Report loading
www.experi.co.uk
Preparing the full page inventory and screenshots.
Report loading
Preparing the full page inventory and screenshots.
Fair
Health Score
Score by category
The headline health score combines page-level quality and site-wide repeat patterns, then stays anchored to the weakest visible category so it never looks worse than every category beneath it.
5 highest-impact findings, ranked.
The website is being accessed via 'http://'. This exposes users to man-in-the-middle (MITM) attacks and prevents the use of modern web features that require a secure context. Furthermore, the canonical link points to an HTTPS version, creating a mismatch that can cause SEO confusion if not properly redirected.
How to fix: Implement a permanent 301 redirect from HTTP to HTTPS and ensure an SSL/TLS certificate is active and valid.
On /
CSP contains insecure directives: 'unsafe-inline'. These weaken XSS protections.
How to fix: Remove unsafe-inline and unsafe-eval where possible. Use nonces or hashes for inline scripts.
On /story
The page lacks a 'Skip to Content' link at the beginning of the DOM. Keyboard users must tab through every single header navigation link before reaching the main content, which is inefficient for accessibility.
How to fix: Add a visually hidden link as the first focusable element in the <body> that anchors to the <main> element.
On /resources
No COOP header. The page may be vulnerable to cross-origin attacks via window references.
How to fix: Add: Cross-Origin-Opener-Policy: same-origin
On /story
No CORP header. Resources may be loadable by cross-origin pages.
How to fix: Add: Cross-Origin-Resource-Policy: same-origin (or same-site)
On /story
