Audit Result

UUID: 019f11bb-5900-721b-9b57-d95fabe52951

bargen.pro

https://bargen.pro/

Scanned 2 weeks ago

73
Fair Score
39 total checks
Passed
20
Warnings
17
Errors
2

Meta Information

  • Title Tag Warning

    Found 65 characters. Keep title between 30 and 60 characters.

    Fix: Add a unique <title> tag describing the main page intent in 30-60 characters.

  • Found 109 characters. Good snippet length.

  • Canonical URL Warning

    Canonical link not found.

    Fix: Add <link rel="canonical" href="https://example.com/page"> to avoid duplicate URL ambiguity.

  • Favicon Pass

    Favicon found and reachable: https://bargen.pro/assets/images/favicon.svg (HTTP 200).

    Favicon
  • Viewport configured: width=device-width, initial-scale=1.0

  • HTML Lang Pass

    Language declared as "en".

Content Structure

  • H1 Tag Pass

    Exactly one H1 found: "Generate Barcodes & QR Codes with One API Call".

  • Detected 1 heading level jumps.

    • • Skipped from h2 to h4: "Ready to get started?" -> "Product".

    Fix: Follow semantic order (h1 -> h2 -> h3) and avoid skipping heading levels.

  • All 4 images include alt text.

Technical Optimization

  • HTTPS Pass

    Page is served over HTTPS.

  • 1 HTTPS hardening issues detected.

    • • Could not probe the HTTP version of this page.
    • • Strict-Transport-Security: max-age=31536000; includeSubDomains

    Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.

  • Core security headers were detected.

    Full HTTP headers (14)
    • • cache-control: no-store, no-cache, must-revalidate
    • • content-encoding: gzip
    • • content-security-policy: default-src 'self' https://bargen.pro; script-src 'self' 'unsafe-inline' https://bargen.pro https://challenges.cloudflare.com https://js.stripe.com https://unpkg.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://bargen.pro https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://bargen.pro https://fonts.gstatic.com; connect-src 'self' https://api.bargen.pro https://api.stripe.com https://unpkg.com https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com; frame-src https://challenges.cloudflare.com https://js.stripe.com; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'
    • • content-type: text/html; charset=UTF-8
    • • date: Mon, 29 Jun 2026 04:52:12 GMT
    • • expires: Thu, 19 Nov 1981 08:52:00 GMT
    • • permissions-policy: camera=(), microphone=(), geolocation=(), payment=()
    • • pragma: no-cache
    • • referrer-policy: strict-origin-when-cross-origin strict-origin-when-cross-origin
    • • server: nginx
    • • strict-transport-security: max-age=31536000; includeSubDomains
    • • x-content-type-options: nosniff nosniff
    • • x-frame-options: DENY SAMEORIGIN
    • • x-xss-protection: 1; mode=block 1; mode=block
  • CSP Quality Error

    1 CSP hardening issues detected.

    • • script-src/default-src permits 'unsafe-inline'.
    • • Content-Security-Policy: default-src 'self' https://bargen.pro; script-src 'self' 'unsafe-inline' https://bargen.pro https://challenges.cloudflare.com https://js.stripe.com https://unpkg.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://bargen.pro https://fonts.googleapis.com; img-src 'self' data: blob: https:; font-src 'self' data: https://bargen.pro https://fonts.gstatic.com; connect-src 'self' https://api.bargen.pro https://api.stripe.com https://unpkg.com https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com; frame-src https://challenges.cloudflare.com https://js.stripe.com; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'

    Fix: Tighten Content-Security-Policy by removing unsafe directives and adding object-src, base-uri, and frame-ancestors restrictions.

  • No first-party cookies were set during the initial page load.

  • Server response headers do not expose version tokens.

  • Domain does not appear to be behind Cloudflare.

  • Loaded in 0.79s (perceived).

  • 1 scripts and 2 styles may block rendering.

    • • script: https://unpkg.com/lucide@latest/dist/umd/lucide.min.js
    • • style: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;400;500;600;700&family=JetBrains+Mono:wght@400;500;600&family=Outfit:wght@400;500;600;700&display=swap
    • • style: https://bargen.pro/assets/css/app.css

    Fix: Defer non-critical scripts and inline critical CSS to improve first paint speed.

  • Compression Warning

    4 text resources look uncompressed.

    • • https://bargen.pro/assets/css/app.css (text/css)
    • • https://bargen.pro/assets/js/theme.js (application/javascript)
    • • https://bargen.pro/assets/js/app.js (application/javascript)
    • • https://bargen.pro/assets/js/components/dropdown.js (application/javascript)

    Fix: Enable Brotli or Gzip compression for HTML, CSS, JS, and JSON responses.

  • Robots.txt Error

    robots.txt missing or inaccessible (404).

    Fix: Create a robots.txt file at https://bargen.pro/robots.txt and allow intended crawlers.

  • Sitemap File Warning

    Sitemap missing or inaccessible at https://bargen.pro/sitemap.xml (404).

    Fix: Publish a sitemap.xml and reference it in robots.txt with: Sitemap: https://bargen.pro/sitemap.xml

  • No robots meta tag defined.

    Fix: Add <meta name="robots" content="index,follow"> (or the intended directive) in <head>.

Accessibility Basics

  • All 0 controls are labeled.

  • Landmarks Warning

    Missing landmarks: header.

    Fix: Use semantic regions (<header>, <nav>, <main>, <footer>) for navigation and assistive tech.

  • Tap Target Size Warning

    10 interactive elements appear smaller than 48px.

    • • a.flex.items-center (BarGen API) - 149x32px
    • • a.link-subtle.text-sm (Documentation) - 99x20px
    • • a.link-subtle.text-sm (Pricing) - 45x20px
    • • a.link-subtle.text-sm (Enterprise) - 66x20px
    • • button.btn-ghost.p-2 (Toggle theme) - 36x36px
    • • a.link-subtle.text-sm (Log In) - 40x20px
    • • a.btn-primary.text-sm (Sign Up) - 81x32px
    • • a.link.inline-flex (View all format details) - 186x24px
    • • a.flex.items-center (BarGen API) - 592x32px
    • • a.ml-2.opacity-70 - 64x32px

    Fix: Increase target size to at least 48x48 CSS pixels for touch interactions.

Social & Rich Results

  • Missing og:title or og:description.

    Fix: Add og:title and og:description tags to control social preview text.

  • og:image is missing.

    Fix: Add <meta property="og:image" content="https://..."> with a high-quality share image.

  • Twitter Card Warning

    twitter:card is missing.

    Fix: Add <meta name="twitter:card" content="summary_large_image"> for better previews on X.

  • Structured Data Warning

    No JSON-LD schema scripts found.

    Fix: Add JSON-LD structured data matching your page type (Organization, Article, Product, etc.).

  • PWA Metadata Warning

    Manifest or Apple touch icon is missing.

    Fix: Link your web app manifest and apple-touch-icon for improved install/share experiences.

  • 5 social preview quality issues detected.

    • • ISSUE: og:url should be an absolute URL.
    • • ISSUE: og:title should typically be between 10 and 70 characters.
    • • ISSUE: og:description should typically be between 50 and 200 characters.
    • • ISSUE: Use an absolute URL for og:image or twitter:image.
    • • ISSUE: twitter:card is missing.
    • • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
    • • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
    • • GUIDELINE: Optimal preview image size: 1200x630 pixels.
    • • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
    • • GUIDELINE: Optimal preview image file size: under 5 MB.
    • • GUIDELINE: Recommended twitter:card: summary_large_image.

    Fix: Use absolute OG/Twitter URLs, keep metadata lengths in recommended ranges, and provide a preview image near 1200x630 under 5MB.

Links Analysis

  • Checked 10 links. No broken internal links found.

  • No broken external links found in checked URLs.

  • All 42 links use non-empty href values.

Performance & Runtime