Audit Result

Found 39 characters. Length is optimal.

Found 150 characters. Good snippet length.

Canonical found: https://mockapi.store

Favicon found and reachable: favicon.svg (HTTP 200).

Viewport configured: width=device-width, initial-scale=1

Language declared as "en".

Exactly one H1 found: "Mock APIs in seconds,not hours".

Valid heading flow across 16 headings.

All 0 images include alt text.

Page is served over HTTPS.

1 HTTPS hardening issues detected.

• • Could not probe the HTTP version of this page.
• • Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.

Core security headers were detected.

Content Security Policy looks restrictive and avoids common unsafe directives.

• • Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https://*.supabase.co wss://*.supabase.co; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; object-src 'none';

No first-party cookies were set during the initial page load.

Server response headers do not expose version tokens.

Domain does not appear to be behind Cloudflare.

Loaded in 0.25s (perceived).

No render-blocking scripts or styles detected.

1 text resources look uncompressed.

• • https://mockapi.store/env.js (application/javascript; charset=UTF-8)

Fix: Enable Brotli or Gzip compression for HTML, CSS, JS, and JSON responses.

Found robots.txt (200).

Found sitemap (200) at https://mockapi.store/sitemap.xml.

Robots meta found: index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1

All 0 controls are labeled.

Header, nav, main, and footer landmarks are present.

Interactive targets look touch-friendly.

Core Open Graph tags are present.

og:image is present and absolute.

twitter:card set to summary_large_image.

JSON-LD schema detected.

Manifest and Apple touch icon are configured.

Social preview metadata and image quality look good for Open Graph/Twitter.

• • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
• • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
• • GUIDELINE: Optimal preview image size: 1200x630 pixels.
• • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
• • GUIDELINE: Optimal preview image file size: under 5 MB.
• • GUIDELINE: Recommended twitter:card: summary_large_image.
• • MEASURED: Image size: 0.11 MB
• • MEASURED: Image dimensions: 1200x630

Checked 2 links. No broken internal links found.

No broken external links found in checked URLs.

All 7 links use non-empty href values.

Largest Contentful Paint: 0.33s.

Cumulative Layout Shift: 0.000.

Total Blocking Time estimate: 0ms.

No failed CSS/JS/image/font/media requests detected.

1 JavaScript runtime issues detected.

• • Executing inline event handler violates the following Content Security Policy directive 'script-src 'self''. Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. The action has been blocked. [https://mockapi.store/:187]

Fix: Fix JS files returning 404/failed requests and resolve the listed runtime exceptions.