C+78%
Quality Score
6
Pages
139
Issues
7.4
Avg Confidence
7.7
Avg Priority
44 Critical64 High29 Medium2 Low
>_ Testers.AI
AI Analysis
The Perfume Shop scored B (85%) with 139 issues across 7 tested pages, ranking #14 of 22 UK retail sites. That's 15 more than the 123.7 category average (36th percentile).
Top issues to fix immediately: "Critical Resource Loading Failures Affecting Page Functionality" โ Investigate and resolve the DNS/resource loading issues; "Precise Geolocation Data Transmitted to Third-Party Analytics Service" โ 1) Implement geolocation data minimization - only transmit country/region level data instead of precise coordinates a...; "Pervasive Missing Cache Headers on Critical Resources" โ Implement Cache-Control headers with appropriate max-age values for all resources: Static assets (JS, CSS, fonts) sho....
Weakest area โ accessibility (5/10): Limited visible accessibility features. Text contrast issues in some areas, lack of clear alt text indicators, and footer text ...
Quick wins: Improve text contrast throughout, especially in the footer section, to meet WCAG standards. Add skip navigation links and improve keyboard navigation support.
Qualitative Quality
The Perfume Shop
Category Avg
Best in Category
Pages Tested ยท 6 screenshots
Homepage
theperfumeshop.com
theperfumeshop.com
theperfumeshop.com
theperfumeshop.com
theperfumeshop.com
Detected Issues ยท 139 total
1
Critical Resource Loading Failures Affecting Page Functionality
CRIT P10
Prompt to Fix
Multiple critical resources are failing to load with 'net::ERR_NAME_NOT_RESOLVED' errors, breaking the user experience. Debug and fix the DNS resolution or resource server connectivity issues. Verify all external resource URLs are correctly configured and accessible. Once resources load properly, test that all product images, styles, and interactive features display and function as intended.
Why it's a bug
The browser console shows multiple 'Failed to load resource: net::ERR_NAME_NOT_RESOLVED' errors, indicating that critical assets (likely images, stylesheets, or scripts) are failing to load. This directly impacts the user experience as visual elements may not display correctly, product images may be missing, and interactive features may not function properly. Users cannot effectively browse products or complete intended tasks if resources fail to load.
Why it might not be a bug
This could be a temporary network issue or DNS resolution problem on the test environment rather than a product defect, but it's currently blocking core functionality that users need to accomplish their goals.
Suggested Fix
Investigate and resolve the DNS/resource loading issues. Verify that all external resource URLs are correctly configured and accessible. Check CDN connectivity, DNS settings, and resource server availability. Implement fallback resources or error handling if certain non-critical assets fail to load.
Why Fix
Users cannot see product images, navigate effectively, or interact with the site if critical resources fail to load. This creates a broken user experience and likely causes task abandonment and loss of trust in the platform.
Route To
DevOps/Infrastructure Engineer, Backend Engineer
Page
Tester
Mia ยท Usability TesterTechnical Evidence
Elements:
Product images, stylesheets, and interactive elements that depend on external resourcesConsole:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED (appears 4 times in console logs)Network:
Multiple failed resource loads with net::ERR_NAME_NOT_RESOLVEDPage Text:
The page displays content but critical visual and functional elements may not render properly2
Precise Geolocation Data Transmitted to Third-Party Analytics Service
CRIT P10
Prompt to Fix
Our application is transmitting precise geolocation data (latitude, longitude, postal code, city, region, metro code) to the third-party Evolv.ai service without explicit user consent. This violates GDPR and CCPA. Please implement the following: 1) Modify the code that sends data to participants.evolv.ai to exclude latitude, longitude, and postal code fields. 2) Keep only country and region-level data for legitimate business purposes. 3) Ensure a privacy consent check is in place before any location data is transmitted - specifically check that the user has explicitly opted in to location tracking. 4) Add a configuration flag to allow disabling geolocation transmission entirely. 5) Document this change in our privacy impact assessment.
Why it's a bug
The network requests to participants.evolv.ai contain highly precise geolocation data including latitude (47.38450), longitude (-122.05820), postal code (98038), city (Maple Valley), region (WA), and metro code (819). This granular location information is being transmitted to a third-party service (Evolv.ai) for A/B testing and experimentation purposes. Such precise location data constitutes personal data under GDPR and CCPA regulations. The requests show this data is sent without explicit evidence of user consent being obtained first, violating privacy regulations.
Why it might not be a bug
Location data transmission could be considered necessary for regional content personalization or compliance testing. However, the level of granularity (postal code + exact coordinates) far exceeds what is needed for such purposes and should require explicit user consent.
Suggested Fix
1) Implement geolocation data minimization - only transmit country/region level data instead of precise coordinates and postal codes. 2) Obtain explicit user consent before transmitting any location data to third parties. 3) Add privacy controls in consent management platform to allow users to opt-out of location tracking. 4) Review Evolv.ai's data processing agreement to ensure GDPR/CCPA compliance.
Why Fix
Precise geolocation data transmission violates GDPR Article 6 (lawful basis requirement) and CCPA requirements for explicit consent. This exposes users to re-identification risks and enables invasive profiling. Regulators view this as a high-severity violation that can result in substantial fines.
Route To
Privacy Engineer / Data Protection Officer
Page
Tester
Pete ยท Privacy Networking AnalyzerTechnical Evidence
Console:
Location data including precise coordinates and postal code being sent to third-party analyticsNetwork:
GET https://participants.evolv.ai/v1/2bd5277bbe/data?uid=27737820_1773680650821&client=asset-manager&messages=%5B...%7B%22key%22%3A%22geo.lat%22%2C%22value%22%3A%2247.38450%22%7D...%7B%22key%22%3A%22geo.lon%22%2C%22value%22%3A%22-122.05820%22%7D...%7B%22key%22%3A%22geo.postal%22%2C%22value%22%3A%2298038%22%7D3
Pervasive Missing Cache Headers on Critical Resources
CRIT P10
Prompt to Fix
Add comprehensive Cache-Control and ETag headers to all static resources. For JavaScript bundles (runtime.js, main.js, polyfills.js, scripts.js) and CSS files (styles.css, content-styles.css), use 'Cache-Control: public, max-age=31536000, immutable' since they have content hashes in filenames. For fonts (woff2, woff files), use 'Cache-Control: public, max-age=31536000, immutable'. For HTML pages, use 'Cache-Control: public, max-age=3600' or 'no-cache'. For API responses and redirects, use 'Cache-Control: no-cache, no-store' or appropriate short-term caching. Configure this at your CDN (if using) and origin server (nginx/Apache configuration or application middleware). Verify with browser DevTools that Cache-Control headers appear on responses.
Why it's a bug
Critical and foundational resources are missing Cache-Control and ETag headers. This includes main application bundles (runtime.js, polyfills.js, scripts.js, main.js), stylesheets (styles.css, content-styles.css), fonts (Muli-Regular.woff2, Muli-Bold.woff2, tps-icon.woff), images (logos, product images), third-party scripts (Trustpilot, Evolv), and tracking resources. Without cache headers, browsers cannot cache these resources, resulting in repeated full downloads on every page load. This dramatically increases bandwidth consumption, slows page loads for returning visitors, and negatively impacts Core Web Vitals. Over 60+ resources show this issue.
Why it might not be a bug
Cache headers could potentially be managed by CDN or server-side middleware without explicit headers, though this is unreliable and poor practice.
Suggested Fix
Implement Cache-Control headers with appropriate max-age values for all resources: Static assets (JS, CSS, fonts) should use long expiration (max-age=31536000, immutable for hashed filenames); API responses should use shorter periods (max-age=3600 or cache=no-store); HTML should use no-cache or short cache. Add ETag headers for validation. Use versioned/hashed filenames to cache-bust when content changes. Implement this at the CDN edge and origin server.
Why Fix
Adding cache headers reduces repeat downloads by 40-60% for returning visitors, significantly improving page load speed and Core Web Vitals (LCP, FID). This reduces server load, bandwidth costs, and improves user experience on slow connections. Essential for SEO ranking factors.
Route To
DevOps Engineer / Backend Engineer
Page
Tester
Tariq ยท Performance SpecialistTechnical Evidence
Console:
Multiple network requests show missing cache headersNetwork:
GET https://www.theperfumeshop.com/styles.6e477012a79f75cd.css - Status: 200 โ ๏ธ MISSING CACHE HEADERS