Audit Result

Found 18 characters. Keep title between 30 and 60 characters.

Fix: Add a unique <title> tag describing the main page intent in 30-60 characters.

Missing meta description.

Fix: Add <meta name="description" content="..."> in <head> with a clear page summary.

Canonical link not found.

Fix: Add <link rel="canonical" href="https://example.com/page"> to avoid duplicate URL ambiguity.

Favicon found and reachable: data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAAXNSR0IArs4c6QAAA1JJREFUWEftl2tIU2EYx/+by6azeclMs8zQKJt4SSo1MbwERk6pRPPSHfOSqaFUMk103hDLJEdq06K1UDHzfkmjm0hQIRhB0Ac/WEFKhUJGmjPeE8yOO3rOYmAfej6+e/f//85znufZM97c3NwcljF4/wH++QzMajRQtw5i5MM4Y6WsEAhgbiaEva0Vdrk7wW6NhV4VxVoDTT0vkFGsBp/PR3SoN4z4fKjbBzE7q9Ex4vN5CA3wRH76IViKRZxAWAGq7j5EcXU7YsN8UZQRSYl2PBpCqlzFCEE+d3JYi3uKNFiKTVkhOAMcO+CH/PQIrSAbRETITlzOijEcgMCIj8ZrqfCSOHKCEAiMMNRaALGZyZIQnDNAVFyc7dGtzASPx+MEUV+RAh8PZ8MBEKWGihR4LxCt73yOC6X1OkZ1JfEI8pEYFqAoMxKxUl+a6JeJb/AMk+kYdSkzIdm83rAAXbWZkDjTRUtqOnBd3U8zsrOxwGBDLkhrLhV61YD/jq1QlSXS9Mpv9eDqzR7aGamRytyj1ExgC84ApJrbazLgaG+t1STmt+8PgEzLickp6txMJERe6kGQNuQSnAGSYoJwMUFKMx8ZHad6nUzFqLRKaDQaKPKOw8FuNRdv6g5ngH173FGVf4L6EnnykdExlMviqNFMolTZCYWqDyKTlYiPCsDZI3tBZgFbcAYgQl6um6iiWmdjiXJZrNacdMH++DJ8/PRV6xe82xU3Ck4ZtgiJeniwF82cnJ0rvIPmBy91HpapZRde0isD0sDtqMiZTzsRG3k/jsC4ImgYNju3LRuowjVYGw61FcLKnP4zq2odQPaVJkYPUgPv+sqWfA16ZYBpDHc/GUbipTpGALLtvu0thanQeNEk6AVAlgx1eRJtEv6YnoHfYTnGPk/qmJCZ8KarxHCvgCgxQbT0v0KaXKVjFOLvhmr5ScMCLAaRkFOHnqfDWjPSrs2KNHhum98fmEj0egV/CvzORDIkzvbUsVzRAmXjY+2V8/GhOBMXzDaH2Cdh77PXOJ1dyyhkIRYhK1GK6ZmfKK5qw9T3aawSCSFLDkd0qA+rObnAmgFyiSwcZAfUzOr+iyPLkVBoDFtrMTxcNiLE352C4BqcALiK/c29/wDLnoFfrjjHsMu+hGEAAAAASUVORK5CYII= (HTTP 200).

Viewport configured: width=device-width, initial-scale=1

Language declared as "hu".

Found 20 H1 tags.

Fix: Use a single, descriptive <h1> that states the primary purpose of the page.

Valid heading flow across 24 headings.

All 0 images include alt text.

Page is served over HTTPS.

2 HTTPS hardening issues detected.

• • Missing Strict-Transport-Security header.
• • Could not probe the HTTP version of this page.

Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.

Missing: strict-transport-security, content-security-policy, x-frame-options, x-content-type-options, referrer-policy.

Fix: Add the missing security headers at your reverse proxy or application layer.

Content-Security-Policy header is missing.

• • Missing Content-Security-Policy header.

Fix: Define a restrictive Content-Security-Policy and avoid unsafe directives such as unsafe-inline and unsafe-eval.

No first-party cookies were set during the initial page load.

Server response headers do not expose version tokens.

Domain does not appear to be behind Cloudflare.

Loaded in 3.41s (perceived).

Fix: Reduce payload size, cache static assets, and remove non-critical JS from initial load.

0 scripts and 1 styles may block rendering.

• • style: https://fonts.googleapis.com/css2?family=Inter:wght@400;500&display=swap

Fix: Defer non-critical scripts and inline critical CSS to improve first paint speed.

6 text resources look uncompressed.

• • https://app.bupa.hu/_next/static/css/d59d51ad9a2bee26.css (text/css; charset=UTF-8)
• • https://app.bupa.hu/_next/static/chunks/main-app-88868a3f1626c2f6.js (application/javascript; charset=UTF-8)
• • https://app.bupa.hu/_next/static/chunks/app/(core-module)/(dashboard)/page-6434a290ed3e0337.js (application/javascript; charset=UTF-8)
• • https://belepes.bupa.hu/mfmbupaprod.onmicrosoft.com/b2c_1a_signup_signin/v2.0/.well-known/openid-configuration (application/json; charset=utf-8)
• • https://belepes.bupa.hu/mfmbupaprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=5b5cb8c4-6bdf-498f-9233-3dd6f536fb21&scope=openid%20profile%20offline_access%205b5cb8c4-6bdf-498f-9233-3dd6f536fb21&redirect_uri=https%3A%2F%2Fapp.bupa.hu%2Fsusi-redirect&client-request-id=019cec90-0e16-7cba-9f84-b22f8b0aad81&response_mode=fragment&client_info=1&nonce=019cec90-0e17-7407-83a4-7af3b004591d&state=eyJpZCI6IjAxOWNlYzkwLTBlMTctNzUxZS1iMmMwLTIzOTM3NGE1NTMxMiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&x-client-SKU=msal.js.browser&x-client-VER=4.28.0&response_type=code&code_challenge=0bALKDO49MKYF3O8IAY4ZwukB-Fc45QY-1rk5Mfff2o&code_challenge_method=S256&step=login (text/html; charset=utf-8)
• • https://stbupaprdb2cdata.blob.core.windows.net/azure-adb2c-layout/sign-in.html (text/html;)

Fix: Enable Brotli or Gzip compression for HTML, CSS, JS, and JSON responses.

robots.txt missing or inaccessible (404).

Fix: Create a robots.txt file at https://belepes.bupa.hu/robots.txt and allow intended crawlers.

Sitemap missing or inaccessible at https://belepes.bupa.hu/sitemap.xml (404).

Fix: Publish a sitemap.xml and reference it in robots.txt with: Sitemap: https://belepes.bupa.hu/sitemap.xml

No robots meta tag defined.

Fix: Add <meta name="robots" content="index,follow"> (or the intended directive) in <head>.

All 2 controls are labeled.

Missing landmarks: header, nav, footer.

Fix: Use semantic regions (<header>, <nav>, <main>, <footer>) for navigation and assistive tech.

1 interactive elements appear smaller than 48px.

• • a#forgotPassword (Elfelejtetted a jelszavad?) - 404x22px

Fix: Increase target size to at least 48x48 CSS pixels for touch interactions.

Missing og:title or og:description.

Fix: Add og:title and og:description tags to control social preview text.

og:image is missing.

Fix: Add <meta property="og:image" content="https://..."> with a high-quality share image.

twitter:card is missing.

Fix: Add <meta name="twitter:card" content="summary_large_image"> for better previews on X.

No JSON-LD schema scripts found.

Fix: Add JSON-LD structured data matching your page type (Organization, Article, Product, etc.).

Manifest or Apple touch icon is missing.

Fix: Link your web app manifest and apple-touch-icon for improved install/share experiences.

5 social preview quality issues detected.

• • ISSUE: og:url should be an absolute URL.
• • ISSUE: og:title should typically be between 10 and 70 characters.
• • ISSUE: og:description should typically be between 50 and 200 characters.
• • ISSUE: Use an absolute URL for og:image or twitter:image.
• • ISSUE: twitter:card is missing.
• • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
• • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
• • GUIDELINE: Optimal preview image size: 1200x630 pixels.
• • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
• • GUIDELINE: Optimal preview image file size: under 5 MB.
• • GUIDELINE: Recommended twitter:card: summary_large_image.

Fix: Use absolute OG/Twitter URLs, keep metadata lengths in recommended ranges, and provide a preview image near 1200x630 under 5MB.

2 internal links returned errors.

• • https://belepes.bupa.hu/mfmbupaprod.onmicrosoft.com/B2C_1A_signup_signin/api/CombinedSigninAndSignup/unified?claimsexchange=ForgotPasswordExchange&csrf_token=UW45MFI4VDNTZm05MkZEczBGaVY5TERrTkxOZGNuQ2N1N2xlUXRBYlR3M1VER1YwYjZZMFJMUFdwTTQrQmJRV0FBQmFMOHhRMldMZGVrY2dqWTdVQ1E9PTsyMDI2LTAzLTE0VDEzOjM2OjMyLjcwMDc1OFo7ODk1TXZ5MnlXZ3g2bHNSOUhpYXdqZz09O3siT3JjaGVzdHJhdGlvblN0ZXAiOjF9&tx=StateProperties=eyJUSUQiOiJkMDIwZmE2Mi1kMjAzLTRlMzAtYjFkMC05ZTQ0MWY5MmU3NjgifQ&p=B2C_1A_signup_signin (HTTP 404)
• • https://belepes.bupa.hu/mfmbupaprod.onmicrosoft.com/B2C_1A_signup_signin/api/CombinedSigninAndSignup/unified?local=signup&csrf_token=UW45MFI4VDNTZm05MkZEczBGaVY5TERrTkxOZGNuQ2N1N2xlUXRBYlR3M1VER1YwYjZZMFJMUFdwTTQrQmJRV0FBQmFMOHhRMldMZGVrY2dqWTdVQ1E9PTsyMDI2LTAzLTE0VDEzOjM2OjMyLjcwMDc1OFo7ODk1TXZ5MnlXZ3g2bHNSOUhpYXdqZz09O3siT3JjaGVzdHJhdGlvblN0ZXAiOjF9&tx=StateProperties=eyJUSUQiOiJkMDIwZmE2Mi1kMjAzLTRlMzAtYjFkMC05ZTQ0MWY5MmU3NjgifQ&p=B2C_1A_signup_signin (HTTP 404)

Fix: Fix or remove the listed internal URLs, and ensure routes/pages return 200 responses.

No broken external links found in checked URLs.

All 5 links use non-empty href values.

Largest Contentful Paint: 3.41s.

Fix: Improve LCP by optimizing above-the-fold media, reducing server latency, and inlining critical CSS.

Cumulative Layout Shift: 0.000.

Total Blocking Time estimate: 57ms.

No failed CSS/JS/image/font/media requests detected.

4 JavaScript runtime issues detected.

• • Request failed: https://app.bupa.hu/identity/api/v1/customers/me (HTTP 401, type: xhr)
• • Request failed: https://pagead2.googlesyndication.com/ccm/collect?frm=0&ae=g&en=page_view&dl=https%3A%2F%2Fapp.bupa.hu%2F&scrsrc=www.googletagmanager.com&rnd=2037267542.1773495390&navt=n&npa=1&ep.ads_data_redaction=0&_tu=CA&gtm=45He63c0h2v9100623631za200zd9100623631xea&gcs=G100&gcd=13q3q3q3q5l1&dma_cps=-&dma=0&tag_exp=103116026~103200004~115938465~115938468~116024733~117484252&apve=1&apvf=f&apvc=1&tft=1773495389710&tfd=3166 (net::ERR_ABORTED, type: fetch)
• • Request failed: https://pagead2.googlesyndication.com/ccm/collect?frm=0&ae=g&en=page_view&dr=app.bupa.hu&dl=https%3A%2F%2Fbelepes.bupa.hu%2Fmfmbupaprod.onmicrosoft.com%2Fb2c_1a_signup_signin%2Foauth2%2Fv2.0%2Fauthorize&scrsrc=www.googletagmanager.com&rnd=1240088310.1773495394&navt=n&npa=1&ep.ads_data_redaction=0&_tu=CA&gtm=45He63c0h2v9100623631za200zd9100623631xea&gcs=G100&gcd=13q3q3q3q5l1&dma_cps=-&dma=0&tag_exp=103116026~103200004~115616986~115938465~115938469~116024733~117484252&apve=1&apvf=f&apvc=1&tft=1773495394255&tfd=2242 (net::ERR_ABORTED, type: fetch)
• • Failed to load resource: the server responded with a status of 401 (Unauthorized) [https://app.bupa.hu/identity/api/v1/customers/me:1]

Fix: Fix JS files returning 404/failed requests and resolve the listed runtime exceptions.