Audit Result

UUID: 019f47d2-7766-7043-b7cd-f9d423a82edb

instavisuals.com

https://instavisuals.com/

Scanned 1 week ago

90
Excellent Score
39 total checks
Passed
32
Warnings
6
Errors
1

Meta Information

  • Title Tag Pass

    Found 53 characters. Length is optimal.

  • Found 180 characters. Keep description around 70-160 characters.

    Fix: Add <meta name="description" content="..."> in <head> with a clear page summary.

  • Canonical found: https://instavisuals.com/

  • Favicon Pass

    Favicon found and reachable: /favicon.ico (HTTP 200).

    Favicon
  • Viewport configured: width=device-width, initial-scale=1.0

  • HTML Lang Pass

    Language declared as "en".

Content Structure

Technical Optimization

  • HTTPS Pass

    Page is served over HTTPS.

  • 1 HTTPS hardening issues detected.

    • • Could not probe the HTTP version of this page.
    • • Strict-Transport-Security: max-age=31536000; includeSubDomains

    Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.

  • Core security headers were detected.

    Full HTTP headers (18)
    • • access-control-allow-origin: *
    • • alt-svc: h3=":443"; ma=86400
    • • cache-control: public, max-age=0, s-maxage=2592000
    • • cache-tag: 752d5636-23fb-4e56-9343-c107ad27cf9a,55248a9b-e2b1-4585-9b48-5e77d219e983,1c84ff8a-c699-48ce-8967-b3ab4c09fd9a
    • • cf-cache-status: DYNAMIC
    • • cf-ray: a188e1e7aa16f30f-IAD
    • • content-encoding: gzip
    • • content-security-policy: default-src 'self'; script-src 'self' https://gc.zgo.at; script-src-attr 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: blob: https://instavisuals.stats.fiveem.com https://neeed.directory; media-src 'self' blob:; connect-src 'self' https://instavisuals.stats.fiveem.com; frame-ancestors 'self'; base-uri 'self'; form-action 'self'; object-src 'none'
    • • content-type: text/html
    • • date: Thu, 09 Jul 2026 17:00:00 GMT
    • • last-modified: Thu, 09 Jul 2026 16:55:27 GMT
    • • permissions-policy: camera=(self), microphone=(), geolocation=(), payment=(), usb=()
    • • referrer-policy: strict-origin-when-cross-origin
    • • server: cloudflare
    • • strict-transport-security: max-age=31536000; includeSubDomains
    • • svid: 452f797352dc6906b32de6f53a59f220298b7beaf0a187115cc8ac732cc7fc099b9fb97460128b6ab08ae358fcf2d222f6ecf0754c191e9f15eec123c750c0a0264c8ec30df0b536bb373be57791e8115da9564240669489c8508a5cd4cb65f622909191be6aa5b9ce715a15e4fcd7f36e1c55e28e498a10f54b714e4dd1362ade1005fd689ab019a09d6182f92be425b0c73e645082255c780c744602b2248135569b59acd2da8d291856fe01c2409887b74af792520e1aef0ce890340869576cf97b9813f6796ff3c68cb354d92e79f442537fbf6452a8ffec1487c91c70604d7f1a
    • • x-content-type-options: nosniff
    • • x-frame-options: SAMEORIGIN
  • Content Security Policy looks restrictive and avoids common unsafe directives.

    • • Content-Security-Policy: default-src 'self'; script-src 'self' https://gc.zgo.at; script-src-attr 'unsafe-inline'; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: blob: https://instavisuals.stats.fiveem.com https://neeed.directory; media-src 'self' blob:; connect-src 'self' https://instavisuals.stats.fiveem.com; frame-ancestors 'self'; base-uri 'self'; form-action 'self'; object-src 'none'
  • No first-party cookies were set during the initial page load.

  • Server response headers do not expose version tokens.

  • Domain appears to be behind Cloudflare.

    • • server: cloudflare
    • • cf-cache-status: DYNAMIC
    • • cf-ray: a188e1e7aa16f30f-IAD
  • Loaded in 0.72s (perceived).

  • 1 scripts and 3 styles may block rendering.

    • • script: https://instavisuals.com/structured-data.json
    • • style: https://fonts.googleapis.com/css2?family=Miriam+Libre:wght@400;700&display=swap
    • • style: https://instavisuals.com/assets/index-BnZWo6JL.css
    • • style: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;600;700&display=swap

    Fix: Defer non-critical scripts and inline critical CSS to improve first paint speed.

  • Text-like assets appear compressed.

  • Robots.txt Pass

    Found robots.txt (200).

  • Found sitemap (200) at https://instavisuals.com/sitemap.xml.

  • Robots meta found: index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1

Accessibility Basics

  • Form Labels Error

    2 of 23 controls are missing labels.

    • • input[type="file"]
    • • input[type="file"]

    Fix: Associate each form control with a visible label, aria-label, or aria-labelledby.

  • Landmarks Warning

    Missing landmarks: nav.

    Fix: Use semantic regions (<header>, <nav>, <main>, <footer>) for navigation and assistive tech.

  • Tap Target Size Warning

    16 interactive elements appear smaller than 48px.

    • • button.btn.btn-upload (Upload image) - 242x31px
    • • button.btn.btn-text (Reset image fit) - 89x23px
    • • button.btn.btn-text (Reset filters) - 71x23px
    • • button.btn.btn-primary (Add blur area) - 242x31px
    • • button.pos-btn (top left) - 78x34px
    • • button.pos-btn (top center) - 78x34px
    • • button.pos-btn (top right) - 78x34px
    • • button.pos-btn (center left) - 78x34px
    • • button.pos-btn (center) - 78x34px
    • • button.pos-btn (center right) - 78x34px
    • • button.pos-btn (bottom left) - 78x34px
    • • button.pos-btn (bottom center) - 78x34px
    • • button.pos-btn.active (bottom right) - 78x34px
    • • button.pos-btn (custom) - 78x34px
    • • button.btn.btn-primary (Download) - 117x47px
    • • button.btn.btn-primary (Copy to clipboard) - 117x47px

    Fix: Increase target size to at least 48x48 CSS pixels for touch interactions.

Social & Rich Results

  • Core Open Graph tags are present.

  • og:image is present and absolute.

    Open Graph Image
  • twitter:card set to summary_large_image.

  • JSON-LD schema detected.

  • Manifest and Apple touch icon are configured.

  • Social preview metadata and image quality look good for Open Graph/Twitter.

    • • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
    • • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
    • • GUIDELINE: Optimal preview image size: 1200x630 pixels.
    • • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
    • • GUIDELINE: Optimal preview image file size: under 5 MB.
    • • GUIDELINE: Recommended twitter:card: summary_large_image.
    • • MEASURED: Image size: 0.05 MB
    • • MEASURED: Image dimensions: 1200x630

Links Analysis

Performance & Runtime

  • Largest Contentful Paint: 0.72s.

  • Cumulative Layout Shift: 0.001.

  • Total Blocking Time estimate: 11ms.

  • No failed CSS/JS/image/font/media requests detected.

  • 1 JavaScript runtime issues detected.

    • • Executing inline script violates the following Content Security Policy directive 'script-src 'self' https://gc.zgo.at'. Either the 'unsafe-inline' keyword, a hash ('sha256-qbttokYSoP/whlSPOjKxyggzTqVKZ2BCzYHfoGMNles='), or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked. [https://instavisuals.com/:77]

    Fix: Fix JS files returning 404/failed requests and resolve the listed runtime exceptions.