Changes

https://xpenv.com

Compared to previous audit · 1 minute ago View previous audit

Madrid, Spain → Singapore, Singapore

These audits ran from different locations. Timing metrics (TTFB, DNS, TLS) may reflect network path differences rather than site changes.

New issues

Resolved

score changes

Category	Previous	Current	Change
Composite	B (87)	B (86)	-1.000
Performance	A+ (97)	A+ (98)	+1.000
Security	B (84)	C (79)	-5.000
Accessibility	B (81)	B (84)	+3.000
SEO	A (91)	B (85)	-6.000
Infrastructure	B (88)	A (94)	+6.000
Compliance	D (63)	C (70)	+7.000
Content	A+ (98)	C (76)	-22.000
Sustainability	A (95)	A+ (98)	+3.000

Metric	Previous	Current	Change
Performance	8800	9100	+300
Accessibility	9500	9500	—
Best Practices	7300	7300	—
SEO	10000	10000	—
PWA	0	0	—
Desktop Performance	9000	9800	+800
Desktop Accessibility	9500	9500	—
Desktop Best Practices	7300	7300	—
Desktop SEO	10000	10000	—
FCP	1.21 s	924 ms	-284 ms
LCP	1.80 s	1.55 s	-247 ms
TBT	126 ms	64 ms	-62 ms
CLS	0.000	0.000	—
Desktop FCP	329 ms	329 ms	—
Desktop LCP	450 ms	451 ms	—
Desktop TBT	0 ms	0 ms	—
Desktop CLS	0.000	0.000	—
TTFB †	249 ms	68 ms	-181 ms
DNS †	5 ms	1 ms	-4 ms
TLS †	9 ms	22 ms	+13 ms
Connect †	1 ms	17 ms	+16 ms
Total †	250 ms	68 ms	-181 ms

† Timing metrics may vary by worker location and do not necessarily indicate site changes.

CRITICAL Page has only 47 words — nearly empty seo

CRITICAL Scan returned a Cloudflare bot-protection interstitial, not the actual page security

WARNING No internal links found seo

WARNING SRI adoption: 0/1 third-party resources protected (0%) security

WARNING External script from challenges.cloudflare.com lacks integrity attribute security

WARNING 2 link(s) open in new tab without warning accessibility

WARNING 1 render-blocking <script src> tag(s) without async/defer performance

WARNING No Open Graph meta tags found content

WARNING No meta description tag found seo

WARNING Thin content — only 47 words seo

WARNING No canonical tag found seo

WARNING Title is only 16 characters — consider expanding seo

CRITICAL Page body has only 44 chars of text -- likely empty / placeholder security

CRITICAL No <main> landmark found accessibility

CRITICAL Page has only 6 words — nearly empty seo

WARNING No privacy policy link detected compliance

WARNING Thin content — only 6 words seo

WARNING Broken link: https://xpenv.com/assets/index-CW5Uzupm.js content

WARNING https://xpenv.com/cdn-cgi/challenge-platform/scrip...: 376ms CPU time performance

WARNING Privacy Policy not detected compliance

WARNING No headings found accessibility

WARNING IPv6 DNS records exist but server is not reachable infrastructure

WARNING No favicon.ico at site root accessibility

WARNING Broken link: https://xpenv.com/assets/index-DyJOIMUX.css content

WARNING <iframe> missing title attribute (src="") accessibility

WARNING 7 of 9 links are healthy content

CRITICAL Content-Security-Policy header is missing security

CRITICAL No Content-Security-Policy header found security

WARNING No accessibility statement detected compliance

WARNING Terms of Service not detected compliance

WARNING Dead-end page — no outgoing internal links seo

WARNING Referrer-Policy header is missing security

WARNING Cross-Origin-Embedder-Policy header is missing security

WARNING Main HTML cached for 1440 minutes -- risks stale auth / SPA state performance

WARNING HSTS max-age is too short (15552000s, should be ≥ 31536000s) security

WARNING No <nav> landmark found accessibility

WARNING Permissions-Policy header not set -- features default to allow-on-same-origin security

WARNING Skip navigation link is missing (WCAG 2.4.1) accessibility

WARNING GDPR Article 13 disclosure coverage: 0 / 8 categories compliance

WARNING Permissions-Policy header is missing security

WARNING No Permissions-Policy header security

WARNING X-Frame-Options header is missing security

WARNING Bare server default 404 page accessibility

WARNING Registrar lock is NOT enabled infrastructure

WARNING Cross-Origin-Opener-Policy header is missing security

last-modified

Mon, 25 May 2026 04:37:28 GMT → Mon, 25 May 2026 04:37:27 GMT

cf-cache-status

MISS → HIT

16 headers unchanged

+ AngularJS JavaScript frameworks

+ Cloudflare Turnstile Security

− Open Graph Miscellaneous

4 technologies unchanged

Looking ahead

+11 pts

B (86) Could reach A+ (97)

Security +21SEO +15Accessibility +13Compliance +10Content +4Infrastructure +4Performance +2

Estimate — actual results may vary (31 issues to fix)

Website improvement report — Xpenv

May 25, 2026 → May 25, 2026

B B 87 → 86 -1 pts

Resolved

New issues

Still remaining

Financial summary

Investment delivered

$2,292 in development time

Investment remaining

$3,517 to complete the remaining items

Ongoing risk

$0/month in ongoing exposure

Figures are estimates based on local developer hourly rate, industry CPC, and regulatory fine ranges.

Performance by category

Metric	Before	After	Change
Overall score	87 (B)	86 (B)	-1
Performance	97 (A+)	98 (A+)	+1
Security	84 (B)	79 (C)	-5
Accessibility	81 (B)	84 (B)	+3
SEO	91 (A)	85 (B)	-6
Infrastructure	88 (B)	94 (A)	+6
Compliance	63 (D)	70 (C)	+7
Content	98 (A+)	76 (C)	-22
Sustainability	95 (A)	98 (A+)	+3

Resolved (14)

No privacy policy link detected (Compliance)
→ Reduced regulatory exposure
Thin content — only 6 words (SEO)
→ Better search engine visibility
Broken link: https://xpenv.com/assets/index-CW5Uzupm.js (Content)
→ Stronger social sharing and on-page quality
https://xpenv.com/cdn-cgi/challenge-platform/scrip...: 376ms CPU time (Performance)
→ Page loads faster for users
Privacy Policy not detected (Compliance)
→ Reduced regulatory exposure
No headings found (Accessibility)
→ Improved usability for assistive technology users
Page body has only 44 chars of text -- likely empty / placeholder (Security)
→ Reduced attack surface for visitors
No <main> landmark found (Accessibility)
→ Improved usability for assistive technology users
IPv6 DNS records exist but server is not reachable (Infrastructure)
→ More reliable delivery
No favicon.ico at site root (Accessibility)
→ Improved usability for assistive technology users
Page has only 6 words — nearly empty (SEO)
→ Better search engine visibility
Broken link: https://xpenv.com/assets/index-DyJOIMUX.css (Content)
→ Stronger social sharing and on-page quality
<iframe> missing title attribute (src="") (Accessibility)
→ Improved usability for assistive technology users
7 of 9 links are healthy (Content)
→ Stronger social sharing and on-page quality

Recommended next steps (31)

Sprint 3
Page has only 47 words — nearly empty (SEO)
Sprint 1
Scan returned a Cloudflare bot-protection interstitial, not the actual page (Security)
Sprint 2
Content-Security-Policy header is missing (Security)
Sprint 2
No Content-Security-Policy header found (Security)
Sprint 1
No internal links found (SEO)
Sprint 1
SRI adoption: 0/1 third-party resources protected (0%) (Security)
Sprint 1
External script from challenges.cloudflare.com lacks integrity attribute (Security)
Sprint 1
2 link(s) open in new tab without warning (Accessibility)
Sprint 2
1 render-blocking <script src> tag(s) without async/defer (Performance)
Sprint 1
No Open Graph meta tags found (Content)
Sprint 1
No meta description tag found (SEO)
Sprint 3
Thin content — only 47 words (SEO)
Sprint 1
No canonical tag found (SEO)
Sprint 1
Title is only 16 characters — consider expanding (SEO)
Sprint 1
No accessibility statement detected (Compliance)

…and 16 more recommended item(s)

Browse & Analyze

Learn