herlitz .io

- The website is quite slow.

Performance section:
- Total Blocking Time: 110 ms 4.90
- Cumulative Layout Shift: 0.493 1.00
- Largest Contentful Paint: 4.7 s 1.60
- First Contentful Paint: 2.8 s 2.85
- Speed Index: 3.6 s 4.35
- Preconnect to required origins 1.00
- Largest Contentful Paint element 1.00
- Avoid large layout shifts 1.00
- Eliminate render-blocking resources 1.00
- Minify JavaScript 1.00
- Reduce unused CSS 1.00
- Reduce unused JavaScript 1.00
- Use HTTP/2 1.00
- Ensure text remains visible during webfont load: 2.50
- Image elements do not have explicit `width` and `height`: 2.50
- Serve static assets with an efficient cache policy: 3 resources found 2.50
- Defer offscreen images: Potential savings of 15 KiB 2.50
- Serve images in next-gen formats: Potential savings of 234 KiB 2.50
- Enable text compression: Potential savings of 4 KiB 2.50
- Avoid serving legacy JavaScript to modern browsers: Potential savings of 10 KiB 2.50
- Time to Interactive: 4.8 s 3.95
- Max Potential First Input Delay: 130 ms 4.50
- Has a `<meta name="viewport">` tag with `width` or `initial-scale` 5.00
- Screenshot Thumbnails 5.00
- Final Screenshot 5.00
- Initial server response time was short 5.00
- Avoid chaining critical requests 5.00
- Avoid multiple page redirects 5.00
- Minimizes main-thread work 5.00
- JavaScript execution time 5.00
- Diagnostics 5.00
- Network Requests 5.00
- Network Round Trip Times 5.00
- Server Backend Latencies 5.00
- Tasks 5.00
- Metrics 5.00
- Resources Summary 5.00
- Minimize third-party usage 5.00
- Avoid long main-thread tasks 5.00
- Script Treemap Data 5.00
- Avoids enormous network payloads 5.00
- Minify CSS 5.00
- Efficiently encode images 5.00
- Properly size images 5.00
- Use video formats for animated content 5.00
- Remove duplicate modules in JavaScript bundles 5.00
- Avoids an excessive DOM size 5.00
- Avoids `document.write()` 5.00
- Uses passive listeners to improve scrolling performance 5.00
- Page didn't prevent back/forward cache restoration 5.00

- Correct status code? Got 404, and 404 is correct. 5.00
- Found a page title in the page's metadata? 1.00
- Found headline (h1)? 1.00
- Is it lacking text describing that an error has occurred (in Swedish OR English for English sites)? 1.00
- Is text content length is less than 150 characters, which indicates that the user is not being referred, nor advised? 1.00

- Pretty bad optimised for search engines (SEO).
- Page is blocked from indexing 1.00
- Image elements do not have `[alt]` attributes 1.00
- Document does not have a meta description 1.00
- Document has a `<title>` element 5.00
- Page has successful HTTP status code 5.00
- Links have descriptive text 5.00
- Links are crawlable 5.00
- Document has a valid `hreflang` 5.00

- The website can still make some improvements on best practices.
- Uses HTTPS 5.00
- Browser errors were logged to the console 1.00
- Avoids deprecated APIs 5.00
- Avoids third-party cookies 5.00
- Missing source maps for large first-party JavaScript 1.00
- Allows users to paste into input fields 5.00
- Has a `<meta name="viewport">` tag with `width` or `initial-scale` 5.00
- Displays images with correct aspect ratio 5.00
- Serves images with appropriate resolution 5.00
- Page has the HTML doctype 5.00
- Properly defines charset 5.00
- Avoids requesting the geolocation permission on page load 5.00
- No issues in the `Issues` panel in Chrome Devtools 5.00
- Avoids requesting the notification permission on page load 5.00
- Document uses legible font sizes 5.00
- Ensure CSP is effective against XSS attacks 5.00
- Detected JavaScript libraries 5.00

- The tested page has 12 errors in its HTML code.

Standards section:
- #1: Webpage - Number of grouped error type: 2 4.60
- #1: Webpage - Number of errors: 3 4.70
- Attribute “my-enter” not allowed on element “input” at this point. (errors of this type: 2 pcs)
- Bad value “https://fonts.googleapis.com/css?family=Oswald:300,400,500|Fira+Sans:400,400i,600,600i&subset=latin-ext” for attribute “href” on element “link”: Illegal character in query: “|” is not allowed. (errors of this type: 1 pcs)
- #12: BlogList.html- Number of grouped error type: 3 4.40
- #12: BlogList.html- Number of errors: 5 4.50
- Element “div” not allowed as child of element “small” in this context. (Suppressing further errors from this subtree.) (errors of this type: 2 pcs)
- Bad value “{{item.Url}}” for attribute “href” on element “a”: Illegal character in path segment: “{” is not allowed. (errors of this type: 1 pcs)
- Bad value “{{item.IntroImage}}” for attribute “src” on element “img”: Illegal character in path segment: “{” is not allowed. (errors of this type: 1 pcs)
- An “img” element must have an “alt” attribute, except under certain conditions. For details, consult guidance on providing text alternatives for images. (errors of this type: 1 pcs)
- #13: -7B-7Bitem.Intr- Number of grouped error type: 1 4.80
- #13: -7B-7Bitem.Intr- Number of errors: 1 4.90
- Non-space characters found without seeing a doctype first. Expected “<!DOCTYPE html>”. (errors of this type: 1 pcs)

- The CSS is good.

Standards section:
- `style=""` in: #1: Webpage , number of grouped error type: 0 5.00
- `style=""` in: #1: Webpage , number of errors: 0 5.00
- `<link rel="stylesheet">` in: #1: Webpage , number of grouped error type: 1 4.80
- `<link rel="stylesheet">` in: #1: Webpage , number of errors: 1 4.90
- CSS: The media “projection” has been deprecated (number of errors of this type: 1)
- `style=""` in: #12: BlogList.html, number of grouped error type: 0 5.00
- `style=""` in: #12: BlogList.html, number of errors: 0 5.00
- `content-type=".*css.*"` in: #2: css, number of grouped error type: 0 5.00
- `content-type=".*css.*"` in: #2: css, number of errors: 0 5.00
- `content-type=".*css.*"` in: #6: prettify.css, number of grouped error type: 1 4.80
- `content-type=".*css.*"` in: #6: prettify.css, number of errors: 1 4.90
- CSS: The media “projection” has been deprecated (number of errors of this type: 1)
- `<style>`, number of grouped error type: 0 5.00
- `<style>`, number of errors: 0 5.00

- RSS subscription is missing in the HTML's metadata. 4.50

Standards section:
- robots.txt is missing, not allowed to download or has not the expected content. 1.00
- Sitemap is not specified in robots.txt 1.00
- security.txt is missing the required contact info. 2.50

- The accessibility is about average, but needs to get better.

Accessibility section:
- Image elements do not have `[alt]` attributes 1.00
- Background and foreground colors do not have a sufficient contrast ratio. 1.00
- Links do not have a discernible name 1.00
- Touch targets do not have sufficient size or spacing. 1.00
- `[aria-*]` attributes match their roles 5.00
- `[aria-hidden="true"]` is not present on the document `<body>` 5.00
- `[aria-*]` attributes have valid values 5.00
- `[aria-*]` attributes are valid and not misspelled 5.00
- Buttons have an accessible name 5.00
- `[user-scalable="no"]` is not used in the `<meta name="viewport">` element and the `[maximum-scale]` attribute is not less than 5. 5.00
- ARIA attributes are used as specified for the element's role 5.00
- Elements use only permitted ARIA attributes 5.00
- Document has a `<title>` element 5.00
- `<html>` element has a `[lang]` attribute 5.00
- `<html>` element has a valid value for its `[lang]` attribute 5.00
- Form elements have associated labels 5.00
- Heading elements appear in a sequentially-descending order 5.00
- Image elements do not have `[alt]` attributes that are redundant text. 5.00
- Document has a main landmark. 5.00

Performance section:
- [desktop] TTFB (Time to First Byte): 138.67ms, ±13.33ms 5.00
- [desktop] DOMContentLoaded: 326.00ms, ±31.00ms 5.00
- [desktop] FCP (First Contentful Paint): 334.67ms, ±32.33ms 5.00
- [desktop] LCP (Largest Contentful Paint): 679.00ms, ±220.00ms 3.00
- [desktop] Load: 1027.67ms, ±42.33ms 3.94
- [desktop] CLS (Cumulative Layout Shift): 0.00ms, ±0.00ms 5.00
- [desktop] FirstVisualChange: 333.50ms, ±33.50ms 5.00
- [desktop] SpeedIndex: 534.00ms, ±98.00ms 4.93
- [desktop] VisualComplete85: 717.00ms, ±216.00ms 4.57
- [desktop] TBT (Total Blocking Time): 0.00ms, ±0.00ms 5.00
- [desktop] firstPaint: 334.67ms, ±32.33ms
- [desktop] LastVisualChange: 750.00ms, ±216.00ms
- [mobile] TTFB (Time to First Byte): 123.00ms, ±4.00ms 5.00
- [mobile] DOMContentLoaded: 296.67ms, ±14.33ms 5.00
- [mobile] FCP (First Contentful Paint): 300.67ms, ±16.33ms 5.00
- [mobile] LCP (Largest Contentful Paint): 387.00ms, ±12.00ms 5.00
- [mobile] Load: 846.00ms, ±43.00ms 5.00
- [mobile] FirstVisualChange: 317.00ms, ±17.00ms 5.00
- [mobile] SpeedIndex: 459.00ms, ±8.00ms 5.00
- [mobile] VisualComplete85: 450.50ms, ±16.50ms 5.00
- [mobile] CLS (Cumulative Layout Shift): 0.00ms, ±0.00ms 5.00
- [mobile] TBT (Total Blocking Time): 0.00ms, ±0.00ms 5.00
- [mobile] firstPaint: 300.67ms, ±16.33ms
- [mobile] LastVisualChange: 2085.00ms, ±45.00ms

- The website has rather good frontend code. 4.05
- Network 2.00
- Images 3.35
- DOM complexity 4.90
- JS complexity 4.85
- Bad JS 5.00
- jQuery 5.00
- CSS complexity 4.00
- Bad CSS 4.80
- Web fonts 3.75
- Server config 4.55

Performance section:
- Number of iframes 5.00
- Total JS execution time 5.00
- DOM access 4.55
- Scroll events bound 5.00
- document.write calls 5.00
- Synchronous Ajax requests 5.00
- Rules count 5.00
- Total weight 5.00
- Gzip/Brotli compression 3.35
- File minification 1.00
- Requests number 5.00
- Different domains 5.00
- 404 not found 1.00
- Connections closed 5.00
- Identical content 5.00
- Below the fold images 1.80
- Webfonts number 2.50
- Overweighted webfonts 5.00
- WOFF 2 5.00
- HTTP protocols 3.00
- TLS protocols 5.00
- Caching disabled 5.00
- Caching not specified 5.00
- Caching too short 5.00

- The accessibility is really bad! Probably both for disabled people and everyone of us when we need some accessibility!

Accessibility section:
- Number of types of issues: 6 3.80
- Number of issues: 72 1.00

##### Problems:
- A element has insufficient contrast at this conformance level. Expected a contrast ratio of at least 4.5:1, but text in this element has a contrast ratio of 2.97:1. Recommendation: change background to #4374cc.
- A element has insufficient contrast at this conformance level. Expected a contrast ratio of at least 4.5:1, but text in this element has a contrast ratio of 3.04:1. Recommendation: change background to #008297.
- Img element missing an alt attribute. Use the alt attribute to specify a short text alternative.
- Img element is the only content of the link, but is missing alt text. The alt text should describe the purpose of the link.
- A element has insufficient contrast at this conformance level. Expected a contrast ratio of at least 4.5:1, but text in this element has a contrast ratio of 3.98:1. Recommendation: change text colour to #0072ed.
- A searchinput element does not have a name available to an accessibility API. Valid names are: label element, title undefined, aria-label undefined, aria-labelledby undefined.

- Rather poor on user privacy.

Security section:
- HTTPS by default is good! 5.00
- Strict Transport Security is pretty bad. 1.00
- Content Security Policy is pretty bad. 1.00
- Reporting CSP Certificate Transparency Network Error Logging is good! 5.00
- Referrer Policy is not that good. 2.50
- Subresource Integrity SRI is pretty bad. 1.00
- HTTP headers is ok, with 1 error(s) and 0 warning(s). 4.50
- Cookies is ok, with 5 error(s) and 0 warning(s). 2.50

- Webpage generates little carbon dioxide!
- Carbon dioxide per pageview: 0.4 gram(s)
- More green than 89 % of the websites tested by webperf.se (Reference updated: 2024-03-31).
- More green than 89 % of the websites tested by webperf.se (Reference updated: 2022-12-16).
- Network transfer size: 654 kb 4.45

- Web server used: nginx
- Technology used: asp.net, c, imagevault, js, mysql, php, sass, scss
- License(s) used: gpl-3.0, mit
- Metadata used: viewport
- Javascript libraries used: angular.js, angularslideables, bootstrap, jquery, lity, matomo, scripty2, shifty, ui-scrollpoint
- Languages found: sv
- Image formats used: ico, png

Security section:
##### Software related to CVE:s 1.0

###### Introduction:
Software version used is affected by vulnerability described below.
In most cases you can fix a CVE related issue by updating software to latest version.
In some rare cases there is no update and you need to consider not using the software affected.

###### Common Vulnerabilities and Exposures
- CVE-2024-7347
- CVE-2022-41741
- CVE-2022-41742
- CVE-2021-23017
- CVE-2020-23064
- CVE-2020-11023
- CVE-2020-11022
- CVE-2019-5428
- CVE-2019-11358
- CVE-2024-6531

###### Detected software(s):
- nginx 1.18.0
- jquery 3.3.1
- bootstrap 4.3.1

###### Affected resource(s):
- https://www.herlitz.io/
- https://www.herlitz.io/site/site.min.css?v=0wSTJP0CSqCSxWmvWLcOxwTeiajjiqy_qtEENNINuZ812
- https://www.herlitz.io/bundles/scripts?v=0wSTJP0CSqCSxWmvWLcOxwTeiajjiqy_qtEENNINuZ81
- https://www.herlitz.io/imagevault/publishedmedia/lpqj1eyt9qnbm4jnw8a9/ovmp_small.png
- https://www.herlitz.io/content/prettify/prettify.css
- https://matomo.herlitz.io/matomo.js
- https://www.herlitz.io/api/BlogPosts/GetLatestPosts?skip=0&take=10
- https://www.herlitz.io/Static/Blog/Templates/BlogList.html
- https://www.herlitz.io/%7B%7Bitem.IntroImage%7D%7D
- https://www.herlitz.io/imagevault/publishedmedia/ib03zmat6nxku6j2y6zu/proxmox_meta-package_proxmox-ve.png
- https://www.herlitz.io/imagevault/publishedmedia/p5ojvsu6wcvo2qiq6i97/portainer3.png
- https://www.herlitz.io/imagevault/publishedmedia/arbhk568igqlnwhgapzw/OptimizelyTerminal04DotnetRun.png
- https://www.herlitz.io/imagevault/publishedmedia/anpb3ls3bc5ahev3pimz/Portainer-mssql.png
- https://www.herlitz.io/imagevault/publishedmedia/sfhk4utdk4ryvmsysspz/2023-01-27_15h46_11.png
- https://www.herlitz.io/imagevault/publishedmedia/mdizhp9aoghtxo5hliwj/2023-01-26_18h35_50.png
##### Software is behind >=25 versions 2.75

###### Introduction:
Software used is behind 25 or more version compared to latests.
This is a good indicator that you need to update to latest version.
It also indicate that you don't have a good package routine for your software.
You can fix this by updating software to latest version.

###### Detected software(s):
- nginx 1.18.0

###### Affected resource(s):
- https://www.herlitz.io/
- https://www.herlitz.io/site/site.min.css?v=0wSTJP0CSqCSxWmvWLcOxwTeiajjiqy_qtEENNINuZ812
- https://www.herlitz.io/bundles/scripts?v=0wSTJP0CSqCSxWmvWLcOxwTeiajjiqy_qtEENNINuZ81
- https://www.herlitz.io/imagevault/publishedmedia/lpqj1eyt9qnbm4jnw8a9/ovmp_small.png
- https://www.herlitz.io/content/prettify/prettify.css
- https://matomo.herlitz.io/matomo.js
- https://www.herlitz.io/api/BlogPosts/GetLatestPosts?skip=0&take=10
- https://www.herlitz.io/Static/Blog/Templates/BlogList.html
- https://www.herlitz.io/%7B%7Bitem.IntroImage%7D%7D
- https://www.herlitz.io/imagevault/publishedmedia/ib03zmat6nxku6j2y6zu/proxmox_meta-package_proxmox-ve.png
- https://www.herlitz.io/imagevault/publishedmedia/p5ojvsu6wcvo2qiq6i97/portainer3.png
- https://www.herlitz.io/imagevault/publishedmedia/arbhk568igqlnwhgapzw/OptimizelyTerminal04DotnetRun.png
- https://www.herlitz.io/imagevault/publishedmedia/anpb3ls3bc5ahev3pimz/Portainer-mssql.png
- https://www.herlitz.io/imagevault/publishedmedia/sfhk4utdk4ryvmsysspz/2023-01-27_15h46_11.png
- https://www.herlitz.io/imagevault/publishedmedia/mdizhp9aoghtxo5hliwj/2023-01-26_18h35_50.png
##### Software is behind >=10 versions 3.0

###### Introduction:
Software used is behind 10 or more version compared to latests.
This is a semi good indicator that you need to update to latest version.
It also indicate that you don't have a good package routine for your software.
You can fix this by updating software to latest version.

###### Detected software(s):
- jquery 3.3.1
- bootstrap 4.3.1
- php 8.2.15

###### Affected resource(s):
- https://www.herlitz.io/
- https://www.herlitz.io/bundles/scripts?v=0wSTJP0CSqCSxWmvWLcOxwTeiajjiqy_qtEENNINuZ81
- https://matomo.herlitz.io/matomo.php?action_name=Eric%20Herlitz&idsite=1&rec=1&r=015674&h=17&m=0&s=52&url=https%3A%2F%2Fwww.herlitz.io%2F&_id=c1753a2a201a3c3b&_idn=1&send_image=0&_refts=0&pv_id=KxdR8T&pf_net=56&pf_srv=63&pf_tfr=0&pf_dm1=172&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22130.0.6723.58%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22130.0.6723.58%22%7D%2C%7B%22brand%22%3A%22Not%3FA_Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Linux%22%2C%22platformVersion%22%3A%225.15.167%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=800x600
##### Software has been marked as archived 1.75

###### Introduction:
You seem to use software that has been marked as archived, this means it doesn't get any new features or security updates.
To fix this you need to find an alternative, often developers try to point you in the correct direction if you visit the place you got it from.

###### Detected software(s):
- angular.js

###### Affected resource(s):
- https://www.herlitz.io/bundles/scripts?v=0wSTJP0CSqCSxWmvWLcOxwTeiajjiqy_qtEENNINuZ81
##### You don't seem to be using 'END OF LIFE' software 5.00