Audit Result
UUID: 019f2690-b2c8-7261-b400-710337207d0f
https://help.dengyi123.com/
Scanned 2 weeks ago
Meta Information
-
Title Tag Pass
Found 59 characters. Length is optimal.
-
Meta Description Pass
Found 157 characters. Good snippet length.
-
Canonical URL Pass
Canonical found: https://help.dengyi123.com/
-
-
Viewport Meta Pass
Viewport configured: width=device-width, initial-scale=1.0, shrink-to-fit=no
-
HTML Lang Pass
Language declared as "en".
Content Structure
-
H1 Tag Pass
Exactly one H1 found: "China Bridge — Free Official China Travel Guide for Foreign Visitors".
-
Heading Hierarchy Warning
Detected 1 heading level jumps.
- • Skipped from h2 to h4: "Common Digital Issues in China (2026)" -> "Alipay or WeChat Pay payment failed for foreigners?".
Fix: Follow semantic order (h1 -> h2 -> h3) and avoid skipping heading levels.
-
Image Alt Text Pass
All 2 images include alt text.
Technical Optimization
-
HTTPS Pass
Page is served over HTTPS.
-
HSTS & HTTPS Redirect Warning
2 HTTPS hardening issues detected.
- • Missing Strict-Transport-Security header.
- • Could not probe the HTTP version of this page.
Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.
-
Security Headers Warning
Missing: strict-transport-security.
Full HTTP headers (19)
- • access-control-allow-origin: *
- • alt-svc: h3=":443"; ma=86400
- • cache-control: public, max-age=0, must-revalidate
- • cf-cache-status: DYNAMIC
- • cf-ray: a153abdc2983b4c2-IAD
- • content-encoding: br
- • content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https: data: blob:; connect-src 'self'; frame-src 'none'; object-src 'none'; base-uri 'self'; form-action 'self'
- • content-type: text/html; charset=utf-8
- • date: Fri, 03 Jul 2026 06:00:41 GMT
- • link: <https://help.dengyi123.com>; rel="preconnect", <https://fonts.googleapis.com>; rel="preconnect", <https://upload.wikimedia.org>; rel="preconnect", <https://help.dengyi123.com>; rel="preconnect"
- • nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
- • permissions-policy: geolocation=(), microphone=(), camera=()
- • referrer-policy: strict-origin-when-cross-origin
- • report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=garJQOK5rXYrMz8LJD34OvA5WlOVzqO%2Fzwx5hVCsyeQEwl%2FVCh0Rxmnom9weBYdQ1xahCn4ylTEQ3Z6f9KaJ9j16I3jVzKMDzB0BbDxZ8iqOticgitoWCXKjka9or4Vgqo7xsLxwnlS1zRFy%2FkPyaB8%3D"}]}
- • server: cloudflare
- • server-timing: cfCacheStatus;desc="DYNAMIC" cfEdge;dur=7,cfOrigin;dur=42
- • vary: accept-encoding
- • x-content-type-options: nosniff
- • x-frame-options: DENY
Fix: Add the missing security headers at your reverse proxy or application layer.
-
CSP Quality Error
2 CSP hardening issues detected.
- • script-src/default-src permits 'unsafe-inline'.
- • CSP is missing frame-ancestors protection.
- • Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https: data: blob:; connect-src 'self'; frame-src 'none'; object-src 'none'; base-uri 'self'; form-action 'self'
Fix: Tighten Content-Security-Policy by removing unsafe directives and adding object-src, base-uri, and frame-ancestors restrictions.
-
Cookie Security Pass
No first-party cookies were set during the initial page load.
-
Server response headers do not expose version tokens.
-
Cloudflare Proxy Pass
Domain appears to be behind Cloudflare.
- • server: cloudflare
- • cf-cache-status: DYNAMIC
- • cf-ray: a153abdc2983b4c2-IAD
-
Perceived Load Time Pass
Loaded in 0.58s (perceived).
-
Render Blocking Resources Warning
0 scripts and 2 styles may block rendering.
- • style: https://fonts.googleapis.com/css2?family=Outfit:wght@400;500;600;700;800&family=Noto+Sans+SC:wght@400;500;600;700&display=swap
- • style: https://help.dengyi123.com/assets/index-e6TeANtd.css
Fix: Defer non-critical scripts and inline critical CSS to improve first paint speed.
-
Compression Warning
1 text resources look uncompressed.
- • https://help.dengyi123.com/assets/build-meta-vPZ-rh83.js (application/javascript)
Fix: Enable Brotli or Gzip compression for HTML, CSS, JS, and JSON responses.
-
Robots.txt Pass
Found robots.txt (200).
-
Sitemap File Pass
Found sitemap (200) at https://help.dengyi123.com/sitemap.xml.
-
Crawl Directives Pass
Robots meta found: index, follow, max-image-preview:large
Accessibility Basics
-
Form Labels Pass
All 1 controls are labeled.
-
Landmarks Pass
Header, nav, main, and footer landmarks are present.
-
Tap Target Size Warning
18 interactive elements appear smaller than 48px.
- • a.flex.items-center (China Bridge) - 221x40px
- • button.flex.items-center (🇺🇸English) - 89x44px
- • button.flex.items-center (🇨🇳中文) - 73x44px
- • button.flex.items-center (🇰🇷한국어) - 85x44px
- • button.flex.items-center (Download All Cards (PNG)) - 193x44px
- • button.px-5.py-2.5 (All Cards) - 104x46px
- • button.px-5.py-2.5 (Payment) - 100x44px
- • button.px-5.py-2.5 (Transport) - 106x44px
- • button.px-5.py-2.5 (Food) - 74x44px
- • button.px-5.py-2.5 (Hotel) - 78x44px
- • button.px-5.py-2.5 (Health) - 86x44px
- • button.px-5.py-2.5 (Social) - 81x44px
- • a.text-sm.font-medium (View all →) - 65x20px
- • a.text-xs.text-rescue-red (View all 16 articles →) - 113x16px
- • a.text-xs.text-rescue-red (View all 16 articles →) - 113x16px
- • a.text-xs.text-rescue-red (View all 16 articles →) - 113x16px
- • a.text-xs.text-rescue-red (View all 14 articles →) - 113x16px
- • a.text-xs.text-rescue-red (View all 16 articles →) - 113x16px
Fix: Increase target size to at least 48x48 CSS pixels for touch interactions.
Social & Rich Results
-
Open Graph Basics Pass
Core Open Graph tags are present.
-
-
Twitter Card Pass
twitter:card set to summary_large_image.
-
Structured Data Pass
JSON-LD schema detected.
-
PWA Metadata Pass
Manifest and Apple touch icon are configured.
-
Open Graph/Twitter Quality Warning
2 social preview quality issues detected.
- • ISSUE: Preview image is below recommended size (1200x630).
- • ISSUE: Preview image aspect ratio (1.00) differs from the recommended ~1.91:1.
- • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
- • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
- • GUIDELINE: Optimal preview image size: 1200x630 pixels.
- • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
- • GUIDELINE: Optimal preview image file size: under 5 MB.
- • GUIDELINE: Recommended twitter:card: summary_large_image.
- • MEASURED: Image size: 0.01 MB
- • MEASURED: Image dimensions: 512x512
Fix: Use absolute OG/Twitter URLs, keep metadata lengths in recommended ranges, and provide a preview image near 1200x630 under 5MB.
Links Analysis
-
Internal Links Pass
Checked 45 links. No broken internal links found.
-
External Links Pass
No broken external links found in checked URLs.
-
Link Format Pass
All 72 links use non-empty href values.
Performance & Runtime
-
Core Web Vitals: LCP Pass
Largest Contentful Paint: 1.11s.
-
Core Web Vitals: CLS Pass
Cumulative Layout Shift: 0.028.
-
Main Thread Blocking (TBT) Warning
Total Blocking Time estimate: 268ms.
Fix: Reduce heavy JavaScript work, split long tasks, and defer non-critical scripts.
-
Broken Assets Error
1 asset requests failed.
- • https://static.cloudflareinsights.com/beacon.min.js/v4513226cdae34746b4dedf0b4dfa099e1781791509496 (csp)
Fix: Fix missing files, update asset URLs, and ensure static assets return HTTP 200.
-
JavaScript Runtime Errors Warning
2 JavaScript runtime issues detected.
- • Request failed: https://static.cloudflareinsights.com/beacon.min.js/v4513226cdae34746b4dedf0b4dfa099e1781791509496 (csp, type: script)
- • Loading the script 'https://static.cloudflareinsights.com/beacon.min.js/v4513226cdae34746b4dedf0b4dfa099e1781791509496' violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' blob:". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked. [https://help.dengyi123.com/:1]
Fix: Fix JS files returning 404/failed requests and resolve the listed runtime exceptions.