Site audit · 4/23/2026, 5:51:56 AM
ux-roy.github.io
Free SEO, performance and security audit for ux-roy.github.io. Score 94 of 100.
Score
94
excellent
Audited
https://ux-roy.github.io/
Status
200
Load
23ms
Size
50kb
Links
2+5
AI summary
Top 3 wins, ranked by impact and time-to-ship. 3 generations per day.
Recommendations
5 to improveMissing Content-Security-PolicySecurity
The single biggest XSS mitigation. Start with a permissive default-src and tighten over time.
Missing X-Content-Type-OptionsSecurity
Prevents MIME-sniffing attacks. Add: X-Content-Type-Options: nosniff
Missing Referrer-PolicySecurity
Controls how much URL info leaks to third parties. Try: strict-origin-when-cross-origin
Missing Permissions-PolicySecurity
Restricts powerful APIs (camera, geolocation, etc.). Set a tight allow-list.
Missing X-Frame-OptionsSecurity
Prevents clickjacking. Use frame-ancestors in CSP, or X-Frame-Options: SAMEORIGIN.
What's working
9 ✓Title looks goodSEO
Suman Kanti Roy ✦ Portfolio
Meta description setSEO
99 chars
Viewport meta setSEO
Mobile rendering is enabled.
Single H1 presentStructure
Suman Kanti Roy
Open Graph completeSocial
Looks great in Facebook, LinkedIn, Slack previews.
Structured data: PersonSEO
Eligible for rich results in search.
HTTPS enabledSecurity
Connection is encrypted.
Compression: gzipPerformance
HTML is compressed in transit.
Fast first responsePerformance
23ms — feels instant.
Heading outline
12 found- H3 Hello I'm
- H1 Suman Kanti Roy
- H2 Senior Product Designer & UX Consultant
- H2 Professional Career
- H3 Education
- H3 Certification
- H3 Achievement
- H2 Skills & Expertise
- H3 Tools Proficiency
- H3 Design Competency
- H3 Research & Collaboration
- H3 Frontend & AI Technology
Security headers
HTTP response| Strict-Transport-Security | set |
| Content-Security-Policy | missing |
| X-Content-Type-Options | missing |
| Referrer-Policy | missing |
| Permissions-Policy | missing |
| X-Frame-Options | missing |
Want this every week?
Track it live with vibestat.
Add one script to your site. See real visitors, Core Web Vitals, and weekly recommendations — all without cookies.