Audit Result

UUID: 019f3bfe-88b9-71cf-bc02-a1ccee0dc8eb

ipocket.xyz

https://ipocket.xyz/

Scanned 1 week ago

95
Excellent Score
39 total checks
Passed
35
Warnings
4
Errors
0

Meta Information

  • Title Tag Pass

    Found 46 characters. Length is optimal.

  • Found 135 characters. Good snippet length.

  • Canonical found: https://ipocket.xyz/

  • Favicon Pass

    Favicon found and reachable: /favicon.ico?v=2 (HTTP 200).

    Favicon
  • Viewport configured: width=device-width, initial-scale=1

  • HTML Lang Pass

    Language declared as "en".

Content Structure

Technical Optimization

  • HTTPS Pass

    Page is served over HTTPS.

  • 2 HTTPS hardening issues detected.

    • • HSTS is missing includeSubDomains.
    • • Could not probe the HTTP version of this page.
    • • Strict-Transport-Security: max-age=63072000

    Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.

  • Missing: content-security-policy, x-frame-options, x-content-type-options, referrer-policy.

    Full HTTP headers (13)
    • • access-control-allow-origin: *
    • • age: 234790
    • • cache-control: public, max-age=0, must-revalidate
    • • content-disposition: inline
    • • content-encoding: br
    • • content-type: text/html; charset=utf-8
    • • date: Tue, 07 Jul 2026 09:52:40 GMT
    • • etag: W/"7b0af12ac01f70c14724a54c800c9bdf"
    • • last-modified: Sat, 04 Jul 2026 16:39:29 GMT
    • • server: Vercel
    • • strict-transport-security: max-age=63072000
    • • x-vercel-cache: HIT
    • • x-vercel-id: iad1::hbs24-1783417959915-ccb691f6e2f4

    Fix: Add the missing security headers at your reverse proxy or application layer.

  • CSP Quality Warning

    Content-Security-Policy header is missing.

    • • Missing Content-Security-Policy header.

    Fix: Define a restrictive Content-Security-Policy and avoid unsafe directives such as unsafe-inline and unsafe-eval.

  • No first-party cookies were set during the initial page load.

  • Server response headers do not expose version tokens.

  • Domain does not appear to be behind Cloudflare.

  • Loaded in 0.50s (perceived).

  • No render-blocking scripts or styles detected.

  • Text-like assets appear compressed.

  • Robots.txt Pass

    Found robots.txt (200).

  • Found sitemap (200) at https://ipocket.xyz/sitemap-index.xml.

  • Robots meta found: index, follow, max-image-preview:large

Accessibility Basics

  • All 0 controls are labeled.

  • Landmarks Pass

    Header, nav, main, and footer landmarks are present.

  • Interactive targets look touch-friendly.

Social & Rich Results

  • Core Open Graph tags are present.

  • og:image is present and absolute.

    Open Graph Image
  • twitter:card set to summary_large_image.

  • JSON-LD schema detected.

  • Manifest and Apple touch icon are configured.

  • Social preview metadata and image quality look good for Open Graph/Twitter.

    • • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
    • • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
    • • GUIDELINE: Optimal preview image size: 1200x630 pixels.
    • • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
    • • GUIDELINE: Optimal preview image file size: under 5 MB.
    • • GUIDELINE: Recommended twitter:card: summary_large_image.
    • • MEASURED: Image size: 0.11 MB
    • • MEASURED: Image dimensions: 1200x630

Links Analysis

  • Checked 21 links. No broken internal links found.

  • No broken external links found in checked URLs.

  • All 29 links use non-empty href values.

Performance & Runtime