language. Missing it tanks your accessibility audit and confuses multi-region search.

Favicon

Affects branded SERP appearance + browser tab visibility. We check for icon, shortcut icon, or apple-touch-icon link tags.

404 page handling

Pages that don't exist must return a real HTTP 404. Soft 404s (200 OK on a "not found" page) let Google index ghost URLs and waste your crawl budget. We test a random URL and inspect the response code.

Title vs H1 differentiation

Word-for-word identical titles and H1s waste a signal. Google reads them as complementary — title = SERP context, H1 = page intent. Sites that duplicate them lose differentiation.

Mobile + security — the 8 checks

Mobile viewport meta tag — without it phones see a desktop-zoomed-out layout. Failure here usually means the site was built pre-2015 and never updated.
Mobile zoom not blocked — user-scalable=no or maximum-scale=1 in the viewport is a WCAG 2.1 accessibility violation and Google deprioritizes it.
No fixed-width elements — we scan inline styles for hardcoded widths ≥360px that would overflow a phone viewport.
HTTPS — non-HTTPS sites get flagged "Not Secure" by every modern browser and deprioritized by Google.
HSTS header — Strict-Transport-Security tells browsers to force HTTPS forever, even on first visit.
HTTP → HTTPS redirect — separate check. We fetch the http:// URL and verify it 301s to https://.
Mixed content — scans the page for any http:// resources on an HTTPS page (browsers block these and show warnings).
Security headers — checks the four baseline headers: CSP, X-Content-Type-Options, X-Frame-Options, Referrer-Policy.

Performance — real Core Web Vitals, not "your site loads fast"

Most free SEO tools either skip performance entirely or report their own crude timing measurement. We call Google's official PageSpeed Insights API in the background — the same data Google uses for its own ranking signals — and surface the actual Core Web Vitals:

Mobile PageSpeed score — Lighthouse score (0-100). Pass at 70+, warn at 40-69, fail under 40. We grade against ranking-impact thresholds, not the stricter "good UX" thresholds.
LCP (Largest Contentful Paint) — how fast the main visual element renders. Pass ≤4s, warn ≤6s, fail >6s.
CLS (Cumulative Layout Shift) — how much the page jumps around during load. Pass ≤0.10, warn ≤0.25, fail >0.25.
INP (Interaction to Next Paint) — real-user data from Google's CrUX dataset. How fast the page responds to clicks/taps. Pass ≤200ms, warn ≤500ms, fail >500ms. Only shows up for sites with enough mobile traffic to be in the CrUX dataset.
TTFB / page load time — our own measurement of how fast the HTML byte arrives. Pass under 800ms, warn under 2s, fail above.

And one wire-payload check: how many bytes your HTML weighs after gzip. Most free tools measure the uncompressed size, which is meaningless. The wire payload is what actually determines TTFB.

Structured data — does Google know what your business is?

Any JSON-LD present — we parse every <script type="application/ld+json"> block.
Business entity — Organization, LocalBusiness, or one of its specialized subtypes (ProfessionalService, MedicalBusiness, HomeAndConstructionBusiness).
FAQPage — required for Google's AI Overview + voice-search citations.
Article / BlogPosting — only checked on URLs that look like blog posts (URL contains /blog, /article, etc.).

AI search readiness — the four checks most free tools skip entirely

llms.txt — a Markdown file at your site root that summarizes your business for AI consumption. Required if you want ChatGPT, Claude, Perplexity, and Gemini to cite you accurately. Almost nobody has one yet; that's why we wrote a complete setup guide.
AI crawler permissions — checks robots.txt for explicit blocks against GPTBot, ClaudeBot, PerplexityBot, Google-Extended, Applebot-Extended, CCBot, anthropic-ai, and OAI-SearchBot. Many CDNs (Cloudflare in particular) auto-inject AI bot blocks by default.
Speakable specification — JSON-LD SpeakableSpecification marks paragraphs as voice-friendly. Voice engines (Siri, Alexa, Google Assistant) prefer pages with explicit speakable hooks.
Sitemap referenced in robots.txt — overlaps with SEO basics but counts for AI crawlers separately, since they're more likely to enter via robots.txt than the homepage.

Trust + E-E-A-T — the two checks Google ranks on heaviest in 2026

Person schema — names a real human author/founder entity. Google + AI engines lean heavily on E-E-A-T (Experience, Expertise, Authoritativeness, Trustworthiness), and the cleanest way to signal it is a Person JSON-LD node tied to your Organization.
Image alt text coverage — percentage of <img> tags with alt attributes. Affects accessibility + image SEO.

How we score

The math is intentionally simple so the score is auditable:

score = round(((passes × 1) + (warns × 0.5)) / scoreable × 100)

Where scoreable is the count of checks that returned a pass/warn/fail (we exclude info checks — e.g. "couldn't determine, no signal either way"). A site with 30 passes, 3 warns, and 5 fails scores: (30 + 1.5) / 38 = 83.

How we compare to the "free audit" tools that ask for your email

Capability	Zorva scanner	Typical "free SEO audit"
Checks	38	5-12
Email gate	None	Required
Real Core Web Vitals	Yes (via Google PSI)	Rarely
AI search checks	4 (llms.txt, AI bots, speakable, sitemap)	0
Schema markup checks	4 types	1 or 0
Fix recommendations	Inline on every failing check	"Upgrade to see"
Time	~25 sec	30+ seconds, often gated
Cost	Free, forever	"Free trial"

FAQ

Does it work on any site?

Any publicly reachable HTTPS site. We hit your homepage as a normal browser would. Sites behind aggressive WAF / Cloudflare bot protection sometimes return 403 — we detect that and call it out in the report, since it's a deliberate anti-bot rule, not a SEO problem.

Why 38 checks instead of 100?

We test what actually moves rankings + AI citations in 2026. Most "100-check audits" pad the list with checks that haven't mattered since 2018 (meta keywords, header tag length, h2-to-paragraph ratio). 38 checks is the count that survives an honest "does this affect outcomes" filter.

Why no email gate?

Email gates exist to feed sales pipelines. We don't have a sales team. If you like what we build, you'll come back. If you don't, the report is yours either way.

How often can I re-scan?

One scan per domain per 30 days. PageSpeed Insights has cost + quota limits, so we cache aggressively. Ping us if you need a re-scan sooner.

Is my scan private?

Every scan auto-publishes to our live leaderboard at the moment it completes — that's how the rankings stay current. The leaderboard shows your domain + score. To remove a domain, email zorvalabs@gmail.com.

Run yours — no signup, no email gate

Every tool at zorvalabs.com/tools is free, instant, and locks nothing behind an email form. You'll see the same numbers we see when we audit a paying client's site — same checks, same thresholds, same fix recommendations. If you want us to actually ship the fixes, plans start at $57/month, all-in. If you just want the report and a checklist, take it and run.