Audit Result

UUID: 019cf610-4c57-70f1-ad2d-24576443d029

Share on X Back to history
eolstatus.com

https://eolstatus.com/

Scanned 17 hours ago

79
Fair Score
39 total checks
Passed
26
Warnings
10
Errors
3

Meta Information

  • Title Tag Pass

    Found 36 characters. Length is optimal.

  • Meta Description Warning

    Found 168 characters. Keep description around 70-160 characters.

    Fix: Add <meta name="description" content="..."> in <head> with a clear page summary.

  • Canonical URL Warning

    Canonical link not found.

    Fix: Add <link rel="canonical" href="https://example.com/page"> to avoid duplicate URL ambiguity.

  • Favicon Pass

    Favicon found and reachable: /icon.svg?dcd5106701460848 (HTTP 200).

    Favicon
  • Viewport Meta Pass

    Viewport configured: width=device-width, initial-scale=1

  • HTML Lang Pass

    Language declared as "en".

Content Structure

Technical Optimization

  • HTTPS Pass

    Page is served over HTTPS.

  • HSTS & HTTPS Redirect Warning

    1 HTTPS hardening issues detected.

    • • Could not probe the HTTP version of this page.
    • • Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

    Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.

  • Security Headers Pass

    Core security headers were detected.

    Full HTTP headers (23)
    • • cache-control: private, no-cache, no-store, max-age=0, must-revalidate
    • • cf-cache-status: DYNAMIC
    • • cf-ray: 9dd2de593ca61f55-IAD
    • • content-encoding: zstd
    • • content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https: blob:; connect-src 'self' https://*.supabase.co https://api.stripe.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src 'self' https://js.stripe.com https://hooks.stripe.com; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests
    • • content-type: text/html; charset=utf-8
    • • date: Mon, 16 Mar 2026 09:53:03 GMT
    • • link: </_next/static/media/e4af272ccee01ff0-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2"
    • • nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
    • • permissions-policy: camera=(), microphone=(), geolocation=(), interest-cohort=()
    • • referrer-policy: strict-origin-when-cross-origin
    • • report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fNEkTCz8H1SqRYKvxTONrfRNsKM4NZkyokCufZw4BAuMJGRTkNULukpM9vdbJTPttawcj7vBE%2Fxmxa%2BWXczkPyVHYJrKQoDzm1h5ONAkolM1bseKktvjhpQ%3D"}]}
    • • rndr-id: e7e4c2eb-07fd-4e95
    • • server: cloudflare
    • • server-timing: cfCacheStatus;desc="DYNAMIC" cfEdge;dur=14,cfOrigin;dur=705
    • • strict-transport-security: max-age=31536000; includeSubDomains; preload
    • • vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
    • • x-content-type-options: nosniff
    • • x-dns-prefetch-control: on
    • • x-download-options: noopen
    • • x-frame-options: DENY
    • • x-render-origin-server: Render
    • • x-xss-protection: 1; mode=block
  • CSP Quality Error

    2 CSP hardening issues detected.

    • • script-src/default-src permits 'unsafe-inline'.
    • • script-src/default-src permits 'unsafe-eval'.
    • • Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https: blob:; connect-src 'self' https://*.supabase.co https://api.stripe.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src 'self' https://js.stripe.com https://hooks.stripe.com; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests

    Fix: Tighten Content-Security-Policy by removing unsafe directives and adding object-src, base-uri, and frame-ancestors restrictions.

  • Cookie Security Pass

    No first-party cookies were set during the initial page load.

  • Server Version Disclosure Pass

    Server response headers do not expose version tokens.

  • Cloudflare Proxy Pass

    Domain appears to be behind Cloudflare.

    • • server: cloudflare
    • • cf-cache-status: DYNAMIC
    • • cf-ray: 9dd2de593ca61f55-IAD
  • Perceived Load Time Pass

    Loaded in 0.92s (perceived).

  • Render Blocking Resources Warning

    1 scripts and 1 styles may block rendering.

    • • script: https://eolstatus.com/_next/static/chunks/polyfills-42372ed130431b0a.js
    • • style: https://eolstatus.com/_next/static/css/bc1f8ce1c4c67ed6.css

    Fix: Defer non-critical scripts and inline critical CSS to improve first paint speed.

  • Compression Pass

    Text-like assets appear compressed.

  • Robots.txt Pass

    Found robots.txt (200).

  • Sitemap File Pass

    Found sitemap (200) at https://eolstatus.com/sitemap.xml.

  • Crawl Directives Pass

    Robots meta found: index, follow

Accessibility Basics

  • Form Labels Error

    1 of 1 controls are missing labels.

    • • input[type="text"].w-full.pl-10 (Search by name, vendor, version or tags...)

    Fix: Associate each form control with a visible label, aria-label, or aria-labelledby.

  • Landmarks Warning

    Missing landmarks: header.

    Fix: Use semantic regions (<header>, <nav>, <main>, <footer>) for navigation and assistive tech.

  • Tap Target Size Warning

    14 interactive elements appear smaller than 48px.

    • • a.flex.items-center (EOL Status) - 158x40px
    • • a.flex.items-center (Products) - 114x36px
    • • a.flex.items-center (Vendors) - 110x36px
    • • a.flex.items-center (Ending Soon) - 140x36px
    • • a.flex.items-center (Calendar) - 116x36px
    • • a.flex.items-center (Pricing) - 100x36px
    • • a.hidden.md:block (Sign In) - 80x36px
    • • button.flex.items-center (Show Filters) - 148x46px
    • • a.flex.items-center (View All) - 76x20px
    • • a.flex.items-center (Contact) - 280x20px
    • • a.flex.items-center (LinkedIn) - 280x20px
    • • a.flex.items-center (X (Twitter)) - 280x20px
    • • a.text-gray-600.hover:text-gray-900 - 20x20px
    • • a.text-gray-600.hover:text-gray-900 - 20x20px

    Fix: Increase target size to at least 48x48 CSS pixels for touch interactions.

Social & Rich Results

  • Open Graph Basics Pass

    Core Open Graph tags are present.

  • Open Graph Image Warning

    og:image is missing.

    Fix: Add <meta property="og:image" content="https://..."> with a high-quality share image.

  • Twitter Card Pass

    twitter:card set to summary.

  • Structured Data Pass

    JSON-LD schema detected.

  • PWA Metadata Warning

    Manifest or Apple touch icon is missing.

    Fix: Link your web app manifest and apple-touch-icon for improved install/share experiences.

  • Open Graph/Twitter Quality Warning

    2 social preview quality issues detected.

    • • ISSUE: Use an absolute URL for og:image or twitter:image.
    • • ISSUE: twitter:card should be summary_large_image for richer previews.
    • • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
    • • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
    • • GUIDELINE: Optimal preview image size: 1200x630 pixels.
    • • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
    • • GUIDELINE: Optimal preview image file size: under 5 MB.
    • • GUIDELINE: Recommended twitter:card: summary_large_image.

    Fix: Use absolute OG/Twitter URLs, keep metadata lengths in recommended ranges, and provide a preview image near 1200x630 under 5MB.

Links Analysis

  • Internal Links Pass

    Checked 21 links. No broken internal links found.

  • External Links Pass

    No broken external links found in checked URLs.

  • Link Format Pass

    All 27 links use non-empty href values.

Performance & Runtime

  • Core Web Vitals: LCP Pass

    Largest Contentful Paint: 0.92s.

  • Core Web Vitals: CLS Pass

    Cumulative Layout Shift: 0.000.

  • Main Thread Blocking (TBT) Pass

    Total Blocking Time estimate: 0ms.

  • Broken Assets Error

    1 asset requests failed.

    • • https://static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516 (csp)

    Fix: Fix missing files, update asset URLs, and ensure static assets return HTTP 200.

  • JavaScript Runtime Errors Warning

    8 JavaScript runtime issues detected.

    • • Request failed: https://static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516 (csp, type: script)
    • • Request failed: https://eolstatus.com/products?_rsc=19zvn (net::ERR_ABORTED, type: fetch)
    • • Request failed: https://eolstatus.com/vendors?_rsc=19zvn (net::ERR_ABORTED, type: fetch)
    • • Request failed: https://eolstatus.com/ending-soon?_rsc=19zvn (net::ERR_ABORTED, type: fetch)
    • • Loading the script 'https://static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516' violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked. [https://eolstatus.com/:1]
    • • Connecting to 'https://analytics.google.com/g/collect?v=2&tid=G-Y7Z4B0VLCT&gtm=45je63b1v9229299196za200zd9229299196&_p=1773654783771&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=1941363375.1773654784&ul=en-us&sr=1280x800&uaa=x86&uab=64&uafvl=Not%253AA-Brand%3B99.0.0.0%7CHeadlessChrome%3B145.0.7632.6%7CChromium%3B145.0.7632.6&uamb=0&uam=&uap=Linux&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAAAGA&_s=1&tag_exp=103116026~103200004~115938465~115938469~116024733~117484252&sid=1773654783&sct=1&seg=0&dl=https%3A%2F%2Feolstatus.com%2F&dt=EOL%20Status%20-%20Upgrade%20before%20it%20hurts&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=980' violates the following Content Security Policy directive: "connect-src 'self' https://*.supabase.co https://api.stripe.com https://www.google-analytics.com https://www.googletagmanager.com". The action has been blocked. [https://www.googletagmanager.com/gtag/js?id=G-Y7Z4B0VLCT:246]
    • • Fetch API cannot load https://analytics.google.com/g/collect?v=2&tid=G-Y7Z4B0VLCT&gtm=45je63b1v9229299196za200zd9229299196&_p=1773654783771&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=1941363375.1773654784&ul=en-us&sr=1280x800&uaa=x86&uab=64&uafvl=Not%253AA-Brand%3B99.0.0.0%7CHeadlessChrome%3B145.0.7632.6%7CChromium%3B145.0.7632.6&uamb=0&uam=&uap=Linux&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAAAGA&_s=1&tag_exp=103116026~103200004~115938465~115938469~116024733~117484252&sid=1773654783&sct=1&seg=0&dl=https%3A%2F%2Feolstatus.com%2F&dt=EOL%20Status%20-%20Upgrade%20before%20it%20hurts&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=980. Refused to connect because it violates the document's Content Security Policy. [https://www.googletagmanager.com/gtag/js?id=G-Y7Z4B0VLCT:246]
    • • Connecting to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y7Z4B0VLCT&cid=1941363375.1773654784&gtm=45je63b1v9229299196za200zd9229299196&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=103116026~103200004~115938465~115938469~116024733~117484252' violates the following Content Security Policy directive: "connect-src 'self' https://*.supabase.co https://api.stripe.com https://www.google-analytics.com https://www.googletagmanager.com". The action has been blocked. [https://www.googletagmanager.com/gtag/js?id=G-Y7Z4B0VLCT:245]

    Fix: Fix JS files returning 404/failed requests and resolve the listed runtime exceptions.