Changes
Amsterdam, Netherlands → Santa Clara, United States
These audits ran from different locations. Timing metrics (TTFB, DNS, TLS) may reflect network path differences rather than site changes.
| Category | Previous | Current | Change |
|---|---|---|---|
| Composite | B (80) | B (82) | +2.000 |
| Performance | A (96) | A (93) | -3.000 |
| Security | D (66) | C (76) | +10.000 |
| Accessibility | D (66) | D (66) | — |
| SEO | B (89) | B (89) | — |
| Infrastructure | B (86) | B (85) | -1.000 |
| Compliance | A (90) | A (90) | — |
| Content | D (68) | D (68) | — |
| Sustainability | A+ (97) | B (89) | -8.000 |
| Metric | Previous | Current | Change |
|---|---|---|---|
| Performance | 9500 | 5800 | -3700 |
| Accessibility | 9500 | 9500 | — |
| Best Practices | 10000 | 9600 | -400 |
| SEO | 10000 | 10000 | — |
| PWA | 0 | 0 | — |
| Desktop Performance | 10000 | 9600 | -400 |
| Desktop Accessibility | 9500 | 9500 | — |
| Desktop Best Practices | 10000 | 9600 | -400 |
| Desktop SEO | 10000 | 10000 | — |
| FCP | 927 ms | 1.23 s | +300 ms |
| LCP | 2.32 s | 4.88 s | +2.55 s |
| TBT | 149 ms | 1.24 s | +1.09 s |
| CLS | 0.000 | 0.000 | — |
| Desktop FCP | 265 ms | 395 ms | +130 ms |
| Desktop LCP | 474 ms | 654 ms | +180 ms |
| Desktop TBT | 0 ms | 142 ms | +142 ms |
| Desktop CLS | 0.000 | 0.000 | — |
| TTFB † | 282 ms | 1.48 s | +1.19 s |
| DNS † | 19 ms | 14 ms | -6 ms |
| TLS † | 14 ms | 127 ms | +113 ms |
| Connect † | 4 ms | 1 ms | -3 ms |
| Total † | 284 ms | 1.48 s | +1.19 s |
† Timing metrics may vary by worker location and do not necessarily indicate site changes.
Projected vs. Actual
Estimate — actual results may vary
x-frame-options DENYcross-origin-opener-policy same-origincontent-security-policy-report-only default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none...referrer-policy strict-origin-when-cross-originpermissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), m...x-content-type-options nosniffx-powered-by Next.jsx-vercel-id sfo1::iad1::lvsf7-1776397921468-a9a2d573c563 → fra1::iad1::b8rwb-1776423795468-7dbc0a86f47e8 headers unchanged
12 technologies unchanged
Looking ahead
+11 ptsEstimate — actual results may vary (20 issues to fix)
Website improvement report — Shotprep
April 17, 2026 → April 17, 2026
13
Resolved
11
New issues
9
Still remaining
Financial summary
Investment delivered
$1,258 in development time
Investment remaining
$4,375 to complete the remaining items
Ongoing risk
$0/month in ongoing exposure
Figures are estimates based on local developer hourly rate, industry CPC, and regulatory fine ranges.
Performance by category
| Metric | Before | After | Change |
|---|---|---|---|
| Overall score | 80 (B) | 82 (B) | +2 |
| Performance | 96 (A) | 93 (A) | -3 |
| Security | 66 (D) | 76 (C) | +10 |
| Accessibility | 66 (D) | 66 (D) | 0 |
| SEO | 89 (B) | 89 (B) | 0 |
| Infrastructure | 86 (B) | 85 (B) | -1 |
| Compliance | 90 (A) | 90 (A) | 0 |
| Content | 68 (D) | 68 (D) | 0 |
| Sustainability | 97 (A+) | 89 (B) | -8 |
Resolved (13)
X-Frame-Options header is missing (Security)
→ Reduced attack surface for visitors
Permissions-Policy header is missing (Security)
→ Reduced attack surface for visitors
Cross-Origin-Opener-Policy header is missing (Security)
→ Reduced attack surface for visitors
No meta description tag found (SEO)
→ Better search engine visibility
No accessibility statement detected (Compliance)
→ Reduced regulatory exposure
X-Powered-By header reveals technology stack (Security)
→ Reduced attack surface for visitors
No Permissions-Policy header (Security)
→ Reduced attack surface for visitors
https://shotprep.io/_next/static/chunks/0h4bq73pog...: 448ms CPU time (Performance)
→ Page loads faster for users
https://shotprep.io/_next/static/chunks/0h4bq73pog...: 27 KB unused (39%) (Performance)
→ Page loads faster for users
Referrer-Policy header is missing (Security)
→ Reduced attack surface for visitors
https://shotprep.io/: 453ms CPU time (Performance)
→ Page loads faster for users
X-Content-Type-Options header is missing (Security)
→ Reduced attack surface for visitors
GDPR Article 13 disclosure coverage: 0 / 8 categories (Compliance)
→ Reduced regulatory exposure
Recommended next steps (20)
- Sprint 1
1 image-only link(s) without alt text (Accessibility)
- Sprint 2
Content-Security-Policy header is missing (Security)
- Sprint 2
No Content-Security-Policy header found (Security)
- Sprint 1
https://shotprep.io/: 806ms CPU time (Performance)
- Sprint 2
DNS resolution is slow (256 ms) (Infrastructure)
- Sprint 1
https://shotprep.io/_next/static/chunks/10~x95jhs6...: 1316ms CPU time (Performance)
- Sprint 1
https://shotprep.io/_next/static/chunks/0pfzsr1~bc...: 575ms CPU time (Performance)
- Sprint 3
https://us-assets.i.posthog.com/static/posthog-rec...: 25 KB unused (48%) (Performance)
- Sprint 1
Unattributable: 363ms CPU time (Performance)
- Sprint 3
https://shotprep.io/_next/static/chunks/10~x95jhs6...: 27 KB unused (39%) (Performance)
- Sprint 1
Transfer efficiency: 74% (Sustainability)
- Sprint 3
https://us-assets.i.posthog.com/static/surveys.js?...: 25 KB unused (80%) (Performance)
- Sprint 3
https://shotprep.io/_next/static/chunks/0pfzsr1~bc...: 33 KB unused (52%) (Performance)
- Sprint 1
HTTP→HTTPS redirect uses 302 instead of 301 (Infrastructure)
- Sprint 1
HSTS is missing includeSubDomains (Security)
…and 5 more recommended item(s)