Audit Result

UUID: 019f4f79-372a-711f-a165-7a9276bd5dfa

change-log-ai.vercel.app

https://change-log-ai.vercel.app/

Scanned 1 week ago

83
Fair Score
39 total checks
Passed
29
Warnings
7
Errors
3

Meta Information

  • Title Tag Pass

    Found 48 characters. Length is optimal.

  • Found 156 characters. Good snippet length.

  • Canonical found: https://change-log-ai.vercel.app

  • Favicon Pass

    Favicon found and reachable: /logo.svg (HTTP 200).

    Favicon
  • Viewport configured: width=device-width, initial-scale=1

  • HTML Lang Pass

    Language declared as "en".

Content Structure

  • H1 Tag Pass

    Exactly one H1 found: "TheAIChangelogGeneratorforDevelopers".

  • Valid heading flow across 22 headings.

  • All 24 images include alt text.

Technical Optimization

  • HTTPS Pass

    Page is served over HTTPS.

  • 1 HTTPS hardening issues detected.

    • • Could not probe the HTTP version of this page.
    • • Strict-Transport-Security: max-age=63072000; includeSubDomains; preload

    Fix: Set Strict-Transport-Security with a long max-age, add includeSubDomains, and redirect all HTTP requests to HTTPS.

  • Core security headers were detected.

    Full HTTP headers (19)
    • • age: 0
    • • cache-control: private, no-cache, no-store, max-age=0, must-revalidate
    • • content-encoding: br
    • • content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.stripe.com https://va.vercel-scripts.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://avatars.githubusercontent.com https://images.unsplash.com https://lh3.googleusercontent.com https://avatar.vercel.sh https://www.googletagmanager.com https://www.google-analytics.com https://grainy-gradients.vercel.app; connect-src 'self' https://api.github.com https://openrouter.ai https://api.stripe.com https://va.vercel-scripts.com https://www.google-analytics.com; frame-src https://js.stripe.com https://hooks.stripe.com
    • • content-type: text/html; charset=utf-8
    • • date: Sat, 11 Jul 2026 04:39:27 GMT
    • • link: </_next/static/media/2f13ad8e538108e0-s.p.0o52u8sd-fo14.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/media/83afe278b6a6bb3c-s.p.0q-301v4kxxnr.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2"
    • • permissions-policy: camera=(), microphone=(), geolocation=()
    • • referrer-policy: origin-when-cross-origin
    • • server: Vercel
    • • strict-transport-security: max-age=63072000; includeSubDomains; preload
    • • vary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
    • • x-content-type-options: nosniff
    • • x-dns-prefetch-control: on
    • • x-frame-options: SAMEORIGIN
    • • x-matched-path: /
    • • x-powered-by: Next.js
    • • x-vercel-cache: MISS
    • • x-vercel-id: iad1::iad1::bx4kv-1783744766515-013e6cb9a233
  • CSP Quality Error

    5 CSP hardening issues detected.

    • • script-src/default-src permits 'unsafe-inline'.
    • • script-src/default-src permits 'unsafe-eval'.
    • • CSP is missing object-src 'none'.
    • • CSP is missing a base-uri restriction.
    • • CSP is missing frame-ancestors protection.
    • • Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://js.stripe.com https://va.vercel-scripts.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https://avatars.githubusercontent.com https://images.unsplash.com https://lh3.googleusercontent.com https://avatar.vercel.sh https://www.googletagmanager.com https://www.google-analytics.com https://grainy-gradients.vercel.app; connect-src 'self' https://api.github.com https://openrouter.ai https://api.stripe.com https://va.vercel-scripts.com https://www.google-analytics.com; frame-src https://js.stripe.com https://hooks.stripe.com

    Fix: Tighten Content-Security-Policy by removing unsafe directives and adding object-src, base-uri, and frame-ancestors restrictions.

  • No first-party cookies were set during the initial page load.

  • Server response headers do not expose version tokens.

  • Domain does not appear to be behind Cloudflare.

  • Loaded in 1.44s (perceived).

  • 12 scripts and 2 styles may block rendering.

    • • script: https://change-log-ai.vercel.app/_next/static/chunks/03~yq9q893hmn.js
    • • script: https://change-log-ai.vercel.app/_next/static/chunks/05~__-txyx3x6.js
    • • script: https://change-log-ai.vercel.app/_next/static/chunks/0cmn374nzv494.js
    • • script: https://change-log-ai.vercel.app/_next/static/chunks/0gc19gmi323og.js
    • • script: https://change-log-ai.vercel.app/_next/static/chunks/0nt81kkjbacu~.js
    • • script: https://change-log-ai.vercel.app/_next/static/chunks/0pukaremx9a99.js
    • • script: https://change-log-ai.vercel.app/_next/static/chunks/0vkr8yg7_vakt.js
    • • script: https://change-log-ai.vercel.app/_next/static/chunks/0~h.yxn_~-hyw.js
    • • script: https://change-log-ai.vercel.app/_next/static/chunks/01sh0bb97r52s.js
    • • script: https://change-log-ai.vercel.app/_next/static/chunks/12b5t.fijmdn0.js
    • • script: https://change-log-ai.vercel.app/_next/static/chunks/0j583w8k3lncr.js
    • • script: https://change-log-ai.vercel.app/_next/static/chunks/15gm34y1g4gmv.js
    • • style: https://change-log-ai.vercel.app/_next/static/chunks/1616nfhfq28z2.css
    • • style: https://change-log-ai.vercel.app/_next/static/chunks/07wljndg~o2g0.css

    Fix: Defer non-critical scripts and inline critical CSS to improve first paint speed.

  • Compression Warning

    4 text resources look uncompressed.

    • • https://change-log-ai.vercel.app/_next/static/chunks/0cmn374nzv494.js (application/javascript; charset=utf-8)
    • • https://change-log-ai.vercel.app/login?signup=true&_rsc=1r34m (text/x-component)
    • • https://change-log-ai.vercel.app/login?_rsc=1r34m (text/x-component)
    • • https://change-log-ai.vercel.app/login?signup=true&_rsc=1f8nk (text/x-component)

    Fix: Enable Brotli or Gzip compression for HTML, CSS, JS, and JSON responses.

  • Robots.txt Pass

    Found robots.txt (200).

  • Found sitemap (200) at https://change-log-ai.vercel.app//sitemap.xml.

  • Robots meta found: index, follow

Accessibility Basics

  • All 0 controls are labeled.

  • Landmarks Pass

    Header, nav, main, and footer landmarks are present.

  • Tap Target Size Warning

    25 interactive elements appear smaller than 48px.

    • • a.flex.items-center (Changelog.ai) - 137x32px
    • • a.px-5.py-2 (Process) - 99x34px
    • • a.px-5.py-2 (Demo) - 78x34px
    • • button.flex.items-center (Resources) - 135x34px
    • • a.px-5.py-2 (Pricing) - 93x34px
    • • a.hidden.sm:block (Login) - 40x18px
    • • a.flex.items-center (Sign up) - 127x38px
    • • a.inline-flex.items-center (React) - 32x32px
    • • a.inline-flex.items-center (Next.js) - 32x32px
    • • a.inline-flex.items-center (TypeScript) - 32x32px
    • • a.inline-flex.items-center (Tailwind CSS) - 32x32px
    • • a.inline-flex.items-center (React) - 32x32px
    • • a.inline-flex.items-center (Next.js) - 32x32px
    • • a.inline-flex.items-center (TypeScript) - 32x32px
    • • a.inline-flex.items-center (Tailwind CSS) - 32x32px
    • • a.inline-flex.items-center (React) - 32x32px
    • • a.inline-flex.items-center (Next.js) - 32x32px
    • • a.inline-flex.items-center (TypeScript) - 32x32px
    • • a.inline-flex.items-center (Tailwind CSS) - 32x32px
    • • a.inline-flex.items-center (React) - 32x32px
    • • a.inline-flex.items-center (Next.js) - 32x32px
    • • a.inline-flex.items-center (TypeScript) - 32x32px
    • • a.inline-flex.items-center (Tailwind CSS) - 32x32px
    • • a.inline-flex.items-center (React) - 32x32px
    • • a.inline-flex.items-center (Next.js) - 32x32px

    Fix: Increase target size to at least 48x48 CSS pixels for touch interactions.

Social & Rich Results

  • Core Open Graph tags are present.

  • og:image URL returned HTTP 404.

    Fix: Make sure the og:image URL returns HTTP 200 and points to a publicly accessible image.

  • twitter:card set to summary_large_image.

  • JSON-LD schema detected.

  • Manifest and Apple touch icon are configured.

  • 2 social preview quality issues detected.

    • • ISSUE: og:url points to a different origin than the scanned page.
    • • ISSUE: Preview image URL failed with HTTP 404: https://changelog-ai.vercel.app/og-image.png
    • • GUIDELINE: Optimal og:title length: 40-60 characters (acceptable: 10-70).
    • • GUIDELINE: Optimal og:description length: 110-160 characters (acceptable: 50-200).
    • • GUIDELINE: Optimal preview image size: 1200x630 pixels.
    • • GUIDELINE: Optimal preview image aspect ratio: 1.91:1.
    • • GUIDELINE: Optimal preview image file size: under 5 MB.
    • • GUIDELINE: Recommended twitter:card: summary_large_image.

    Fix: Use absolute OG/Twitter URLs, keep metadata lengths in recommended ranges, and provide a preview image near 1200x630 under 5MB.

Links Analysis

  • Checked 13 links. No broken internal links found.

  • No broken external links found in checked URLs.

  • All 61 links use non-empty href values.

Performance & Runtime

  • Largest Contentful Paint: 3.72s.

    Fix: Improve LCP by optimizing above-the-fold media, reducing server latency, and inlining critical CSS.

  • Cumulative Layout Shift: 0.007.

  • Total Blocking Time estimate: 818ms.

    Fix: Reduce heavy JavaScript work, split long tasks, and defer non-critical scripts.

  • No failed CSS/JS/image/font/media requests detected.

  • No console/page runtime errors detected during audit.