Changes
| Category | Previous | Current | Change |
|---|---|---|---|
| Composite | B (88) | B (89) | +1.000 |
| Performance | A (94) | A (94) | — |
| Security | B (86) | B (86) | — |
| Accessibility | B (83) | B (83) | — |
| SEO | A+ (97) | A+ (97) | — |
| Infrastructure | A (91) | A (94) | +3.000 |
| Compliance | D (69) | D (69) | — |
| Content | A+ (99) | A+ (99) | — |
| Sustainability | B (88) | B (88) | — |
| Metric | Previous | Current | Change |
|---|---|---|---|
| Performance | 6900 | 7000 | +100 |
| Accessibility | 9600 | 9600 | — |
| Best Practices | 7300 | 7300 | — |
| SEO | 10000 | 10000 | — |
| PWA | 0 | 0 | — |
| Desktop Performance | 9900 | 9900 | — |
| Desktop Accessibility | 10000 | 10000 | — |
| Desktop Best Practices | 7300 | 7300 | — |
| Desktop SEO | 10000 | 10000 | — |
| FCP | 3.32 s | 3.32 s | — |
| LCP | 3.77 s | 3.77 s | — |
| TBT | 504 ms | 466 ms | -38 ms |
| CLS | 0.041 | 0.041 | — |
| Desktop FCP | 684 ms | 695 ms | +11 ms |
| Desktop LCP | 983 ms | 986 ms | — |
| Desktop TBT | 50 ms | 60 ms | +10 ms |
| Desktop CLS | 0.003 | 0.003 | — |
| TTFB † | 259 ms | 27 ms | -232 ms |
| DNS † | 12 ms | 3 ms | -10 ms |
| TLS † | 10 ms | 7 ms | -3 ms |
| Connect † | 2 ms | 1 ms | -0 ms |
| Total † | 260 ms | 28 ms | -232 ms |
† Timing metrics may vary by worker location and do not necessarily indicate site changes.
cf-cache-status EXPIRED → HIT17 headers unchanged
Technology stack unchanged
8 technologies unchanged
Looking ahead
+9 ptsEstimate — actual results may vary (27 issues to fix)
Website improvement report — Xpenv
May 26, 2026 → May 26, 2026
3
Resolved
3
New issues
24
Still remaining
Financial summary
Investment remaining
€2,203 to complete the remaining items
Ongoing risk
€0/month in ongoing exposure
Figures are estimates based on local developer hourly rate, industry CPC, and regulatory fine ranges.
Performance by category
| Metric | Before | After | Change |
|---|---|---|---|
| Overall score | 88 (B) | 89 (B) | +1 |
| Performance | 94 (A) | 94 (A) | 0 |
| Security | 86 (B) | 86 (B) | 0 |
| Accessibility | 83 (B) | 83 (B) | 0 |
| SEO | 97 (A+) | 97 (A+) | 0 |
| Infrastructure | 91 (A) | 94 (A) | +3 |
| Compliance | 69 (D) | 69 (D) | 0 |
| Content | 99 (A+) | 99 (A+) | 0 |
| Sustainability | 88 (B) | 88 (B) | 0 |
Resolved (3)
https://xpenv.com/assets/index-22d4mitO.js: 739ms CPU time (Performance)
→ Page loads faster for users
https://xpenv.com/: 284ms CPU time (Performance)
→ Page loads faster for users
Unattributable: 420ms CPU time (Performance)
→ Page loads faster for users
Recommended next steps (27)
- Sprint 2
No Content-Security-Policy header found (Security)
- Sprint 1
No H1 heading found (Accessibility)
- Sprint 1
Transfer efficiency: 41% (Sustainability)
- Sprint 2
Content-Security-Policy header is missing (Security)
- Sprint 1
https://xpenv.com/assets/index-22d4mitO.js: 715ms CPU time (Performance)
- Sprint 1
https://xpenv.com/: 253ms CPU time (Performance)
- Sprint 1
Unattributable: 442ms CPU time (Performance)
- Sprint 1
Cross-Origin-Opener-Policy header is missing (Security)
- Sprint 1
Bare server default 404 page (Accessibility)
- Sprint 2
No privacy policy link detected (Compliance)
- Sprint 1
No accessibility statement detected (Compliance)
- Sprint 1
HSTS max-age is too short (15552000s, should be ≥ 31536000s) (Security)
- Sprint 1
X-Frame-Options header is missing (Security)
- Sprint 1
Login form does not contain a recognizable CSRF token (Security)
- Sprint 3
https://xpenv.com/assets/index-22d4mitO.js: 259 KB unused (64%) (Performance)
…and 12 more recommended item(s)