Audit Result
UUID: 019ebfac-cdb2-71dd-82cf-c91ced0533bb
https://waseelah.io/
Scanned 1 month ago
Meta Information
-
Title Tag Warning
Found 21 characters. Keep title between 30 and 60 characters.
Fix: Add a unique <title> tag describing the main page intent in 30-60 characters.
-
Meta Description Warning
Found 165 characters. Keep description around 70-160 characters.
Fix: Add <meta name="description" content="..."> in <head> with a clear page summary.
-
Canonical URL Pass
Canonical found: https://waseelah.io/
-
Favicon Warning
No favicon link found in <head>.
Fix: Add <link rel="icon" href="/favicon.ico"> to ensure browser tab and bookmark visibility.
-
Viewport Meta Pass
Viewport configured: width=device-width, initial-scale=1.0
-
HTML Lang Pass
Language declared as "ar".
Content Structure
-
H1 Tag Pass
Exactly one H1 found: "نبني مستقبل أعمالك.".
-
Heading Hierarchy Pass
Valid heading flow across 12 headings.
-
Image Alt Text Error
2 of 3 images are missing alt text.
Fix: Add meaningful alt attributes to all informative images for accessibility and image SEO.
Technical Optimization
-
HTTPS Pass
Page is served over HTTPS.
-
HSTS & HTTPS Redirect Warning
2 HTTPS hardening issues detected.
- • Missing Strict-Transport-Security header.
- • Could not probe the HTTP version of this page.
Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.
-
Security Headers Warning
Missing: strict-transport-security, content-security-policy, x-frame-options.
Full HTTP headers (13)
- • access-control-allow-origin: *
- • alt-svc: h3=":443"; ma=86400
- • cache-control: public, max-age=0, must-revalidate
- • cf-ray: a0af0c0e8c410b2a-IAD
- • content-encoding: br
- • content-type: text/html; charset=utf-8
- • date: Sat, 13 Jun 2026 06:30:31 GMT
- • link: <https://fonts.googleapis.com>; rel="preconnect"
- • nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
- • referrer-policy: strict-origin-when-cross-origin
- • report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dSmzS5%2FK8eZVAsu2cuUpE394NgrfF6pRHCcvGdIb1u8rS8eG%2BuaJl7QFr2QcPWGL4oI4HyHSo3%2BOL52GORhwwy9Vc306kWMViJfVioc7pZsElH3W4rnkpEcHU8GsjXi9MmSWQBcr99F%2FEg%3D%3D"}]}
- • server: cloudflare
- • x-content-type-options: nosniff
Fix: Add the missing security headers at your reverse proxy or application layer.
-
CSP Quality Warning
Content-Security-Policy header is missing.
- • Missing Content-Security-Policy header.
Fix: Define a restrictive Content-Security-Policy and avoid unsafe directives such as unsafe-inline and unsafe-eval.
-
Cookie Security Pass
No first-party cookies were set during the initial page load.
-
Server response headers do not expose version tokens.
-
Cloudflare Proxy Pass
Domain appears to be behind Cloudflare.
- • server: cloudflare
- • cf-ray: a0af0c0e8c410b2a-IAD
-
Perceived Load Time Pass
Loaded in 0.69s (perceived).
-
Render Blocking Resources Warning
3 scripts and 2 styles may block rendering.
- • script: https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.5/gsap.min.js
- • script: https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.5/ScrollTrigger.min.js
- • script: https://cdn.jsdelivr.net/npm/[email protected]/dist/lenis.min.js
- • style: https://fonts.googleapis.com/css2?family=Noto+Kufi+Arabic:wght@400;500;600;700&family=IBM+Plex+Sans+Arabic:wght@300;400;500;700&family=IBM+Plex+Mono:wght@400;500&display=swap
- • style: https://api.fontshare.com/v2/css?f[]=clash-display@500,600,700&f[]=satoshi@300,400,500,700&display=swap
Fix: Defer non-critical scripts and inline critical CSS to improve first paint speed.
-
Compression Warning
1 text resources look uncompressed.
- • https://api.fontshare.com/v2/css?f[]=clash-display@500,600,700&f[]=satoshi@300,400,500,700&display=swap (text/css)
Fix: Enable Brotli or Gzip compression for HTML, CSS, JS, and JSON responses.
-
Robots.txt Pass
Found robots.txt (200).
-
Sitemap File Pass
Found sitemap (200) at https://waseelah.io/sitemap.xml.
-
Crawl Directives Pass
Robots meta found: index, follow
Accessibility Basics
-
Form Labels Pass
All 0 controls are labeled.
-
Landmarks Pass
Header, nav, main, and footer landmarks are present.
-
Tap Target Size Warning
2 interactive elements appear smaller than 48px.
- • a.logo.magnetic (Waseelah Home) - 53x30px
- • button#lang-toggle.lang-switcher.hover-target (Toggle Language) - 90x35px
Fix: Increase target size to at least 48x48 CSS pixels for touch interactions.
Social & Rich Results
-
Open Graph Basics Pass
Core Open Graph tags are present.
-
-
Twitter Card Pass
twitter:card set to summary_large_image.
-
Structured Data Warning
No JSON-LD schema scripts found.
Fix: Add JSON-LD structured data matching your page type (Organization, Article, Product, etc.).
-
PWA Metadata Warning
Manifest or Apple touch icon is missing.
Fix: Link your web app manifest and apple-touch-icon for improved install/share experiences.
-
Open Graph/Twitter Quality Warning
1 social preview quality issues detected.
- • ISSUE: Could not determine preview image dimensions.
- • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
- • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
- • GUIDELINE: Optimal preview image size: 1200x630 pixels.
- • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
- • GUIDELINE: Optimal preview image file size: under 5 MB.
- • GUIDELINE: Recommended twitter:card: summary_large_image.
- • MEASURED: Image size: 0.06 MB
Fix: Use absolute OG/Twitter URLs, keep metadata lengths in recommended ranges, and provide a preview image near 1200x630 under 5MB.
Links Analysis
-
Internal Links Pass
Checked 1 links. No broken internal links found.
-
External Links Pass
No broken external links found in checked URLs.
-
Link Format Pass
All 7 links use non-empty href values.
Performance & Runtime
-
Core Web Vitals: LCP Pass
Largest Contentful Paint: 0.69s.
-
Core Web Vitals: CLS Pass
Cumulative Layout Shift: 0.000.
-
Main Thread Blocking (TBT) Warning
Total Blocking Time estimate: 205ms.
Fix: Reduce heavy JavaScript work, split long tasks, and defer non-critical scripts.
-
Broken Assets Pass
No failed CSS/JS/image/font/media requests detected.
-
No console/page runtime errors detected during audit.