Audit Result

UUID: 019f6c09-71ba-70ae-9e96-fdd9e8d812aa

buddhatattoovallecas.com

https://buddhatattoovallecas.com/

Scanned 1 day ago

83
Fair Score
39 total checks
Passed
29
Warnings
7
Errors
3

Meta Information

  • Title Tag Warning

    Found 65 characters. Keep title between 30 and 60 characters.

    Fix: Add a unique <title> tag describing the main page intent in 30-60 characters.

  • Found 168 characters. Keep description around 70-160 characters.

    Fix: Add <meta name="description" content="..."> in <head> with a clear page summary.

  • Canonical found: https://buddhatattoovallecas.com/

  • Favicon Pass

    Favicon found and reachable: /favicon.ico (HTTP 200).

    Favicon
  • Viewport configured: width=device-width, initial-scale=1

  • HTML Lang Pass

    Language declared as "es".

Content Structure

  • H1 Tag Pass

    Exactly one H1 found: "Buddha Tattoo Vallecas".

  • Valid heading flow across 28 headings.

  • 9 of 25 images are missing alt text.

    Fix: Add meaningful alt attributes to all informative images for accessibility and image SEO.

Technical Optimization

  • HTTPS Pass

    Page is served over HTTPS.

  • 2 HTTPS hardening issues detected.

    • • HSTS is missing includeSubDomains.
    • • Could not probe the HTTP version of this page.
    • • Strict-Transport-Security: max-age=31536000

    Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.

  • Core security headers were detected.

    Full HTTP headers (19)
    • • alt-svc: h3=":443"; ma=86400
    • • cache-control: no-cache, must-revalidate
    • • cf-cache-status: DYNAMIC
    • • cf-ray: a1c2d377b9acf284-IAD
    • • content-encoding: br
    • • content-security-policy: default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; img-src 'self' data: https:; font-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; connect-src 'self'; form-action 'self'; upgrade-insecure-requests
    • • content-type: text/html; charset=utf-8
    • • cross-origin-opener-policy: same-origin
    • • date: Thu, 16 Jul 2026 17:46:23 GMT
    • • nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
    • • permissions-policy: camera=(), microphone=(), geolocation=(), payment=(), usb=()
    • • referrer-policy: strict-origin-when-cross-origin
    • • report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jQ%2FC3aCwg0qMFyoqX2BHo%2BD8e8qyOIsGQbknuKar18BOtGUdD9ue%2F83r%2BOW%2B%2BxI%2Bx53UG1lMnVYqLrV5B6f2aiFVUEQSNe85xjZxnb%2BJ3sKJPF5JAphgs5fZLLW0t%2FIbA87T6QhMRRUHxjK6rOtxdiT38Xa8ec0%3D"}]}
    • • server: cloudflare
    • • server-timing: cfCacheStatus;desc="DYNAMIC" cfEdge;dur=14,cfOrigin;dur=47
    • • strict-transport-security: max-age=31536000
    • • vary: accept-encoding
    • • x-content-type-options: nosniff
    • • x-frame-options: DENY
  • CSP Quality Error

    1 CSP hardening issues detected.

    • • script-src/default-src permits 'unsafe-inline'.
    • • Content-Security-Policy: default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; img-src 'self' data: https:; font-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; connect-src 'self'; form-action 'self'; upgrade-insecure-requests

    Fix: Tighten Content-Security-Policy by removing unsafe directives and adding object-src, base-uri, and frame-ancestors restrictions.

  • No first-party cookies were set during the initial page load.

  • Server response headers do not expose version tokens.

  • Domain appears to be behind Cloudflare.

    • • server: cloudflare
    • • cf-cache-status: DYNAMIC
    • • cf-ray: a1c2d377b9acf284-IAD
  • Loaded in 0.65s (perceived).

  • 0 scripts and 1 styles may block rendering.

    • • style: https://buddhatattoovallecas.com/_astro/Footer.C7CIiMWv.css

    Fix: Defer non-critical scripts and inline critical CSS to improve first paint speed.

  • Text-like assets appear compressed.

  • Robots.txt Pass

    Found robots.txt (200).

  • Found sitemap (200) at https://buddhatattoovallecas.com/sitemap.xml.

  • Robots meta found: index, follow

Accessibility Basics

  • All 0 controls are labeled.

  • Landmarks Pass

    Header, nav, main, and footer landmarks are present.

  • Tap Target Size Warning

    14 interactive elements appear smaller than 48px.

    • • a.text-[0.83rem].font-bold (Inicio) - 38x20px
    • • a.text-[0.83rem].font-bold (Bodas y eventos) - 113x20px
    • • a.text-[0.83rem].font-bold (Trabajos) - 59x20px
    • • a.text-[0.83rem].font-bold (Tatuajes) - 58x20px
    • • a.text-[0.83rem].font-bold (Piercing) - 57x20px
    • • a.text-[0.83rem].font-bold (Dani) - 31x20px
    • • a.text-[0.83rem].font-bold (Ubicación) - 69x20px
    • • a.inline-flex.items-center (WhatsApp) - 362x20px
    • • a.inline-flex.items-center (Instagram) - 362x20px
    • • a.inline-flex.items-center (Facebook) - 362x20px
    • • a.inline-flex.items-center (Google Maps) - 362x20px
    • • a.hover:text-gold (Aviso legal) - 290x20px
    • • a.hover:text-gold (Privacidad) - 290x20px
    • • a.footer-credit (GP Studio) - 63x16px

    Fix: Increase target size to at least 48x48 CSS pixels for touch interactions.

Social & Rich Results

  • Core Open Graph tags are present.

  • og:image is present and absolute.

    Open Graph Image
  • twitter:card set to summary.

  • JSON-LD schema detected.

  • Manifest and Apple touch icon are configured.

  • 3 social preview quality issues detected.

    • • ISSUE: Preview image is below recommended size (1200x630).
    • • ISSUE: Preview image aspect ratio (1.00) differs from the recommended ~1.91:1.
    • • ISSUE: twitter:card should be summary_large_image for richer previews.
    • • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
    • • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
    • • GUIDELINE: Optimal preview image size: 1200x630 pixels.
    • • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
    • • GUIDELINE: Optimal preview image file size: under 5 MB.
    • • GUIDELINE: Recommended twitter:card: summary_large_image.
    • • MEASURED: Image size: 0.02 MB
    • • MEASURED: Image dimensions: 512x512

    Fix: Use absolute OG/Twitter URLs, keep metadata lengths in recommended ranges, and provide a preview image near 1200x630 under 5MB.

Links Analysis

  • Checked 10 links. No broken internal links found.

  • No broken external links found in checked URLs.

  • All 35 links use non-empty href values.

Performance & Runtime

  • Largest Contentful Paint: 0.65s.

  • Cumulative Layout Shift: 0.000.

  • Total Blocking Time estimate: 56ms.

  • 1 asset requests failed.

    • • https://static.cloudflareinsights.com/beacon.min.js/v4513226cdae34746b4dedf0b4dfa099e1781791509496 (csp)

    Fix: Fix missing files, update asset URLs, and ensure static assets return HTTP 200.

  • 2 JavaScript runtime issues detected.

    • • Request failed: https://static.cloudflareinsights.com/beacon.min.js/v4513226cdae34746b4dedf0b4dfa099e1781791509496 (csp, type: script)
    • • Loading the script 'https://static.cloudflareinsights.com/beacon.min.js/v4513226cdae34746b4dedf0b4dfa099e1781791509496' violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked. [https://buddhatattoovallecas.com/:1]

    Fix: Fix JS files returning 404/failed requests and resolve the listed runtime exceptions.