Audit Result

UUID: 019df904-487b-7126-8793-ad0574669f81

Share on X Recheck Back to history
aicavo.com

https://aicavo.com/

Scanned 1 month ago

77
Fair Score
39 total checks
Passed
25
Warnings
10
Errors
4

Meta Information

  • Title Tag Warning

    Found 75 characters. Keep title between 30 and 60 characters.

    Fix: Add a unique <title> tag describing the main page intent in 30-60 characters.

  • Meta Description Pass

    Found 109 characters. Good snippet length.

  • Canonical URL Pass

    Canonical found: https://aicavo.com

  • Favicon Pass

    Favicon found and reachable: /uploads/images/favicon.png (HTTP 200).

    Favicon
  • Viewport Meta Pass

    Viewport configured: width=device-width, initial-scale=1

  • HTML Lang Pass

    Language declared as "en".

Content Structure

  • H1 Tag Pass

    Exactly one H1 found: "AICavo - The Most Advanced AI & SaaS Tools Directory Platform".

  • Heading Hierarchy Pass

    Valid heading flow across 111 headings.

  • Image Alt Text Pass

    All 75 images include alt text.

Technical Optimization

  • HTTPS Pass

    Page is served over HTTPS.

  • HSTS & HTTPS Redirect Warning

    1 HTTPS hardening issues detected.

    • • Could not probe the HTTP version of this page.
    • • Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

    Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.

  • Security Headers Pass

    Core security headers were detected.

    Full HTTP headers (16)
    • • cache-control: private, no-cache, no-store, max-age=0, must-revalidate
    • • content-encoding: gzip
    • • content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.clarity.ms https://app.lemonsqueezy.com https://lmsqueezy.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data:; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://*.clarity.ms https://api.lemonsqueezy.com wss://*.supabase.co https://*.supabase.co; frame-src 'self' https://app.lemonsqueezy.com https://www.youtube.com https://youtube.com https://player.vimeo.com; media-src 'self' https: data: blob:;
    • • content-type: text/html; charset=utf-8
    • • cross-origin-resource-policy: cross-origin
    • • date: Tue, 05 May 2026 16:41:30 GMT
    • • link: </_next/static/media/83afe278b6a6bb3c-s.p.3a6ba036.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/chunks/4e20891f2fd03463.css>; rel=preload; as="style", </_next/static/chunks/98aa9c1f3647f1b2.css>; rel=preload; as="style"
    • • permissions-policy: camera=(), microphone=(), geolocation=()
    • • referrer-policy: origin-when-cross-origin
    • • server: nginx
    • • strict-transport-security: max-age=63072000; includeSubDomains; preload
    • • vary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding
    • • x-content-type-options: nosniff
    • • x-dns-prefetch-control: on
    • • x-frame-options: SAMEORIGIN
    • • x-xss-protection: 1; mode=block
  • CSP Quality Error

    5 CSP hardening issues detected.

    • • script-src/default-src permits 'unsafe-inline'.
    • • script-src/default-src permits 'unsafe-eval'.
    • • CSP is missing object-src 'none'.
    • • CSP is missing a base-uri restriction.
    • • CSP is missing frame-ancestors protection.
    • • Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.clarity.ms https://app.lemonsqueezy.com https://lmsqueezy.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https: blob:; font-src 'self' data:; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://*.clarity.ms https://api.lemonsqueezy.com wss://*.supabase.co https://*.supabase.co; frame-src 'self' https://app.lemonsqueezy.com https://www.youtube.com https://youtube.com https://player.vimeo.com; media-src 'self' https: data: blob:;

    Fix: Tighten Content-Security-Policy by removing unsafe directives and adding object-src, base-uri, and frame-ancestors restrictions.

  • Cookie Security Pass

    No first-party cookies were set during the initial page load.

  • Server Version Disclosure Pass

    Server response headers do not expose version tokens.

  • Cloudflare Proxy Warning

    Domain does not appear to be behind Cloudflare.

  • Perceived Load Time Pass

    Loaded in 0.38s (perceived).

  • Render Blocking Resources Warning

    1 scripts and 2 styles may block rendering.

    • • script: https://aicavo.com/_next/static/chunks/a6dad97d9634a72d.js
    • • style: https://aicavo.com/_next/static/chunks/4e20891f2fd03463.css
    • • style: https://aicavo.com/_next/static/chunks/98aa9c1f3647f1b2.css

    Fix: Defer non-critical scripts and inline critical CSS to improve first paint speed.

  • Compression Warning

    5 text resources look uncompressed.

    • • https://aicavo.com/_next/static/chunks/d96012bcfc98706a.js (application/javascript; charset=UTF-8)
    • • https://aicavo.com/api/auth/session (application/json)
    • • https://aicavo.com/api/settings/public (application/json)
    • • https://aicavo.com/api/settings/site-notice (application/json)
    • • https://aicavo.com/api/promotions/track (application/json)

    Fix: Enable Brotli or Gzip compression for HTML, CSS, JS, and JSON responses.

  • Robots.txt Pass

    Found robots.txt (200).

  • Sitemap File Pass

    Found sitemap (200) at https://aicavo.com/sitemap.xml.

  • Crawl Directives Pass

    Robots meta found: index, follow

Accessibility Basics

  • Form Labels Error

    1 of 1 controls are missing labels.

    • • input[type="text"].w-full.h-14 (Search using keywords, domains, URLs...)

    Fix: Associate each form control with a visible label, aria-label, or aria-labelledby.

  • Landmarks Pass

    Header, nav, main, and footer landmarks are present.

  • Tap Target Size Warning

    25 interactive elements appear smaller than 48px.

    • • a.flex.items-center (AICavo) - 116x40px
    • • a.px-3.py-2 (Home) - 64x36px
    • • button.flex.items-center (All Tools) - 102x36px
    • • a.px-3.py-2 (🔥 Deals) - 85x36px
    • • a.px-3.py-2 (Categories) - 101x36px
    • • a.px-3.py-2 (Pricing) - 72x36px
    • • a.px-3.py-2 (Forums) - 74x36px
    • • button.flex.items-center (Leaderboard) - 150x36px
    • • button.inline-flex.items-center (Search tools) - 40x40px
    • • a.hidden.sm:block (Submit ToolSubmit) - 139x40px
    • • button.inline-flex.items-center (Submit ToolSubmit) - 139x40px
    • • a (Login) - 97x40px
    • • button.items-center.justify-center (Login) - 97x40px
    • • a.px-4.py-2 (🤖AI Agents) - 125x40px
    • • a.px-4.py-2 (💡Automation) - 139x40px
    • • a.px-4.py-2 (📈Data Analytics) - 160x40px
    • • a.px-4.py-2 (⚡LLM Models) - 144x40px
    • • a.px-4.py-2 (🖼️Image Editing) - 154x40px
    • • button.inline-flex.items-center (Add to comparison) - 32x32px
    • • a.flex-shrink-0 - 60x32px
    • • a.hover:text-primary.truncate (Eleven Music) - 122x28px
    • • button.inline-flex.items-center (Add to favorites) - 40x40px
    • • button.inline-flex.items-center (3) - 55x36px
    • • a.text-sm.font-medium (Try Now →) - 76x20px
    • • button.inline-flex.items-center (Add to comparison) - 32x32px

    Fix: Increase target size to at least 48x48 CSS pixels for touch interactions.

Social & Rich Results

  • Open Graph Basics Pass

    Core Open Graph tags are present.

  • Open Graph Image Pass

    og:image is present and absolute.

    Open Graph Image
  • Twitter Card Pass

    twitter:card set to summary_large_image.

  • Structured Data Pass

    JSON-LD schema detected.

  • PWA Metadata Warning

    Manifest or Apple touch icon is missing.

    Fix: Link your web app manifest and apple-touch-icon for improved install/share experiences.

  • Open Graph/Twitter Quality Warning

    1 social preview quality issues detected.

    • • ISSUE: og:title should typically be between 10 and 70 characters.
    • • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
    • • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
    • • GUIDELINE: Optimal preview image size: 1200x630 pixels.
    • • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
    • • GUIDELINE: Optimal preview image file size: under 5 MB.
    • • GUIDELINE: Recommended twitter:card: summary_large_image.
    • • MEASURED: Image size: 0.03 MB
    • • MEASURED: Image dimensions: 1344x661

    Fix: Use absolute OG/Twitter URLs, keep metadata lengths in recommended ranges, and provide a preview image near 1200x630 under 5MB.

Links Analysis

  • Internal Links Error

    12 internal links returned errors.

    • • https://aicavo.com/visit/eleven-music (HTTP 404)
    • • https://aicavo.com/visit/trainual (HTTP 404)
    • • https://aicavo.com/visit/volza (HTTP 404)
    • • https://aicavo.com/visit/kartra (HTTP 404)
    • • https://aicavo.com/visit/beautiful-ai (HTTP 404)
    • • https://aicavo.com/visit/catalister (HTTP 404)
    • • https://aicavo.com/visit/eleven-agents (HTTP 404)
    • • https://aicavo.com/visit/cloudtalk (HTTP 404)
    • • https://aicavo.com/visit/adcreative-ai (HTTP 404)
    • • https://aicavo.com/visit/elevenlabs (HTTP 404)
    • • https://aicavo.com/visit/turbotic (HTTP 404)
    • • https://aicavo.com/visit/xero (HTTP 404)

    Fix: Fix or remove the listed internal URLs, and ensure routes/pages return 200 responses.

  • External Links Warning

    1 external links returned errors or timed out.

    • • https://www.easync.io/?utm_source=aicavo.com&utm_medium=directory&utm_campaign=tool-card (HTTP 403)

    Fix: Replace dead external URLs or point to working alternatives.

  • Link Format Pass

    All 303 links use non-empty href values.

Performance & Runtime

  • Core Web Vitals: LCP Pass

    Largest Contentful Paint: 0.38s.

  • Core Web Vitals: CLS Pass

    Cumulative Layout Shift: 0.001.

  • Main Thread Blocking (TBT) Pass

    Total Blocking Time estimate: 54ms.

  • Broken Assets Error

    1 asset requests failed.

    • • https://www.volza.com/images/volza-logo.webp (net::ERR_BLOCKED_BY_ORB)

    Fix: Fix missing files, update asset URLs, and ensure static assets return HTTP 200.

  • JavaScript Runtime Errors Warning

    11 JavaScript runtime issues detected.

    • • Request failed: https://aicavo.com/api/auth/me (HTTP 401, type: fetch)
    • • Request failed: https://aicavo.com/api/streaks/check-login (HTTP 401, type: fetch)
    • • Request failed: https://aicavo.com/categories/image-editing?_rsc=1r34m (net::ERR_ABORTED, type: fetch)
    • • Request failed: https://aicavo.com/categories/llm-models?_rsc=1r34m (net::ERR_ABORTED, type: fetch)
    • • Request failed: https://aicavo.com/tools-leaderboard?_rsc=p37cr (net::ERR_ABORTED, type: fetch)
    • • Request failed: https://aicavo.com/categories/data-analytics?_rsc=p37cr (net::ERR_ABORTED, type: fetch)
    • • Request failed: https://aicavo.com/categories/ai-agents?_rsc=p37cr (net::ERR_ABORTED, type: fetch)
    • • Request failed: https://aicavo.com/pricing?_rsc=p37cr (net::ERR_ABORTED, type: fetch)
    • • Request failed: https://aicavo.com/?_rsc=p37cr (net::ERR_ABORTED, type: fetch)
    • • Failed to load resource: the server responded with a status of 401 () [https://aicavo.com/api/auth/me:1]
    • • Failed to load resource: the server responded with a status of 401 () [https://aicavo.com/api/streaks/check-login:1]

    Fix: Fix JS files returning 404/failed requests and resolve the listed runtime exceptions.