Skip to content

Changes

https://xpenv.com
Compared to previous audit · 18 minutes ago View previous audit

Singapore, Singapore Madrid, Spain

These audits ran from different locations. Timing metrics (TTFB, DNS, TLS) may reflect network path differences rather than site changes.

14
New issues
16
Resolved
26
score changes
CategoryPreviousCurrentChange
CompositeB (85)B (87) +2.000
PerformanceA (94)A+ (97) +3.000
SecurityC (79)B (84) +5.000
AccessibilityB (84)B (81) -3.000
SEOB (85)A (91) +6.000
InfrastructureA (94)B (88) -6.000
ComplianceC (70)D (63) -7.000
ContentC (76)A+ (98) +22.000
SustainabilityB (88)A (95) +7.000
MetricPreviousCurrentChange
Performance 74008800 +1400
Accessibility 96009500 -100
Best Practices 73007300
SEO 1000010000
PWA 00
Desktop Performance 99009000 -900
Desktop Accessibility 100009500 -500
Desktop Best Practices 73007300
Desktop SEO 1000010000
FCP 3.03 s1.21 s -1.82 s
LCP 3.69 s1.80 s -1.89 s
TBT 395 ms126 ms -269 ms
CLS 0.0410.000 -0.041
Desktop FCP 686 ms329 ms -357 ms
Desktop LCP 979 ms450 ms -529 ms
Desktop TBT 17 ms0 ms -17 ms
Desktop CLS 0.0030.000 -0.003
TTFB 116 ms249 ms +133 ms
DNS 1 ms5 ms +4 ms
TLS 22 ms9 ms -13 ms
Connect 17 ms1 ms -16 ms
Total 117 ms250 ms +133 ms

† Timing metrics may vary by worker location and do not necessarily indicate site changes.

CRITICAL Page has only 6 words — nearly empty seo
CRITICAL No <main> landmark found accessibility
CRITICAL Page body has only 44 chars of text -- likely empty / placeholder security
WARNING IPv6 DNS records exist but server is not reachable infrastructure
WARNING No favicon.ico at site root accessibility
WARNING Thin content — only 6 words seo
WARNING 7 of 9 links are healthy content
WARNING No privacy policy link detected compliance
WARNING Privacy Policy not detected compliance
WARNING Broken link: https://xpenv.com/assets/index-CW5Uzupm.js content
WARNING https://xpenv.com/cdn-cgi/challenge-platform/scrip...: 376ms CPU time performance
WARNING <iframe> missing title attribute (src="") accessibility
WARNING No headings found accessibility
WARNING Broken link: https://xpenv.com/assets/index-DyJOIMUX.css content
CRITICAL Page has only 47 words — nearly empty seo
CRITICAL Scan returned a Cloudflare bot-protection interstitial, not the actual page security
CRITICAL Transfer efficiency: 42% sustainability
WARNING Thin content — only 47 words seo
WARNING No internal links found seo
WARNING https://xpenv.com/assets/index-CW5Uzupm.js: 504ms CPU time performance
WARNING No canonical tag found seo
WARNING No Open Graph meta tags found content
WARNING Unattributable: 320ms CPU time performance
WARNING https://xpenv.com/assets/index-CW5Uzupm.js: 260 KB unused (63%) performance
WARNING Title is only 16 characters — consider expanding seo
WARNING External script from challenges.cloudflare.com lacks integrity attribute security
WARNING 2 link(s) open in new tab without warning accessibility
WARNING https://xpenv.com/cdn-cgi/challenge-platform/scrip...: 266ms CPU time performance
WARNING No meta description tag found seo
WARNING SRI adoption: 0/1 third-party resources protected (0%) security
CRITICAL No Content-Security-Policy header found security
CRITICAL Content-Security-Policy header is missing security
WARNING No <nav> landmark found accessibility
WARNING Cross-Origin-Embedder-Policy header is missing security
WARNING Bare server default 404 page accessibility
WARNING Skip navigation link is missing (WCAG 2.4.1) accessibility
WARNING HSTS max-age is too short (15552000s, should be ≥ 31536000s) security
WARNING Permissions-Policy header not set -- features default to allow-on-same-origin security
WARNING Main HTML cached for 1440 minutes -- risks stale auth / SPA state performance
WARNING Dead-end page — no outgoing internal links seo
WARNING Terms of Service not detected compliance
WARNING GDPR Article 13 disclosure coverage: 0 / 8 categories compliance
WARNING Permissions-Policy header is missing security
WARNING No accessibility statement detected compliance
WARNING Referrer-Policy header is missing security
WARNING Registrar lock is NOT enabled infrastructure
WARNING X-Frame-Options header is missing security
WARNING No Permissions-Policy header security
WARNING Cross-Origin-Opener-Policy header is missing security
last-modified
Mon, 25 May 2026 04:37:27 GMT Mon, 25 May 2026 04:37:28 GMT
cf-cache-status
DYNAMIC MISS

16 headers unchanged

+ Open Graph Miscellaneous
AngularJS JavaScript frameworks
Cloudflare Turnstile Security

4 technologies unchanged

Looking ahead

+11 pts
B (87) Could reach A+ (98)
Accessibility +19Compliance +16Security +16SEO +9Infrastructure +8Performance +3Content +2

Estimate — actual results may vary (33 issues to fix)

Website improvement report — Xpenv

May 25, 2026 → May 25, 2026

B B 85 → 87 +2 pts

16

Resolved

14

New issues

19

Still remaining

Financial summary

Investment delivered

$2,683 in development time

Investment remaining

$3,725 to complete the remaining items

Ongoing risk

$0/month in ongoing exposure

Figures are estimates based on local developer hourly rate, industry CPC, and regulatory fine ranges.

Performance by category

MetricBeforeAfterChange
Overall score85 (B)87 (B)+2
Performance94 (A)97 (A+)+3
Security79 (C)84 (B)+5
Accessibility84 (B)81 (B)-3
SEO85 (B)91 (A)+6
Infrastructure94 (A)88 (B)-6
Compliance70 (C)63 (D)-7
Content76 (C)98 (A+)+22
Sustainability88 (B)95 (A)+7

Resolved (16)

  • Page has only 47 words — nearly empty (SEO)

    → Better search engine visibility

  • Thin content — only 47 words (SEO)

    → Better search engine visibility

  • No internal links found (SEO)

    → Better search engine visibility

  • https://xpenv.com/assets/index-CW5Uzupm.js: 504ms CPU time (Performance)

    → Page loads faster for users

  • No canonical tag found (SEO)

    → Better search engine visibility

  • No Open Graph meta tags found (Content)

    → Stronger social sharing and on-page quality

  • Unattributable: 320ms CPU time (Performance)

    → Page loads faster for users

  • https://xpenv.com/assets/index-CW5Uzupm.js: 260 KB unused (63%) (Performance)

    → Page loads faster for users

  • Title is only 16 characters — consider expanding (SEO)

    → Better search engine visibility

  • Scan returned a Cloudflare bot-protection interstitial, not the actual page (Security)

    → Reduced attack surface for visitors

  • External script from challenges.cloudflare.com lacks integrity attribute (Security)

    → Reduced attack surface for visitors

  • 2 link(s) open in new tab without warning (Accessibility)

    → Improved usability for assistive technology users

  • https://xpenv.com/cdn-cgi/challenge-platform/scrip...: 266ms CPU time (Performance)

    → Page loads faster for users

  • Transfer efficiency: 42% (Sustainability)

    → Lower carbon footprint per page view

  • No meta description tag found (SEO)

    → Better search engine visibility

…and 1 more resolved issue(s)

Recommended next steps (33)

  • Sprint 3

    Page has only 6 words — nearly empty (SEO)

  • Sprint 1

    No <main> landmark found (Accessibility)

  • Sprint 1

    Page body has only 44 chars of text -- likely empty / placeholder (Security)

  • Sprint 2

    No Content-Security-Policy header found (Security)

  • Sprint 2

    Content-Security-Policy header is missing (Security)

  • Sprint 2

    IPv6 DNS records exist but server is not reachable (Infrastructure)

  • Sprint 1

    No favicon.ico at site root (Accessibility)

  • Sprint 3

    Thin content — only 6 words (SEO)

  • Sprint 1

    7 of 9 links are healthy (Content)

  • Sprint 2

    No privacy policy link detected (Compliance)

  • Sprint 1

    Privacy Policy not detected (Compliance)

  • Sprint 1

    Broken link: https://xpenv.com/assets/index-CW5Uzupm.js (Content)

  • Sprint 1

    https://xpenv.com/cdn-cgi/challenge-platform/scrip...: 376ms CPU time (Performance)

  • Sprint 1

    <iframe> missing title attribute (src="") (Accessibility)

  • Sprint 2

    No headings found (Accessibility)

…and 18 more recommended item(s)

Send Feedback