Changes
Madrid, Spain → Sao Paulo, Brazil
These audits ran from different locations. Timing metrics (TTFB, DNS, TLS) may reflect network path differences rather than site changes.
| Category | Previous | Current | Change |
|---|---|---|---|
| Composite | B (85) | B (84) | -1.000 |
| Performance | A+ (98) | A (96) | -2.000 |
| Security | B (80) | C (75) | -5.000 |
| Accessibility | B (85) | B (81) | -4.000 |
| SEO | B (85) | B (85) | — |
| Infrastructure | B (86) | B (88) | +2.000 |
| Compliance | D (63) | C (70) | +7.000 |
| Content | C (75) | C (75) | — |
| Sustainability | A (95) | A+ (98) | +3.000 |
| Metric | Previous | Current | Change |
|---|---|---|---|
| Performance | 9600 | 10000 | +400 |
| Accessibility | 10000 | 10000 | — |
| Best Practices | 10000 | 8100 | -1900 |
| SEO | 5400 | 9100 | +3700 |
| PWA | 0 | 0 | — |
| Desktop Performance | 9900 | 10000 | +100 |
| Desktop Accessibility | 10000 | 10000 | — |
| Desktop Best Practices | 10000 | 8100 | -1900 |
| Desktop SEO | 5400 | 9100 | +3700 |
| FCP | 1.74 s | 868 ms | -869 ms |
| LCP | 2.46 s | 1.04 s | -1.42 s |
| TBT | 0 ms | 80 ms | +80 ms |
| CLS | 0.000 | 0.000 | — |
| Desktop FCP | 454 ms | 207 ms | -247 ms |
| Desktop LCP | 529 ms | 480 ms | -49 ms |
| Desktop TBT | 0 ms | 0 ms | — |
| Desktop CLS | 0.000 | 0.000 | — |
| TTFB † | 1.30 s | 360 ms | -938 ms |
| DNS † | 230 ms | 68 ms | -162 ms |
| TLS † | 8 ms | 40 ms | +33 ms |
| Connect † | 1 ms | 17 ms | +16 ms |
| Total † | 1.74 s | 432 ms | -1.31 s |
† Timing metrics may vary by worker location and do not necessarily indicate site changes.
vary Accept-Encoding,Cookiespeculation-rules "/cdn-cgi/speculation"cache-control max-age=3, must-revalidatelink <https://inco.by/wp-json/>; rel="https://api.w.org/"alt-svc h3=":443"; ma=864004 headers unchanged
1 technologies unchanged
Looking ahead
+13 ptsEstimate — actual results may vary (36 issues to fix)
Website improvement report — Inco
July 2, 2026 → July 13, 2026
12
Resolved
16
New issues
20
Still remaining
Financial summary
Investment delivered
Br3,090 in development time
Investment remaining
Br4,480 to complete the remaining items
Ongoing risk
Br0/month in ongoing exposure
Figures are estimates based on local developer hourly rate, industry CPC, and regulatory fine ranges.
Performance by category
| Metric | Before | After | Change |
|---|---|---|---|
| Overall score | 85 (B) | 84 (B) | -1 |
| Performance | 98 (A+) | 96 (A) | -2 |
| Security | 80 (B) | 75 (C) | -5 |
| Accessibility | 85 (B) | 81 (B) | -4 |
| SEO | 85 (B) | 85 (B) | 0 |
| Infrastructure | 86 (B) | 88 (B) | +2 |
| Compliance | 63 (D) | 70 (C) | +7 |
| Content | 75 (C) | 75 (C) | 0 |
| Sustainability | 95 (A) | 98 (A+) | +3 |
Resolved (12)
Compressed response missing `Vary` header (Performance)
→ Page loads faster for users
No headings found (Accessibility)
→ Improved usability for assistive technology users
No privacy policy link detected (Compliance)
→ Reduced regulatory exposure
Privacy Policy not detected (Compliance)
→ Reduced regulatory exposure
Thin content — only 15 words (SEO)
→ Better search engine visibility
9 of 12 links are healthy (Content)
→ Stronger social sharing and on-page quality
Page has only 15 words — nearly empty (SEO)
→ Better search engine visibility
Page body has only 174 chars of text -- likely empty / placeholder (Security)
→ Reduced attack surface for visitors
1 software version(s) disclosed in HTML: WordPress 7.0 (Security)
→ Reduced attack surface for visitors
DNS resolution is slow (371 ms) (Infrastructure)
→ More reliable delivery
Broken link: https://inco.by/xmlrpc.php?rsd (Content)
→ Stronger social sharing and on-page quality
Broken link: https://inco.by/wp-content/uploads/2026/07/cropped-LOGO-1... (Content)
→ Stronger social sharing and on-page quality
Recommended next steps (36)
- Sprint 1
No favicon or icon links detected (Accessibility)
- Sprint 1
HTTP version does not redirect to HTTPS (Infrastructure)
- Sprint 1
Scan returned a Cloudflare bot-protection interstitial, not the actual page (Security)
- Sprint 3
Page has only 47 words — nearly empty (SEO)
- Sprint 1
HSTS header is missing (Security)
- Sprint 2
Content-Security-Policy header is missing (Security)
- Sprint 2
No Content-Security-Policy header found (Security)
- Sprint 1
https://inco.by/cdn-cgi/challenge-platform/scripts...: 268ms CPU time (Performance)
- Sprint 2
1 render-blocking <script src> tag(s) without async/defer (Performance)
- Sprint 1
Title is only 16 characters — consider expanding (SEO)
- Sprint 1
1 images missing explicit width/height (Content)
- Sprint 1
2 link(s) open in new tab without warning (Accessibility)
- Sprint 3
Thin content — only 47 words (SEO)
- Sprint 1
No internal links found (SEO)
- Sprint 1
External script from challenges.cloudflare.com lacks integrity attribute (Security)
…and 21 more recommended item(s)