Audit Result

UUID: 019f6725-3cfb-702f-ac06-e41a01ec5316

theloanreminder.com

https://theloanreminder.com/

Scanned 2 days ago

88
Excellent Score
39 total checks
Passed
31
Warnings
7
Errors
1

Meta Information

  • Title Tag Warning

    Found 66 characters. Keep title between 30 and 60 characters.

    Fix: Add a unique <title> tag describing the main page intent in 30-60 characters.

  • Found 150 characters. Good snippet length.

  • Canonical found: https://theloanreminder.com

  • Favicon Pass

    Favicon found and reachable: /images/logos/logo-icon-simple.svg (HTTP 200).

    Favicon
  • Viewport configured: width=device-width, initial-scale=1, viewport-fit=cover

  • HTML Lang Pass

    Language declared as "en".

Content Structure

  • H1 Tag Pass

    Exactly one H1 found: "Get your stuff back—without the awkward “hey, just checking…” text.".

  • Valid heading flow across 26 headings.

  • 3 of 10 images are missing alt text.

    Fix: Add meaningful alt attributes to all informative images for accessibility and image SEO.

Technical Optimization

  • HTTPS Pass

    Page is served over HTTPS.

  • 1 HTTPS hardening issues detected.

    • • Could not probe the HTTP version of this page.
    • • Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

    Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.

  • Missing: content-security-policy.

    Full HTTP headers (24)
    • • age: 0
    • • alt-svc: h3=":443"; ma=86400
    • • cache-control: private, no-cache, no-store, max-age=0, must-revalidate
    • • cf-cache-status: DYNAMIC
    • • cf-ray: a1baffddd991d643-IAD
    • • content-encoding: zstd
    • • content-security-policy-report-only: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://challenges.cloudflare.com https://*.sentry-cdn.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:; font-src 'self' data:; connect-src 'self' https://yxudbftlkzubasunbtwb.supabase.co wss://yxudbftlkzubasunbtwb.supabase.co http://127.0.0.1:54321 ws://127.0.0.1:54321 http://localhost:54321 ws://localhost:54321 https://*.ingest.sentry.io https://*.ingest.us.sentry.io https://challenges.cloudflare.com; frame-src https://challenges.cloudflare.com; worker-src 'self' blob:; manifest-src 'self'
    • • content-type: text/html; charset=utf-8
    • • date: Wed, 15 Jul 2026 18:58:37 GMT
    • • link: </_next/static/media/fba5a26ea33df6a3-s.p.18rizl4rsrl42.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </images/logos/logo-horizontal.svg>; rel=preload; as="image", </images/logos/logo-horizontal-tagline.svg>; rel=preload; as="image"
    • • nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
    • • permissions-policy: geolocation=(), microphone=(), payment=(), usb=()
    • • referrer-policy: strict-origin-when-cross-origin
    • • report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=T2lfVUZGQlYLXUwbTEyrg8ggCNPTCoYZcvVOGeaaz0%2FRBxjPleoOQIJ%2FaxHwrbF%2BxEzmN46vdmbx21ALPgeUXy8ygQs78I8bVISWkos2JzLsq9pg8QRdtWJdbEI5ESGB8CtEydhY9W4cGoBwZ9cfyX%2F8"}]}
    • • server: cloudflare
    • • server-timing: cfCacheStatus;desc="DYNAMIC" cfEdge;dur=14,cfOrigin;dur=2131
    • • strict-transport-security: max-age=63072000; includeSubDomains; preload
    • • vary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch accept-encoding
    • • x-content-type-options: nosniff
    • • x-frame-options: DENY
    • • x-matched-path: /
    • • x-powered-by: Next.js
    • • x-vercel-cache: MISS
    • • x-vercel-id: iad1::iad1::pwm75-1784141915858-cca440ef70dd

    Fix: Add the missing security headers at your reverse proxy or application layer.

  • CSP Quality Warning

    Content-Security-Policy header is missing.

    • • Missing Content-Security-Policy header.

    Fix: Define a restrictive Content-Security-Policy and avoid unsafe directives such as unsafe-inline and unsafe-eval.

  • No first-party cookies were set during the initial page load.

  • Server response headers do not expose version tokens.

  • Domain appears to be behind Cloudflare.

    • • server: cloudflare
    • • cf-cache-status: DYNAMIC
    • • cf-ray: a1baffddd991d643-IAD
  • Loaded in 2.43s (perceived).

    Fix: Reduce payload size, cache static assets, and remove non-critical JS from initial load.

  • 4 scripts and 3 styles may block rendering.

    • • script: https://theloanreminder.com/_next/static/chunks/0cz1d0mv5g_q7.js
    • • script: https://theloanreminder.com/_next/static/chunks/18wgmp1z-2j07.js
    • • script: https://theloanreminder.com/_next/static/chunks/3qmahr8auvxq-.js
    • • script: https://theloanreminder.com/_next/static/chunks/14bx5s_2ejwer.js
    • • style: https://theloanreminder.com/_next/static/chunks/1m4k8i70v7hf7.css
    • • style: https://theloanreminder.com/_next/static/chunks/2n7q43hfee9ey.css
    • • style: https://theloanreminder.com/_next/static/chunks/0j1ray6xlufbf.css

    Fix: Defer non-critical scripts and inline critical CSS to improve first paint speed.

  • Text-like assets appear compressed.

  • Robots.txt Pass

    Found robots.txt (200).

  • Found sitemap (200) at https://theloanreminder.com/sitemap.xml.

  • Robots meta found: index, follow

Accessibility Basics

  • All 0 controls are labeled.

  • Landmarks Pass

    Header, nav, main, and footer landmarks are present.

  • Tap Target Size Warning

    16 interactive elements appear smaller than 48px.

    • • a.inline-flex.shrink-0 (How It Works) - 118x40px
    • • a.inline-flex.shrink-0 (Pricing) - 77x40px
    • • a.inline-flex.shrink-0 (FAQ) - 60x40px
    • • a.inline-flex.shrink-0 (Sign In) - 74x40px
    • • button#_R_2i6lubsbb_-you-tab.min-h-11.flex-1 (What You See) - 219x46px
    • • button#_R_2i6lubsbb_-they-tab.min-h-11.flex-1 (What They See) - 219x46px
    • • button.inline-flex.items-center (Open) - 352x40px
    • • button.inline-flex.min-h-11 (Monthly) - 85x44px
    • • button.inline-flex.min-h-11 (Yearly, Save 58%) - 142x44px
    • • a.transition-colors.hover:text-brand (Terms) - 41x20px
    • • a.transition-colors.hover:text-brand (Privacy) - 48x20px
    • • button.transition-colors.hover:text-brand (Cookie settings) - 106x20px
    • • a.transition-colors.hover:text-brand (FAQ) - 28x20px
    • • a.transition-colors.hover:text-brand (Contact) - 57x20px
    • • a.transition-colors.hover:text-brand (Sign In) - 42x20px
    • • a.font-medium.text-brand (Track an Item Free) - 118x20px

    Fix: Increase target size to at least 48x48 CSS pixels for touch interactions.

Social & Rich Results

  • Core Open Graph tags are present.

  • og:image is present and absolute.

    Open Graph Image
  • twitter:card set to summary_large_image.

  • JSON-LD schema detected.

  • Manifest and Apple touch icon are configured.

  • Social preview metadata and image quality look good for Open Graph/Twitter.

    • • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
    • • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
    • • GUIDELINE: Optimal preview image size: 1200x630 pixels.
    • • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
    • • GUIDELINE: Optimal preview image file size: under 5 MB.
    • • GUIDELINE: Recommended twitter:card: summary_large_image.
    • • MEASURED: Image size: 0.95 MB
    • • MEASURED: Image dimensions: 1200x630

Links Analysis

  • Checked 8 links. No broken internal links found.

  • No broken external links found in checked URLs.

  • All 20 links use non-empty href values.

Performance & Runtime