Audit Result

UUID: 019efa8f-375f-73e4-bd2e-eb0557ad4082

nexxus-tech.com

https://nexxus-tech.com/

Scanned 3 weeks ago

95
Excellent Score
39 total checks
Passed
35
Warnings
4
Errors
0

Meta Information

  • Title Tag Pass

    Found 51 characters. Length is optimal.

  • Found 133 characters. Good snippet length.

  • Canonical found: https://nexxus-tech.com/

  • Favicon Pass

    Favicon found and reachable: /nexxus-tech-favicon.png (HTTP 200).

    Favicon
  • Viewport configured: width=device-width, initial-scale=1.0

  • HTML Lang Pass

    Language declared as "en".

Content Structure

  • H1 Tag Pass

    Exactly one H1 found: "Securing the World'sMost Critical Applications".

  • Valid heading flow across 29 headings.

  • All 3 images include alt text.

Technical Optimization

  • HTTPS Pass

    Page is served over HTTPS.

  • 1 HTTPS hardening issues detected.

    • • Could not probe the HTTP version of this page.
    • • Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

    Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.

  • Core security headers were detected.

    Full HTTP headers (14)
    • • cache-control: no-cache, must-revalidate
    • • content-encoding: gzip
    • • content-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self'; style-src 'self'; style-src-elem 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; font-src 'self' data:; img-src 'self' data: https:; connect-src 'self'; upgrade-insecure-requests
    • • content-type: text/html
    • • date: Wed, 24 Jun 2026 16:55:35 GMT
    • • etag: W/"6a3c0ba8-28d4"
    • • last-modified: Wed, 24 Jun 2026 16:54:00 GMT
    • • referrer-policy: no-referrer-when-downgrade
    • • server: nginx
    • • strict-transport-security: max-age=63072000; includeSubDomains; preload
    • • vary: Accept-Encoding
    • • x-content-type-options: nosniff
    • • x-frame-options: SAMEORIGIN
    • • x-xss-protection: 1; mode=block
  • Content Security Policy looks restrictive and avoids common unsafe directives.

    • • Content-Security-Policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self'; style-src 'self'; style-src-elem 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; font-src 'self' data:; img-src 'self' data: https:; connect-src 'self'; upgrade-insecure-requests
  • No first-party cookies were set during the initial page load.

  • Server response headers do not expose version tokens.

  • Domain does not appear to be behind Cloudflare.

  • Loaded in 1.00s (perceived).

  • 0 scripts and 1 styles may block rendering.

    • • style: https://nexxus-tech.com/assets/index-z2N-Favy.css

    Fix: Defer non-critical scripts and inline critical CSS to improve first paint speed.

  • Text-like assets appear compressed.

  • Robots.txt Pass

    Found robots.txt (200).

  • Found sitemap (200) at https://nexxus-tech.com/sitemap.xml.

  • Robots meta found: index, follow

Accessibility Basics

  • All 0 controls are labeled.

  • Landmarks Pass

    Header, nav, main, and footer landmarks are present.

  • Interactive targets look touch-friendly.

Social & Rich Results

  • Core Open Graph tags are present.

  • og:image is present and absolute.

    Open Graph Image
  • twitter:card set to summary_large_image.

  • JSON-LD schema detected.

  • Manifest and Apple touch icon are configured.

  • Social preview metadata and image quality look good for Open Graph/Twitter.

    • • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
    • • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
    • • GUIDELINE: Optimal preview image size: 1200x630 pixels.
    • • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
    • • GUIDELINE: Optimal preview image file size: under 5 MB.
    • • GUIDELINE: Recommended twitter:card: summary_large_image.
    • • MEASURED: Image size: 0.12 MB
    • • MEASURED: Image dimensions: 1200x630

Links Analysis

  • Checked 12 links. No broken internal links found.

  • No broken external links found in checked URLs.

  • All 33 links use non-empty href values.

Performance & Runtime

  • Largest Contentful Paint: 1.88s.

  • Cumulative Layout Shift: 0.047.

  • Total Blocking Time estimate: 98ms.

  • No failed CSS/JS/image/font/media requests detected.

  • 1 JavaScript runtime issues detected.

    • • Executing inline event handler violates the following Content Security Policy directive 'script-src 'self''. Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. The action has been blocked. [https://nexxus-tech.com/:63]

    Fix: Fix JS files returning 404/failed requests and resolve the listed runtime exceptions.