Skip to content

Changes

https://inco.by
Compared to previous audit · 3 weeks ago View previous audit

Sao Paulo, Brazil New York, United Stated

These audits ran from different locations. Timing metrics (TTFB, DNS, TLS) may reflect network path differences rather than site changes.

13
New issues
15
Resolved
22
score changes
CategoryPreviousCurrentChange
CompositeB (85)B (85)
PerformanceA (95)A+ (98) +3.000
SecurityB (86)B (80) -6.000
AccessibilityB (81)B (85) +4.000
SEOB (87)B (85) -2.000
InfrastructureB (84)B (86) +2.000
ComplianceD (63)D (63)
ContentC (73)C (75) +2.000
SustainabilityA (90)A (95) +5.000
MetricPreviousCurrentChange
Performance 100009600 -400
Accessibility 1000010000
Best Practices 1000010000
SEO 91005400 -3700
PWA 00
Desktop Performance 100009900 -100
Desktop Accessibility 1000010000
Desktop Best Practices 1000010000
Desktop SEO 91005400 -3700
FCP 965 ms1.74 s +771 ms
LCP 965 ms2.46 s +1.50 s
TBT 0 ms0 ms
CLS 0.0000.000 -0.000
Desktop FCP 246 ms454 ms +208 ms
Desktop LCP 246 ms529 ms +283 ms
Desktop TBT 0 ms0 ms
Desktop CLS 0.0000.000 -0.000
TTFB 2.05 s1.30 s -751 ms
DNS 219 ms230 ms +11 ms
TLS 125 ms8 ms -118 ms
Connect 116 ms1 ms -115 ms
Total 2.05 s1.74 s -312 ms

† Timing metrics may vary by worker location and do not necessarily indicate site changes.

CRITICAL HSTS header is missing security
CRITICAL No Content-Security-Policy header found security
CRITICAL Page has only 15 words — nearly empty seo
CRITICAL Page body has only 174 chars of text -- likely empty / placeholder security
CRITICAL Content-Security-Policy header is missing security
WARNING 1 software version(s) disclosed in HTML: WordPress 7.0 security
WARNING 9 of 12 links are healthy content
WARNING No headings found accessibility
WARNING DNS resolution is slow (371 ms) infrastructure
WARNING X-Frame-Options header is missing security
WARNING Compressed response missing `Vary` header performance
WARNING Broken link: https://inco.by/wp-content/uploads/2026/07/cropped-LOGO-1... content
WARNING Thin content — only 15 words seo
CRITICAL HTTP version does not redirect to HTTPS infrastructure
CRITICAL 9 of 14 links are healthy content
CRITICAL Page has only 18 words — nearly empty seo
CRITICAL No H1 heading found accessibility
CRITICAL Broken link: https://inco.by content
CRITICAL Broken link: https://inco.by/about/ content
WARNING X-Powered-By header reveals technology stack security
WARNING Thin content — only 18 words seo
WARNING base-uri directive is missing security
WARNING Skip navigation link is missing (WCAG 2.4.1) accessibility
WARNING default-src directive is missing security
WARNING form-action directive is missing security
WARNING DNS resolution is slow (340 ms) infrastructure
WARNING Broken link: https://inco.by/wp-includes/js/wp-emoji-release.min.js?ve... content
WARNING Broken link: https://inco.by/wp-json/ content
WARNING No DMARC record found security
WARNING No meta description tag found seo
WARNING GDPR Article 13 disclosure coverage: 0 / 8 categories compliance
WARNING Terms of Service not detected compliance
WARNING Broken link: https://inco.by/xmlrpc.php?rsd content
WARNING Referrer-Policy header is missing security
WARNING No Permissions-Policy header security
WARNING Cross-Origin-Embedder-Policy header is missing security
WARNING No privacy policy link detected compliance
WARNING No SPF record found security
WARNING No favicon.ico at site root accessibility
WARNING No accessibility statement detected compliance
WARNING No Open Graph meta tags found content
WARNING Permissions-Policy header is missing security
WARNING Cross-Origin-Opener-Policy header is missing security
WARNING No canonical tag found seo
WARNING Permissions-Policy header not set -- features default to allow-on-same-origin security
WARNING Privacy Policy not detected compliance
WARNING X-Content-Type-Options header is missing security
+ cf-cache-status DYNAMIC
+ alt-svc h3=":443"; ma=86400
x-powered-by PHP/8.3.31
strict-transport-security max-age=63072000;includeSubDomains; preload
vary Accept-Encoding
x-frame-options SAMEORIGIN
content-length 10740
content-security-policy frame-ancestors 'self';
content-encoding
gzip br
server
openresty cloudflare

2 headers unchanged

+ HTTP/3 Miscellaneous
+ Priority Hints Performance
+ Cloudflare CDN
Nginx Web servers
HSTS Security
OpenResty Web servers
Twitter Emoji (Twemoji) Font scripts
PHP v8.3.31 v
WordPress v v7.0

3 technologies unchanged

Looking ahead

+11 pts
B (85) Could reach A (96)
Security +20Compliance +16SEO +15Content +13Accessibility +8Infrastructure +4Performance +2

Estimate — actual results may vary (32 issues to fix)

Website improvement report — Inco

June 8, 2026 → July 2, 2026

B B 85 → 85 0 pts

15

Resolved

13

New issues

19

Still remaining

Financial summary

Investment delivered

Br2,660 in development time

Investment remaining

Br4,800 to complete the remaining items

Ongoing risk

Br0/month in ongoing exposure

Figures are estimates based on local developer hourly rate, industry CPC, and regulatory fine ranges.

Performance by category

MetricBeforeAfterChange
Overall score85 (B)85 (B)0
Performance95 (A)98 (A+)+3
Security86 (B)80 (B)-6
Accessibility81 (B)85 (B)+4
SEO87 (B)85 (B)-2
Infrastructure84 (B)86 (B)+2
Compliance63 (D)63 (D)0
Content73 (C)75 (C)+2
Sustainability90 (A)95 (A)+5

Resolved (15)

  • X-Powered-By header reveals technology stack (Security)

    → Reduced attack surface for visitors

  • HTTP version does not redirect to HTTPS (Infrastructure)

    → More reliable delivery

  • 9 of 14 links are healthy (Content)

    → Stronger social sharing and on-page quality

  • Thin content — only 18 words (SEO)

    → Better search engine visibility

  • Page has only 18 words — nearly empty (SEO)

    → Better search engine visibility

  • base-uri directive is missing (Security)

    → Reduced attack surface for visitors

  • Skip navigation link is missing (WCAG 2.4.1) (Accessibility)

    → Improved usability for assistive technology users

  • No H1 heading found (Accessibility)

    → Improved usability for assistive technology users

  • Broken link: https://inco.by (Content)

    → Stronger social sharing and on-page quality

  • default-src directive is missing (Security)

    → Reduced attack surface for visitors

  • form-action directive is missing (Security)

    → Reduced attack surface for visitors

  • Broken link: https://inco.by/about/ (Content)

    → Stronger social sharing and on-page quality

  • DNS resolution is slow (340 ms) (Infrastructure)

    → More reliable delivery

  • Broken link: https://inco.by/wp-includes/js/wp-emoji-release.min.js?ve... (Content)

    → Stronger social sharing and on-page quality

  • Broken link: https://inco.by/wp-json/ (Content)

    → Stronger social sharing and on-page quality

Recommended next steps (32)

  • Sprint 1

    HSTS header is missing (Security)

  • Sprint 2

    No Content-Security-Policy header found (Security)

  • Sprint 3

    Page has only 15 words — nearly empty (SEO)

  • Sprint 1

    Page body has only 174 chars of text -- likely empty / placeholder (Security)

  • Sprint 2

    Content-Security-Policy header is missing (Security)

  • Sprint 1

    1 software version(s) disclosed in HTML: WordPress 7.0 (Security)

  • Sprint 1

    9 of 12 links are healthy (Content)

  • Sprint 2

    No headings found (Accessibility)

  • Sprint 2

    DNS resolution is slow (371 ms) (Infrastructure)

  • Sprint 1

    X-Frame-Options header is missing (Security)

  • Sprint 2

    Compressed response missing `Vary` header (Performance)

  • Sprint 1

    Broken link: https://inco.by/wp-content/uploads/2026/07/cropped-LOGO-1... (Content)

  • Sprint 3

    Thin content — only 15 words (SEO)

  • Sprint 2

    No DMARC record found (Security)

  • Sprint 1

    No meta description tag found (SEO)

…and 17 more recommended item(s)

Send Feedback