Audit Result

UUID: 019efe9e-5310-732c-b4d1-ae61f8d53e83

www.ubique.ch

https://www.ubique.ch/

Scanned 3 weeks ago

74
Fair Score
39 total checks
Passed
22
Warnings
14
Errors
3

Meta Information

  • Title Tag Pass

    Found 32 characters. Length is optimal.

  • Found 155 characters. Good snippet length.

  • Canonical URL Warning

    Canonical link not found.

    Fix: Add <link rel="canonical" href="https://example.com/page"> to avoid duplicate URL ambiguity.

  • Favicon Pass

    Favicon found and reachable: images/favicon.png (HTTP 200).

    Favicon
  • Viewport configured: width=device-width, initial-scale=1

  • HTML Lang Pass

    Language declared as "de".

Content Structure

  • H1 Tag Pass

    Exactly one H1 found: "Sinnvoll digitalisieren".

  • Valid heading flow across 23 headings.

  • 38 of 38 images are missing alt text.

    Fix: Add meaningful alt attributes to all informative images for accessibility and image SEO.

Technical Optimization

  • HTTPS Pass

    Page is served over HTTPS.

  • 1 HTTPS hardening issues detected.

    • • Could not probe the HTTP version of this page.
    • • Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

    Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.

  • Core security headers were detected.

    Full HTTP headers (17)
    • • accept-ranges: bytes
    • • alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
    • • content-encoding: br
    • • content-length: 12810
    • • content-security-policy: default-src 'self'; script-src 'self' https://ajax.googleapis.com https://d3e54v103j8qbb.cloudfront.net https://cdn.weglot.com https://umami.ubique.ch 'sha256-tIvLmE/4s9V9IusXiA8/P2XOHu9kkoKsqtq84VH0JwE=' 'sha256-VMIhodIFuws5W+sRSE4a+RLRSfWR7v/hMcaNpCelUfw=' 'sha256-mjdgHR9aXy+6OwAGlNS/XgNcYG1Uhd2U4pl8vi7+XCY=' 'sha256-P5Kdl9BOljIyMCtvL+ZkNvUFdV0fvbuyp2z2Enj6FJU=' 'sha256-5M1hKjuGx9sQ4SGZrNlosuGJopCBoDjTWwg/dJDROUc=' 'sha256-FoSWLgCRBqHTOknp3g/5+0ZXTVHGrOHQtEMl708ODc4=' 'sha256-G1WB4T2eod+z2Yf62XD89rycljpX3ojuXp1X+h7A4uc=' 'sha256-vqe/lLkKHczSyHIFhvwhmI8iw014E7qs/Gsk2uXe2dU='; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.weglot.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https://uploads-ssl.webflow.com https://cdn.weglot.com https://fonts.gstatic.com https://www.datocms-assets.com; media-src 'self' https://uploads-ssl.webflow.com; connect-src 'self' https://umami.ubique.ch https://api.weglot.com https://cdn-api-weglot.com https://translations.weglot.io https://switchers.weglot.io https://exclusions.weglot.io https://definitions.weglot.io https://*.weglot.com https://*.weglot.io https://http-intake.logs.datadoghq.com https://*.datadoghq.com https://cdnjs.cloudflare.com; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com; frame-ancestors 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests
    • • content-type: text/html
    • • date: Thu, 25 Jun 2026 11:50:28 GMT
    • • etag: "109aa-6a3bea81-7b0912393695440b;br"
    • • last-modified: Wed, 24 Jun 2026 14:32:33 GMT
    • • permissions-policy: geolocation=(), camera=(), microphone=(), usb=(), payment=(), accelerometer=(), gyroscope=(), magnetometer=()
    • • referrer-policy: strict-origin-when-cross-origin
    • • report-to: { \"group\": \"csp-endpoint\", \"max_age\": 10886400, \"endpoints\": [ { \"url\": \"https://example.com/report-csp\" } ] }
    • • strict-transport-security: max-age=31536000; includeSubDomains; preload
    • • vary: Accept-Encoding
    • • x-content-type-options: nosniff
    • • x-frame-options: DENY
    • • x-xss-protection: 0
  • Content Security Policy looks restrictive and avoids common unsafe directives.

    • • Content-Security-Policy: default-src 'self'; script-src 'self' https://ajax.googleapis.com https://d3e54v103j8qbb.cloudfront.net https://cdn.weglot.com https://umami.ubique.ch 'sha256-tIvLmE/4s9V9IusXiA8/P2XOHu9kkoKsqtq84VH0JwE=' 'sha256-VMIhodIFuws5W+sRSE4a+RLRSfWR7v/hMcaNpCelUfw=' 'sha256-mjdgHR9aXy+6OwAGlNS/XgNcYG1Uhd2U4pl8vi7+XCY=' 'sha256-P5Kdl9BOljIyMCtvL+ZkNvUFdV0fvbuyp2z2Enj6FJU=' 'sha256-5M1hKjuGx9sQ4SGZrNlosuGJopCBoDjTWwg/dJDROUc=' 'sha256-FoSWLgCRBqHTOknp3g/5+0ZXTVHGrOHQtEMl708ODc4=' 'sha256-G1WB4T2eod+z2Yf62XD89rycljpX3ojuXp1X+h7A4uc=' 'sha256-vqe/lLkKHczSyHIFhvwhmI8iw014E7qs/Gsk2uXe2dU='; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.weglot.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https://uploads-ssl.webflow.com https://cdn.weglot.com https://fonts.gstatic.com https://www.datocms-assets.com; media-src 'self' https://uploads-ssl.webflow.com; connect-src 'self' https://umami.ubique.ch https://api.weglot.com https://cdn-api-weglot.com https://translations.weglot.io https://switchers.weglot.io https://exclusions.weglot.io https://definitions.weglot.io https://*.weglot.com https://*.weglot.io https://http-intake.logs.datadoghq.com https://*.datadoghq.com https://cdnjs.cloudflare.com; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com; frame-ancestors 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests
  • No first-party cookies were set during the initial page load.

  • Server response headers do not expose version tokens.

  • Domain does not appear to be behind Cloudflare.

  • Loaded in 0.92s (perceived).

  • 2 scripts and 5 styles may block rendering.

    • • script: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
    • • script: https://cdn.weglot.com/weglot.min.js
    • • style: https://www.ubique.ch/css/normalize.css
    • • style: https://www.ubique.ch/css/components.css
    • • style: https://www.ubique.ch/css/dev-ubique.css
    • • style: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
    • • style: https://cdn.weglot.com/weglot.min.css?v=11

    Fix: Defer non-critical scripts and inline critical CSS to improve first paint speed.

  • Compression Warning

    1 text resources look uncompressed.

    • • https://umami.ubique.ch/api/collect (application/json; charset=utf-8)

    Fix: Enable Brotli or Gzip compression for HTML, CSS, JS, and JSON responses.

  • Robots.txt Error

    robots.txt missing or inaccessible (404).

    Fix: Create a robots.txt file at https://www.ubique.ch/robots.txt and allow intended crawlers.

  • Sitemap File Warning

    Sitemap missing or inaccessible at https://www.ubique.ch/sitemap.xml (404).

    Fix: Publish a sitemap.xml and reference it in robots.txt with: Sitemap: https://www.ubique.ch/sitemap.xml

  • No robots meta tag defined.

    Fix: Add <meta name="robots" content="index,follow"> (or the intended directive) in <head>.

Accessibility Basics

  • All 0 controls are labeled.

  • Landmarks Warning

    Missing landmarks: main, footer.

    Fix: Use semantic regions (<header>, <nav>, <main>, <footer>) for navigation and assistive tech.

  • Tap Target Size Warning

    6 interactive elements appear smaller than 48px.

    • • a.ublogo_home.w-inline-block - 200x41px
    • • a.ubfooter__socials_linkbox.w-inline-block - 24x24px
    • • a.ubfooter__socials_linkbox.w-inline-block - 24x24px
    • • a.ubfooter__socials_linkbox.w-inline-block - 22x24px
    • • a.ubfooter__txt-imprint (Impressum) - 94x26px
    • • a.ubfooter__txt-imprint.margin-right-auto (Datenschutz) - 105x26px

    Fix: Increase target size to at least 48x48 CSS pixels for touch interactions.

Social & Rich Results

  • Core Open Graph tags are present.

  • og:image is present and absolute.

    Open Graph Image
  • twitter:card set to summary_large_image.

  • Structured Data Warning

    No JSON-LD schema scripts found.

    Fix: Add JSON-LD structured data matching your page type (Organization, Article, Product, etc.).

  • PWA Metadata Warning

    Manifest or Apple touch icon is missing.

    Fix: Link your web app manifest and apple-touch-icon for improved install/share experiences.

  • 1 social preview quality issues detected.

    • • ISSUE: og:url should be an absolute URL.
    • • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
    • • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
    • • GUIDELINE: Optimal preview image size: 1200x630 pixels.
    • • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
    • • GUIDELINE: Optimal preview image file size: under 5 MB.
    • • GUIDELINE: Recommended twitter:card: summary_large_image.
    • • MEASURED: Image size: 0.02 MB
    • • MEASURED: Image dimensions: 1200x675

    Fix: Use absolute OG/Twitter URLs, keep metadata lengths in recommended ranges, and provide a preview image near 1200x630 under 5MB.

Links Analysis

  • Checked 26 links. No broken internal links found.

  • No broken external links found in checked URLs.

  • Link Format Warning

    4 links are empty, invalid, or placeholder-only.

    • • href="#" text="Deutsch"
    • • href="#" text="Englisch"
    • • href="#"
    • • href="#"

    Fix: Replace empty/#/javascript href values with real destinations or use buttons for non-navigation actions.

Performance & Runtime

  • Largest Contentful Paint: 5.55s.

    Fix: Improve LCP by optimizing above-the-fold media, reducing server latency, and inlining critical CSS.

  • Cumulative Layout Shift: 0.005.

  • Total Blocking Time estimate: 14ms.

  • No failed CSS/JS/image/font/media requests detected.

  • 1 JavaScript runtime issues detected.

    • • Executing inline script violates the following Content Security Policy directive 'script-src 'self' https://ajax.googleapis.com https://d3e54v103j8qbb.cloudfront.net https://cdn.weglot.com https://umami.ubique.ch 'sha256-tIvLmE/4s9V9IusXiA8/P2XOHu9kkoKsqtq84VH0JwE=' 'sha256-VMIhodIFuws5W+sRSE4a+RLRSfWR7v/hMcaNpCelUfw=' 'sha256-mjdgHR9aXy+6OwAGlNS/XgNcYG1Uhd2U4pl8vi7+XCY=' 'sha256-P5Kdl9BOljIyMCtvL+ZkNvUFdV0fvbuyp2z2Enj6FJU=' 'sha256-5M1hKjuGx9sQ4SGZrNlosuGJopCBoDjTWwg/dJDROUc=' 'sha256-FoSWLgCRBqHTOknp3g/5+0ZXTVHGrOHQtEMl708ODc4=' 'sha256-G1WB4T2eod+z2Yf62XD89rycljpX3ojuXp1X+h7A4uc=' 'sha256-vqe/lLkKHczSyHIFhvwhmI8iw014E7qs/Gsk2uXe2dU=''. Either the 'unsafe-inline' keyword, a hash ('sha256-x2wNDlQ/uAYnJbaPd9qiDLBCLv4jMH0cMg0zZrmwbqk='), or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked. [https://www.ubique.ch/:609]

    Fix: Fix JS files returning 404/failed requests and resolve the listed runtime exceptions.