Skip to content
Start free scan
Public reportCertified until 9 July 2027

susu.nu

Visit susu.nu ↗

Speed
94
Security
95
Mobile
100
Accessibility
58
Average score
87/ 100
Better than 46% of the 13 scanned sites
No mark yet

Certified on 9 July 2026 · 8 pages checked · 10 improvements found

Score over time

Every audit and re-audit counts: this is the average score per scan day.

certification threshold (80)
8 July 20269 July 2026

Full audit

Part of the WebYes certification: beyond the four pillars we also audit SEO, structured data, content, links, privacy and AI findability. These extra categories do not count towards the certification score.

Content
90
Legal
93
On-page SEO
95
Spam signals
95
Technical
96
Quality impression
99
Links
100
Structured data
100
AI findability (GEO)
100
URL structure
100
Social
100
Privacy
100

Findings (21)

  • ErrorAccessibility

    10 <input> element(s) have no associated label, aria-label, or aria-labelledby.

    Associate a <label for="inputId"> or add aria-label="..." to every visible form input.

    How to fix it

    Link every form field to a label via for/id, or use aria-label. A placeholder alone is not enough: it disappears as soon as someone types.

    Read more in the knowledge base: WCAG guidelines →

  • ErrorAccessibility

    9 <button> element(s) have no accessible name.

    Add visible text content, aria-label="...", or aria-labelledby="..." to every <button>.

    How to fix it

    Some buttons have no name, such as a hamburger or close button with only an icon. Add an aria-label (for example aria-label="Open menu").

    Read more in the knowledge base: WCAG guidelines →

  • ErrorAccessibility

    1 <video> or <audio> element(s) have the autoplay attribute.

    Remove autoplay or add the muted attribute. Unexpected audio disorients screen reader users and violates WCAG 1.4.2.

    How to fix it

    Media plays automatically. Disable autoplay or mute audio by default, and give visitors a clear pause button.

    Read more in the knowledge base: Digital accessibility →

  • ErrorAccessibility

    10 focusable element(s) have aria-hidden="true", making them invisible to screen readers but still reachable via keyboard.

    Remove aria-hidden from focusable elements, or add tabindex="-1" to also remove them from the tab order.

    How to fix it

    Elements with aria-hidden="true" are still keyboard-focusable. Remove them from the tab order too (tabindex="-1") or hide them properly.

    Read more in the knowledge base: WCAG guidelines →

  • ErrorSpam signals

    Page CSS/HTML suggests hidden/off-screen text patterns often associated with cloaking.

    Remove display:none / zero-font-size blocks used to inject extra keywords. Use visible, user-facing content only.

  • WarningSpeed

    3 render-blocking <link rel="stylesheet"> in <head> (target: ≤2).

    Inline critical CSS, lazy-load the rest with the `<link rel="preload" as="style" onload="this.rel='stylesheet'">` pattern, or split chunks per route. Each blocking stylesheet adds round-trips to LCP.

    How to fix it

    Reduce render-blocking CSS: inline the critical above-the-fold styles and load the rest asynchronously. Also remove CSS that is no longer used anywhere.

    Read more in the knowledge base: Testing website speed →

  • WarningAccessibility

    Page has no skip-navigation link for keyboard users.

    Add a visually hidden link as the first focusable element: <a href="#main-content" class="skip-link">Skip to content</a>.

    How to fix it

    Add a 'skip link' as the first link on the page that jumps to the main content (<a href="#main-content">Skip to content</a>). Keyboard users then do not have to tab through the entire menu.

    Read more in the knowledge base: WCAG guidelines →

  • WarningContent

    Page has only 3 words (min 100).

    Thin pages risk being classified as low-value. Expand with original, useful content — lead each H2 with a self-contained 40-75 word answer, and add a visible FAQ/Q&A section covering common questions (no FAQPage schema needed; visible Q&A is what ranks and what AI Overviews cite). Or noindex if it's a utility page.

  • WarningTechnical

    25 internal resource(s) across 8 page(s) are blocked from crawling by a robots.txt Disallow rule.

    Search engines must fetch CSS, JS, and images to render and rank your pages. Remove the matching Disallow line(s) so Googlebot can load these resources. Blocked: https://susu.nu/_next/static/chunks/0-5_4w8kl4sl6.js, https://susu.nu/_next/static/chunks/0_6brl4l4hy6n.js, https://susu.nu/_next/static/chunks/0_8eknvwukjvl.js, https://susu.nu/_next/static/chunks/0cz1d0mv5g_q7.js, https://susu.nu/_next/static/chunks/0m3x9c4i0ys_n.js

  • InfoSpeed

    Likely LCP image is missing `fetchpriority="high"`.

    Add `fetchpriority="high"` to the hero image (/_next/image?url=https%3A%2F%2Fgfquvjcczxzafesxzkua.supabase.co%2Fstorage%2Fv1%2Fobject%2Fpublic%2Fpage-images%2Fsummit%2F1778873073559-8xald532.png&w=1920&q=75) so the browser fetches it ahead of low-priority resources. Saves 100-300ms LCP on typical pages.

    How to fix it

    Prioritise your largest above-the-fold image with fetchpriority="high" or a preload link. The download then starts immediately instead of after the rest of the page.

    Read more in the knowledge base: Core Web Vitals →

  • InfoSpeed

    2 image(s) ≥800px wide without srcset or <picture> for responsive delivery.

    Use `srcset` with multiple resolutions or wrap images in `<picture>` with WebP/AVIF sources. In Next.js, use `next/image` which handles this automatically. Without responsive images, mobile users download desktop-sized assets.

    How to fix it

    Serve images in a modern format (WebP or AVIF), scaled to the size at which they are displayed. An image service or build step (such as next/image) handles this automatically.

    Read more in the knowledge base: Core Web Vitals →

  • InfoSecurity

    No `/.well-known/security.txt` published.

    Publish a `security.txt` (RFC 9116) at `/.well-known/security.txt`. Even a one-line `Contact: mailto:[email protected]` plus an `Expires:` date is enough; it gives white-hat researchers somewhere to send reports instead of giving up.

    How to fix it

    Publish a security.txt at /.well-known/security.txt with a contact address for security reports. Researchers then know where to report a vulnerability.

    Read more in the knowledge base: Security headers →

  • InfoSecurity

    Missing `Cross-Origin-Embedder-Policy`. Cross-origin isolation lets you use SharedArrayBuffer and high-resolution timers safely.

    Send `Cross-Origin-Opener-Policy: same-origin` and `Cross-Origin-Embedder-Policy: require-corp`. Note this requires every embedded resource to send `Cross-Origin-Resource-Policy`.

    How to fix it

    Add Cross-Origin-Opener-Policy: same-origin (and where possible Cross-Origin-Embedder-Policy). This isolates your site from windows opened by other origins.

    Read more in the knowledge base: Security headers →

  • InfoOn-page SEO

    Title is slightly over the recommended length (61 chars, max 60).

    Borderline — Google usually still renders this in full. Trim only if the most important keywords sit past the visible cutoff.

  • InfoOn-page SEO

    Meta description is slightly over the recommended length (200 chars, max 160).

  • InfoOn-page SEO

    Canonical URL differs from final URL (page may be canonicalised away).

    If this is intentional (variant page), keep it. Otherwise self-reference the canonical.

  • InfoContent

    Text-to-HTML ratio is 0.0% (target ≥ 2%).

    Very low ratios usually mean the hydration payload, inline RSC blob or a vendor script is bigger than the rendered prose. Inspect the largest scripts and externalise or split them.

  • InfoTechnical

    Crawl stopped at the max-pages limit (6); 10 sitemap URLs were not visited but might still be reachable.

    Re-run with `--max-pages 2000` (or higher) before trusting orphan-from-sitemap counts.

  • InfoTechnical

    No HTML sitemap link found on the homepage. Placing one in the footer is an industry best practice for UX and crawler/AI discovery.

    Add a link to a user-facing HTML sitemap (e.g. `/sitemap`, not `sitemap.xml`) inside the <footer>. An HTML sitemap acts as a structural overview for lost visitors and as a fallback discovery surface for search engines and AI crawlers.

  • InfoLegal

    Site sets cookies on 8 page(s) but no cookie consent mechanism was detected.

    Implement a CMP (Cookiebot, OneTrust, Usercentrics, Complianz) or build a consent banner. GDPR and ePrivacy require prior consent for non-essential cookies in the EU.

  • InfoQuality impression

    Homepage has no `<link rel="icon">` — browsers will request /favicon.ico which may 404.

    Add a custom favicon that reflects your brand. A missing favicon causes extra 404 log noise and looks unprofessional in browser tabs and bookmarks.

Full audit performed on 9 July 2026.

More from the register

Other websites holding an active WebYes certification. Every report is public and audited on the same four pillars.

domeinflits.nl✓ Certified

Score 90 / 100 · view the report →

mgsoftware.nl✓ Certified

Score 82 / 100 · view the report →

solarfast.nl✓ Certified

Score 94 / 100 · view the report →

webyes.nl✓ Certified

Score 94 / 100 · view the report →

Scan your own websiteView the certification register →
webyes

Het onafhankelijke keurmerk voor Nederlandse websites. Kalm, transparant, jaarlijks herkeurd.

Start gratis scan

Keurmerk

  • Start gratis scan
  • Hoe het werkt
  • Keurmerkregister
  • Prijzen
  • Veelgestelde vragen

Kennis

  • Kennisbank
  • Blog
  • Jaarrapport

Bedrijf

  • Over ons
  • Contact
  • Mijn account

Juridisch

  • Privacybeleid
  • Algemene voorwaarden
  • Cookies
© 2026 WebYesGebouwd in Nederland.

Jaarrapport in de maak. In de maak: het jaarrapport over de staat van het Nederlandse web. Lees meer →

webyes
WerkwijzePrijzenRegisterKennisbankOver ons
InloggenStart gratis scan