Skip to content

Changes

https://inco.by
Compared to previous audit · 1 week ago View previous audit

Madrid, Spain Sao Paulo, Brazil

These audits ran from different locations. Timing metrics (TTFB, DNS, TLS) may reflect network path differences rather than site changes.

16
New issues
12
Resolved
23
score changes
CategoryPreviousCurrentChange
CompositeB (85)B (84) -1.000
PerformanceA+ (98)A (96) -2.000
SecurityB (80)C (75) -5.000
AccessibilityB (85)B (81) -4.000
SEOB (85)B (85)
InfrastructureB (86)B (88) +2.000
ComplianceD (63)C (70) +7.000
ContentC (75)C (75)
SustainabilityA (95)A+ (98) +3.000
MetricPreviousCurrentChange
Performance 960010000 +400
Accessibility 1000010000
Best Practices 100008100 -1900
SEO 54009100 +3700
PWA 00
Desktop Performance 990010000 +100
Desktop Accessibility 1000010000
Desktop Best Practices 100008100 -1900
Desktop SEO 54009100 +3700
FCP 1.74 s868 ms -869 ms
LCP 2.46 s1.04 s -1.42 s
TBT 0 ms80 ms +80 ms
CLS 0.0000.000
Desktop FCP 454 ms207 ms -247 ms
Desktop LCP 529 ms480 ms -49 ms
Desktop TBT 0 ms0 ms
Desktop CLS 0.0000.000
TTFB 1.30 s360 ms -938 ms
DNS 230 ms68 ms -162 ms
TLS 8 ms40 ms +33 ms
Connect 1 ms17 ms +16 ms
Total 1.74 s432 ms -1.31 s

† Timing metrics may vary by worker location and do not necessarily indicate site changes.

CRITICAL No favicon or icon links detected accessibility
CRITICAL HTTP version does not redirect to HTTPS infrastructure
CRITICAL Scan returned a Cloudflare bot-protection interstitial, not the actual page security
CRITICAL Page has only 47 words — nearly empty seo
WARNING https://inco.by/cdn-cgi/challenge-platform/scripts...: 268ms CPU time performance
WARNING 1 render-blocking <script src> tag(s) without async/defer performance
WARNING Title is only 16 characters — consider expanding seo
WARNING 1 images missing explicit width/height content
WARNING 2 link(s) open in new tab without warning accessibility
WARNING Thin content — only 47 words seo
WARNING No internal links found seo
WARNING External script from challenges.cloudflare.com lacks integrity attribute security
WARNING SRI adoption: 0/1 third-party resources protected (0%) security
WARNING No <nav> landmark found accessibility
WARNING Skip navigation link is missing (WCAG 2.4.1) accessibility
WARNING Dead-end page — no outgoing internal links seo
CRITICAL Page has only 15 words — nearly empty seo
CRITICAL Page body has only 174 chars of text -- likely empty / placeholder security
WARNING Compressed response missing `Vary` header performance
WARNING No headings found accessibility
WARNING No privacy policy link detected compliance
WARNING Privacy Policy not detected compliance
WARNING Thin content — only 15 words seo
WARNING 9 of 12 links are healthy content
WARNING 1 software version(s) disclosed in HTML: WordPress 7.0 security
WARNING DNS resolution is slow (371 ms) infrastructure
WARNING Broken link: https://inco.by/xmlrpc.php?rsd content
WARNING Broken link: https://inco.by/wp-content/uploads/2026/07/cropped-LOGO-1... content
CRITICAL HSTS header is missing security
CRITICAL Content-Security-Policy header is missing security
CRITICAL No Content-Security-Policy header found security
WARNING Permissions-Policy header is missing security
WARNING Cross-Origin-Opener-Policy header is missing security
WARNING No SPF record found security
WARNING Terms of Service not detected compliance
WARNING Cross-Origin-Embedder-Policy header is missing security
WARNING No favicon.ico at site root accessibility
WARNING No meta description tag found seo
WARNING No Open Graph meta tags found content
WARNING No Permissions-Policy header security
WARNING No accessibility statement detected compliance
WARNING No DMARC record found security
WARNING X-Frame-Options header is missing security
WARNING Permissions-Policy header not set -- features default to allow-on-same-origin security
WARNING No canonical tag found seo
WARNING GDPR Article 13 disclosure coverage: 0 / 8 categories compliance
WARNING X-Content-Type-Options header is missing security
WARNING Referrer-Policy header is missing security
+ vary Accept-Encoding,Cookie
+ speculation-rules "/cdn-cgi/speculation"
+ cache-control max-age=3, must-revalidate
link <https://inco.by/wp-json/>; rel="https://api.w.org/"
alt-svc h3=":443"; ma=86400

4 headers unchanged

+ AngularJS JavaScript frameworks
+ Cloudflare Turnstile Security
Bulma Framework
HTTP/3 Miscellaneous
MySQL Databases
Priority Hints Performance
RSS Miscellaneous
PHP Programming languages
WordPress v7.0 v

1 technologies unchanged

Looking ahead

+13 pts
B (84) Could reach A+ (97)
Security +25Accessibility +19SEO +15Compliance +10Infrastructure +10Content +8Performance +4

Estimate — actual results may vary (36 issues to fix)

Website improvement report — Inco

July 2, 2026 → July 13, 2026

B B 85 → 84 -1 pts

12

Resolved

16

New issues

20

Still remaining

Financial summary

Investment delivered

Br3,090 in development time

Investment remaining

Br4,480 to complete the remaining items

Ongoing risk

Br0/month in ongoing exposure

Figures are estimates based on local developer hourly rate, industry CPC, and regulatory fine ranges.

Performance by category

MetricBeforeAfterChange
Overall score85 (B)84 (B)-1
Performance98 (A+)96 (A)-2
Security80 (B)75 (C)-5
Accessibility85 (B)81 (B)-4
SEO85 (B)85 (B)0
Infrastructure86 (B)88 (B)+2
Compliance63 (D)70 (C)+7
Content75 (C)75 (C)0
Sustainability95 (A)98 (A+)+3

Resolved (12)

  • Compressed response missing `Vary` header (Performance)

    → Page loads faster for users

  • No headings found (Accessibility)

    → Improved usability for assistive technology users

  • No privacy policy link detected (Compliance)

    → Reduced regulatory exposure

  • Privacy Policy not detected (Compliance)

    → Reduced regulatory exposure

  • Thin content — only 15 words (SEO)

    → Better search engine visibility

  • 9 of 12 links are healthy (Content)

    → Stronger social sharing and on-page quality

  • Page has only 15 words — nearly empty (SEO)

    → Better search engine visibility

  • Page body has only 174 chars of text -- likely empty / placeholder (Security)

    → Reduced attack surface for visitors

  • 1 software version(s) disclosed in HTML: WordPress 7.0 (Security)

    → Reduced attack surface for visitors

  • DNS resolution is slow (371 ms) (Infrastructure)

    → More reliable delivery

  • Broken link: https://inco.by/xmlrpc.php?rsd (Content)

    → Stronger social sharing and on-page quality

  • Broken link: https://inco.by/wp-content/uploads/2026/07/cropped-LOGO-1... (Content)

    → Stronger social sharing and on-page quality

Recommended next steps (36)

  • Sprint 1

    No favicon or icon links detected (Accessibility)

  • Sprint 1

    HTTP version does not redirect to HTTPS (Infrastructure)

  • Sprint 1

    Scan returned a Cloudflare bot-protection interstitial, not the actual page (Security)

  • Sprint 3

    Page has only 47 words — nearly empty (SEO)

  • Sprint 1

    HSTS header is missing (Security)

  • Sprint 2

    Content-Security-Policy header is missing (Security)

  • Sprint 2

    No Content-Security-Policy header found (Security)

  • Sprint 1

    https://inco.by/cdn-cgi/challenge-platform/scripts...: 268ms CPU time (Performance)

  • Sprint 2

    1 render-blocking <script src> tag(s) without async/defer (Performance)

  • Sprint 1

    Title is only 16 characters — consider expanding (SEO)

  • Sprint 1

    1 images missing explicit width/height (Content)

  • Sprint 1

    2 link(s) open in new tab without warning (Accessibility)

  • Sprint 3

    Thin content — only 47 words (SEO)

  • Sprint 1

    No internal links found (SEO)

  • Sprint 1

    External script from challenges.cloudflare.com lacks integrity attribute (Security)

…and 21 more recommended item(s)

Send Feedback