Audit Result
UUID: 019efe9e-5310-732c-b4d1-ae61f8d53e83
https://www.ubique.ch/
Scanned 3 weeks ago
Meta Information
-
Title Tag Pass
Found 32 characters. Length is optimal.
-
Meta Description Pass
Found 155 characters. Good snippet length.
-
Canonical URL Warning
Canonical link not found.
Fix: Add <link rel="canonical" href="https://example.com/page"> to avoid duplicate URL ambiguity.
-
-
Viewport Meta Pass
Viewport configured: width=device-width, initial-scale=1
-
HTML Lang Pass
Language declared as "de".
Content Structure
-
H1 Tag Pass
Exactly one H1 found: "Sinnvoll digitalisieren".
-
Heading Hierarchy Pass
Valid heading flow across 23 headings.
-
Image Alt Text Error
38 of 38 images are missing alt text.
Fix: Add meaningful alt attributes to all informative images for accessibility and image SEO.
Technical Optimization
-
HTTPS Pass
Page is served over HTTPS.
-
HSTS & HTTPS Redirect Warning
1 HTTPS hardening issues detected.
- • Could not probe the HTTP version of this page.
- • Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.
-
Security Headers Pass
Core security headers were detected.
Full HTTP headers (17)
- • accept-ranges: bytes
- • alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
- • content-encoding: br
- • content-length: 12810
- • content-security-policy: default-src 'self'; script-src 'self' https://ajax.googleapis.com https://d3e54v103j8qbb.cloudfront.net https://cdn.weglot.com https://umami.ubique.ch 'sha256-tIvLmE/4s9V9IusXiA8/P2XOHu9kkoKsqtq84VH0JwE=' 'sha256-VMIhodIFuws5W+sRSE4a+RLRSfWR7v/hMcaNpCelUfw=' 'sha256-mjdgHR9aXy+6OwAGlNS/XgNcYG1Uhd2U4pl8vi7+XCY=' 'sha256-P5Kdl9BOljIyMCtvL+ZkNvUFdV0fvbuyp2z2Enj6FJU=' 'sha256-5M1hKjuGx9sQ4SGZrNlosuGJopCBoDjTWwg/dJDROUc=' 'sha256-FoSWLgCRBqHTOknp3g/5+0ZXTVHGrOHQtEMl708ODc4=' 'sha256-G1WB4T2eod+z2Yf62XD89rycljpX3ojuXp1X+h7A4uc=' 'sha256-vqe/lLkKHczSyHIFhvwhmI8iw014E7qs/Gsk2uXe2dU='; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.weglot.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https://uploads-ssl.webflow.com https://cdn.weglot.com https://fonts.gstatic.com https://www.datocms-assets.com; media-src 'self' https://uploads-ssl.webflow.com; connect-src 'self' https://umami.ubique.ch https://api.weglot.com https://cdn-api-weglot.com https://translations.weglot.io https://switchers.weglot.io https://exclusions.weglot.io https://definitions.weglot.io https://*.weglot.com https://*.weglot.io https://http-intake.logs.datadoghq.com https://*.datadoghq.com https://cdnjs.cloudflare.com; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com; frame-ancestors 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests
- • content-type: text/html
- • date: Thu, 25 Jun 2026 11:50:28 GMT
- • etag: "109aa-6a3bea81-7b0912393695440b;br"
- • last-modified: Wed, 24 Jun 2026 14:32:33 GMT
- • permissions-policy: geolocation=(), camera=(), microphone=(), usb=(), payment=(), accelerometer=(), gyroscope=(), magnetometer=()
- • referrer-policy: strict-origin-when-cross-origin
- • report-to: { \"group\": \"csp-endpoint\", \"max_age\": 10886400, \"endpoints\": [ { \"url\": \"https://example.com/report-csp\" } ] }
- • strict-transport-security: max-age=31536000; includeSubDomains; preload
- • vary: Accept-Encoding
- • x-content-type-options: nosniff
- • x-frame-options: DENY
- • x-xss-protection: 0
-
CSP Quality Pass
Content Security Policy looks restrictive and avoids common unsafe directives.
- • Content-Security-Policy: default-src 'self'; script-src 'self' https://ajax.googleapis.com https://d3e54v103j8qbb.cloudfront.net https://cdn.weglot.com https://umami.ubique.ch 'sha256-tIvLmE/4s9V9IusXiA8/P2XOHu9kkoKsqtq84VH0JwE=' 'sha256-VMIhodIFuws5W+sRSE4a+RLRSfWR7v/hMcaNpCelUfw=' 'sha256-mjdgHR9aXy+6OwAGlNS/XgNcYG1Uhd2U4pl8vi7+XCY=' 'sha256-P5Kdl9BOljIyMCtvL+ZkNvUFdV0fvbuyp2z2Enj6FJU=' 'sha256-5M1hKjuGx9sQ4SGZrNlosuGJopCBoDjTWwg/dJDROUc=' 'sha256-FoSWLgCRBqHTOknp3g/5+0ZXTVHGrOHQtEMl708ODc4=' 'sha256-G1WB4T2eod+z2Yf62XD89rycljpX3ojuXp1X+h7A4uc=' 'sha256-vqe/lLkKHczSyHIFhvwhmI8iw014E7qs/Gsk2uXe2dU='; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.weglot.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https://uploads-ssl.webflow.com https://cdn.weglot.com https://fonts.gstatic.com https://www.datocms-assets.com; media-src 'self' https://uploads-ssl.webflow.com; connect-src 'self' https://umami.ubique.ch https://api.weglot.com https://cdn-api-weglot.com https://translations.weglot.io https://switchers.weglot.io https://exclusions.weglot.io https://definitions.weglot.io https://*.weglot.com https://*.weglot.io https://http-intake.logs.datadoghq.com https://*.datadoghq.com https://cdnjs.cloudflare.com; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com; frame-ancestors 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests
-
Cookie Security Pass
No first-party cookies were set during the initial page load.
-
Server response headers do not expose version tokens.
-
Cloudflare Proxy Warning
Domain does not appear to be behind Cloudflare.
-
Perceived Load Time Pass
Loaded in 0.92s (perceived).
-
Render Blocking Resources Warning
2 scripts and 5 styles may block rendering.
- • script: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
- • script: https://cdn.weglot.com/weglot.min.js
- • style: https://www.ubique.ch/css/normalize.css
- • style: https://www.ubique.ch/css/components.css
- • style: https://www.ubique.ch/css/dev-ubique.css
- • style: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
- • style: https://cdn.weglot.com/weglot.min.css?v=11
Fix: Defer non-critical scripts and inline critical CSS to improve first paint speed.
-
Compression Warning
1 text resources look uncompressed.
- • https://umami.ubique.ch/api/collect (application/json; charset=utf-8)
Fix: Enable Brotli or Gzip compression for HTML, CSS, JS, and JSON responses.
-
Robots.txt Error
robots.txt missing or inaccessible (404).
Fix: Create a robots.txt file at https://www.ubique.ch/robots.txt and allow intended crawlers.
-
Sitemap File Warning
Sitemap missing or inaccessible at https://www.ubique.ch/sitemap.xml (404).
Fix: Publish a sitemap.xml and reference it in robots.txt with: Sitemap: https://www.ubique.ch/sitemap.xml
-
Crawl Directives Warning
No robots meta tag defined.
Fix: Add <meta name="robots" content="index,follow"> (or the intended directive) in <head>.
Accessibility Basics
-
Form Labels Pass
All 0 controls are labeled.
-
Landmarks Warning
Missing landmarks: main, footer.
Fix: Use semantic regions (<header>, <nav>, <main>, <footer>) for navigation and assistive tech.
-
Tap Target Size Warning
6 interactive elements appear smaller than 48px.
- • a.ublogo_home.w-inline-block - 200x41px
- • a.ubfooter__socials_linkbox.w-inline-block - 24x24px
- • a.ubfooter__socials_linkbox.w-inline-block - 24x24px
- • a.ubfooter__socials_linkbox.w-inline-block - 22x24px
- • a.ubfooter__txt-imprint (Impressum) - 94x26px
- • a.ubfooter__txt-imprint.margin-right-auto (Datenschutz) - 105x26px
Fix: Increase target size to at least 48x48 CSS pixels for touch interactions.
Social & Rich Results
-
Open Graph Basics Pass
Core Open Graph tags are present.
-
-
Twitter Card Pass
twitter:card set to summary_large_image.
-
Structured Data Warning
No JSON-LD schema scripts found.
Fix: Add JSON-LD structured data matching your page type (Organization, Article, Product, etc.).
-
PWA Metadata Warning
Manifest or Apple touch icon is missing.
Fix: Link your web app manifest and apple-touch-icon for improved install/share experiences.
-
Open Graph/Twitter Quality Warning
1 social preview quality issues detected.
- • ISSUE: og:url should be an absolute URL.
- • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
- • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
- • GUIDELINE: Optimal preview image size: 1200x630 pixels.
- • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
- • GUIDELINE: Optimal preview image file size: under 5 MB.
- • GUIDELINE: Recommended twitter:card: summary_large_image.
- • MEASURED: Image size: 0.02 MB
- • MEASURED: Image dimensions: 1200x675
Fix: Use absolute OG/Twitter URLs, keep metadata lengths in recommended ranges, and provide a preview image near 1200x630 under 5MB.
Links Analysis
-
Internal Links Pass
Checked 26 links. No broken internal links found.
-
External Links Pass
No broken external links found in checked URLs.
-
Link Format Warning
4 links are empty, invalid, or placeholder-only.
- • href="#" text="Deutsch"
- • href="#" text="Englisch"
- • href="#"
- • href="#"
Fix: Replace empty/#/javascript href values with real destinations or use buttons for non-navigation actions.
Performance & Runtime
-
Core Web Vitals: LCP Error
Largest Contentful Paint: 5.55s.
Fix: Improve LCP by optimizing above-the-fold media, reducing server latency, and inlining critical CSS.
-
Core Web Vitals: CLS Pass
Cumulative Layout Shift: 0.005.
-
Total Blocking Time estimate: 14ms.
-
Broken Assets Pass
No failed CSS/JS/image/font/media requests detected.
-
JavaScript Runtime Errors Warning
1 JavaScript runtime issues detected.
- • Executing inline script violates the following Content Security Policy directive 'script-src 'self' https://ajax.googleapis.com https://d3e54v103j8qbb.cloudfront.net https://cdn.weglot.com https://umami.ubique.ch 'sha256-tIvLmE/4s9V9IusXiA8/P2XOHu9kkoKsqtq84VH0JwE=' 'sha256-VMIhodIFuws5W+sRSE4a+RLRSfWR7v/hMcaNpCelUfw=' 'sha256-mjdgHR9aXy+6OwAGlNS/XgNcYG1Uhd2U4pl8vi7+XCY=' 'sha256-P5Kdl9BOljIyMCtvL+ZkNvUFdV0fvbuyp2z2Enj6FJU=' 'sha256-5M1hKjuGx9sQ4SGZrNlosuGJopCBoDjTWwg/dJDROUc=' 'sha256-FoSWLgCRBqHTOknp3g/5+0ZXTVHGrOHQtEMl708ODc4=' 'sha256-G1WB4T2eod+z2Yf62XD89rycljpX3ojuXp1X+h7A4uc=' 'sha256-vqe/lLkKHczSyHIFhvwhmI8iw014E7qs/Gsk2uXe2dU=''. Either the 'unsafe-inline' keyword, a hash ('sha256-x2wNDlQ/uAYnJbaPd9qiDLBCLv4jMH0cMg0zZrmwbqk='), or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked. [https://www.ubique.ch/:609]
Fix: Fix JS files returning 404/failed requests and resolve the listed runtime exceptions.