Skip to content
https://krebsonsecurity.com

Lighthouse Desktop

· 0 checks — Desktop Lighthouse audit -- Performance, Accessibility, Best Practices, and SEO category breakdown.
SCORE
0
GRADE
FIX
0
REVIEW
0
PASS
0
INFO
0

Detailed Report

Audit breakdown by category with detailed findings.

95

Performance

Insights

Remove large, duplicate JavaScript modules from bundles to reduce unnecessary bytes consumed by network activity.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Polyfills and transforms enable older browsers to use new JavaScript features. However, many aren't necessary for modern browsers. Consider modifying your JavaScript build process to not transpile Baseline features, unless you know you must support older browsers. Learn why most sites can deploy ES6+ code without transpiling

Why this matters

Performance issues directly impact user engagement and conversion rates.

3rd party code can significantly impact load performance. Reduce and defer loading of 3rd party code to prioritize your page's content.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Consider setting font-display to swap or optional to ensure text is consistently visible. swap can be further optimized to mitigate layout shifts with font metric overrides.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Reducing the download time of images can improve the perceived load time of the page and LCP. Learn more about optimizing image size

Why this matters

Performance issues directly impact user engagement and conversion rates.

URLResource SizeEst Savings
A picture of a windows laptop in its updating stage, saying do not turn off the… article#post-73440 > div.entry-content > p > img.wp-image-56287
krebsonsecurity.com/wp-content/uploads/2021/07/windupate-768x541.png639.5 KiB575.2 KiB
A screenshot of two photos of Buchanan that appeared in a Daily Mail story date… article#post-73470 > div.entry-content > div#attachment_73476 > img.size-full
krebsonsecurity.com/wp-content/uploads/2026/04/dailymail-tylerb.png348.3 KiB269.5 KiB
div#secondary > aside#media_image-2 > a > img.image div#secondary > aside#media_image-2 > a > img.image
krebsonsecurity.com/wp-content/uploads/2017/06/computered-580x389.png262.4 KiB250.2 KiB
article#post-73422 > div.entry-content > div#attachment_73429 > img.size-full article#post-73422 > div.entry-content > div#attachment_73429 > img.size-full
krebsonsecurity.com/wp-content/uploads/2026/04/lumen-forestblizzard.png174.0 KiB130.1 KiB
div#page > div.themonic-logo > a > img div#page > div.themonic-logo > a > img
krebsonsecurity.com/b-doppel/9.png89.6 KiB67.4 KiB
Krebs on Security header#masthead > div.themonic-logo > a > img
krebsonsecurity.com/wp-content/uploads/2021/03/kos-27-03-2021.jpg82.0 KiB43.7 KiB
div#secondary > div#sidebar_ad > a > img div#secondary > div#sidebar_ad > a > img
krebsonsecurity.com/b-keeper/19.png39.1 KiB23.5 KiB

Optimize LCP by making the LCP image discoverable from the HTML immediately, and avoiding lazy-loading

Why this matters

Performance issues directly impact user engagement and conversion rates.

lhId: page-5-IMG
nodeLabel: Krebs on Security
path: 4,HTML,2,BODY,0,DIV,6,HEADER,1,DIV,0,A,0,IMG
selector: header#masthead > div.themonic-logo > a > img
snippet: <img src="https://krebsonsecurity.com/wp-content/uploads/2021/03/kos-27-03-2021.jpg" alt="Krebs on Security">

Avoid chaining critical requests by reducing the length of chains, reducing the download size of resources, or deferring the download of unnecessary resources to improve page load.

Why this matters

Performance issues directly impact user engagement and conversion rates.

description: [preconnect](https://developer.chrome.com/docs/lighthouse/performance/uses-rel-preconnect/) hints help the browser establish a connection earlier in the page load, saving time when the first request for that origin is made. The following are the origins that the page preconnected to.
title: Preconnected origins
value: no origins were preconnected
description: Add [preconnect](https://developer.chrome.com/docs/lighthouse/performance/uses-rel-preconnect/) hints to your most important origins, but try to use no more than 4.
title: Preconnect candidates
value: No additional origins are good candidates for preconnecting

These insights are also available in the Chrome DevTools Performance Panel - record a trace to view more detailed information.

Diagnostics

Minifying CSS files can reduce network payload sizes. Learn how to minify CSS.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Estimated savings: 0.0 ms 2.7 KiB

Reduce unused rules from stylesheets and defer CSS not used for above-the-fold content to decrease bytes consumed by network activity. Learn how to reduce unused CSS.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Estimated savings: 0.0 ms 12.4 KiB

Set an explicit width and height on image elements to reduce layout shifts and improve CLS. Learn how to set image dimensions

Why this matters

Performance issues directly impact user engagement and conversion rates.

URL
div#page > div.themonic-logo > a > img div#page > div.themonic-logo > a > img
krebsonsecurity.com/b-doppel/9.png
div#secondary > div#sidebar_ad > a > img div#secondary > div#sidebar_ad > a > img
krebsonsecurity.com/b-keeper/19.png

More information about the performance of your application. These numbers don't directly affect the Performance score.

Time to Interactive 1.5 s
Layout shift culprits
Document request latency
Optimize DOM size
Forced reflow
LCP breakdown
Modern HTTP
Optimize viewport for mobile
Max Potential First Input Delay 20 ms
Minify JavaScript
Reduce unused JavaScript
Avoids enormous network payloads Total size was 2,109 KiB
JavaScript execution time 0.0 s
Minimizes main-thread work 0.2 s
Page didn't prevent back/forward cache restoration
Network Requests
Network Round Trip Times 20 ms
Server Backend Latencies 30 ms
Tasks
Diagnostics
Metrics
Screenshot Thumbnails
Final Screenshot
Script Treemap Data
Resources Summary
Avoid multiple page redirects
Initial server response time was short Root document took 20 ms
Avoid large layout shifts 3 layout shifts found
INP breakdown
User Timing marks and measures
Avoid long main-thread tasks
Avoid non-composited animations
79

Accessibility

These checks highlight opportunities to improve the accessibility of your web app. Automatic detection can only detect a subset of issues and does not guarantee the accessibility of your web app, so manual testing is also encouraged.

Contrast

Low-contrast text is difficult or impossible for many users to read. Learn how to provide sufficient color contrast.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Failing Elements
Advertisement body.home > div#page > div.themonic-logo > div.a-statement
HOME div#menu-top > ul > li.current_page_item > a
April 21, 2026 div.btm-wrap > div.below-title-meta > div.adt > span.date
3 Comments div.below-title-meta > div.adt-comment > span > a.link-comments
SIM-swapping attacks article#post-73470 > div.entry-content > p > a
said article#post-73470 > div.entry-content > p > a
Continue reading → article#post-73470 > div.entry-content > p > a.more-link
April 14, 2026 div.btm-wrap > div.below-title-meta > div.adt > span.date
18 Comments div.below-title-meta > div.adt-comment > span > a.link-comments
CVE-2026-32201 article#post-73440 > div.entry-content > p > a
CVE-2026-33825 article#post-73440 > div.entry-content > p > a
published exploit code for it article#post-73440 > div.entry-content > p > a
confirmed article#post-73440 > div.entry-content > p > a
Continue reading → article#post-73440 > div.entry-content > p > a.more-link
April 7, 2026 div.btm-wrap > div.below-title-meta > div.adt > span.date
22 Comments div.below-title-meta > div.adt-comment > span > a.link-comments
a blog post article#post-73422 > div.entry-content > p > a
APT28 article#post-73422 > div.entry-content > p > a
new report article#post-73422 > div.entry-content > p > a
a new advisory article#post-73422 > div.entry-content > p > a
OAuth authentication tokens article#post-73422 > div.entry-content > p > a
Continue reading → article#post-73422 > div.entry-content > p > a.more-link
April 5, 2026 div.btm-wrap > div.below-title-meta > div.adt > span.date
8 Comments div.below-title-meta > div.adt-comment > span > a.link-comments
an advisory article#post-73394 > div.entry-content > p > a
Feb. 2023 filing article#post-73394 > div.entry-content > p > a
announced article#post-73394 > div.entry-content > p > a
had concluded article#post-73394 > div.entry-content > p > a
an interview article#post-73394 > div.entry-content > p > a
Continue reading → article#post-73394 > div.entry-content > p > a.more-link
March 23, 2026 div.btm-wrap > div.below-title-meta > div.adt > span.date
11 Comments div.below-title-meta > div.adt-comment > span > a.link-comments
wrote article#post-73368 > div.entry-content > p > a
removed article#post-73368 > div.entry-content > p > a
notes article#post-73368 > div.entry-content > p > a
a blog post article#post-73368 > div.entry-content > p > a
Continue reading → article#post-73368 > div.entry-content > p > a.more-link
March 19, 2026 div.btm-wrap > div.below-title-meta > div.adt > span.date
31 Comments div.below-title-meta > div.adt-comment > span > a.link-comments
said article#post-73345 > div.entry-content > p > a
Continue reading → article#post-73345 > div.entry-content > p > a.more-link
March 11, 2026 div.btm-wrap > div.below-title-meta > div.adt > span.date
52 Comments div.below-title-meta > div.adt-comment > span > a.link-comments
reports article#post-73316 > div.entry-content > p > a
profiled article#post-73316 > div.entry-content > p > a
Void Manticore article#post-73316 > div.entry-content > p > a
report article#post-73316 > div.entry-content > p > a
Continue reading → article#post-73316 > div.entry-content > p > a.more-link
March 10, 2026 div.btm-wrap > div.below-title-meta > div.adt > span.date
13 Comments div.below-title-meta > div.adt-comment > span > a.link-comments
CVE-2026-21262 article#post-73276 > div.entry-content > p > a
CVE-2026-26127 article#post-73276 > div.entry-content > p > a
CVE-2026-26113 article#post-73276 > div.entry-content > p > a
CVE-2026-26110 article#post-73276 > div.entry-content > p > a
Continue reading → article#post-73276 > div.entry-content > p > a.more-link
March 8, 2026 div.btm-wrap > div.below-title-meta > div.adt > span.date
30 Comments div.below-title-meta > div.adt-comment > span > a.link-comments
observed article#post-73278 > div.entry-content > p > a
recounted on Twitter/X article#post-73278 > div.entry-content > p > a
schadenfreude article#post-73278 > div.entry-content > p > a
story article#post-73278 > div.entry-content > p > a
another experiment article#post-73278 > div.entry-content > p > a
wrote article#post-73278 > div.entry-content > p > a
confused deputy article#post-73278 > div.entry-content > p > a
Continue reading → article#post-73278 > div.entry-content > p > a.more-link
February 28, 2026 div.btm-wrap > div.below-title-meta > div.adt > span.date
41 Comments div.below-title-meta > div.adt-comment > span > a.link-comments
LAPSUS$ article#post-73057 > div.entry-content > p > a
Dortsolver article#post-73057 > div.entry-content > p > a
SIM-swapping article#post-73057 > div.entry-content > p > a
Microsoft Xbox Game Pass accounts article#post-73057 > div.entry-content > p > a
Continue reading → article#post-73057 > div.entry-content > p > a.more-link
Next › div.pagination > ul > li > a.inactive
Last » div.themonic-pagination > div.pagination > ul > a.inactive
Advertisement div#main > div#secondary > div#sidebar_ad > div.a-statement
Advertisement div#main > div#secondary > div.widget > div.a-statement
© Krebs on Security - Mastodon body.home > div#page > div.site-wordpress

Low-contrast text is difficult or impossible for many users to read. Link text that is discernible improves the experience for users with low vision. Learn how to make links distinguishable.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Failing Elements
SIM-swapping attacks article#post-73470 > div.entry-content > p > a
said article#post-73470 > div.entry-content > p > a
Continue reading → article#post-73470 > div.entry-content > p > a.more-link
CVE-2026-32201 article#post-73440 > div.entry-content > p > a
CVE-2026-33825 article#post-73440 > div.entry-content > p > a
published exploit code for it article#post-73440 > div.entry-content > p > a
confirmed article#post-73440 > div.entry-content > p > a
Continue reading → article#post-73440 > div.entry-content > p > a.more-link
a blog post article#post-73422 > div.entry-content > p > a
APT28 article#post-73422 > div.entry-content > p > a
new report article#post-73422 > div.entry-content > p > a
a new advisory article#post-73422 > div.entry-content > p > a
OAuth authentication tokens article#post-73422 > div.entry-content > p > a
Continue reading → article#post-73422 > div.entry-content > p > a.more-link
an advisory article#post-73394 > div.entry-content > p > a
Feb. 2023 filing article#post-73394 > div.entry-content > p > a
announced article#post-73394 > div.entry-content > p > a
had concluded article#post-73394 > div.entry-content > p > a
an interview article#post-73394 > div.entry-content > p > a
Continue reading → article#post-73394 > div.entry-content > p > a.more-link
wrote article#post-73368 > div.entry-content > p > a
removed article#post-73368 > div.entry-content > p > a
notes article#post-73368 > div.entry-content > p > a
a blog post article#post-73368 > div.entry-content > p > a
said article#post-73345 > div.entry-content > p > a
Continue reading → article#post-73345 > div.entry-content > p > a.more-link
reports article#post-73316 > div.entry-content > p > a
profiled article#post-73316 > div.entry-content > p > a
Void Manticore article#post-73316 > div.entry-content > p > a
report article#post-73316 > div.entry-content > p > a
Continue reading → article#post-73316 > div.entry-content > p > a.more-link
CVE-2026-21262 article#post-73276 > div.entry-content > p > a
CVE-2026-26127 article#post-73276 > div.entry-content > p > a
CVE-2026-26113 article#post-73276 > div.entry-content > p > a
CVE-2026-26110 article#post-73276 > div.entry-content > p > a
Continue reading → article#post-73276 > div.entry-content > p > a.more-link
observed article#post-73278 > div.entry-content > p > a
recounted on Twitter/X article#post-73278 > div.entry-content > p > a
schadenfreude article#post-73278 > div.entry-content > p > a
story article#post-73278 > div.entry-content > p > a
another experiment article#post-73278 > div.entry-content > p > a
wrote article#post-73278 > div.entry-content > p > a
confused deputy article#post-73278 > div.entry-content > p > a
Continue reading → article#post-73278 > div.entry-content > p > a.more-link
LAPSUS$ article#post-73057 > div.entry-content > p > a
Dortsolver article#post-73057 > div.entry-content > p > a
SIM-swapping article#post-73057 > div.entry-content > p > a
Microsoft Xbox Game Pass accounts article#post-73057 > div.entry-content > p > a
Continue reading → article#post-73057 > div.entry-content > p > a.more-link
Mastodon body.home > div#page > div.site-wordpress > a

These are opportunities to improve the legibility of your content.

Names and labels

Informative elements should aim for short, descriptive alternate text. Decorative elements can be ignored with an empty alt attribute. Learn more about the `alt` attribute.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Failing Elements
div#page > div.themonic-logo > a > img div#page > div.themonic-logo > a > img
div#secondary > div#sidebar_ad > a > img div#secondary > div#sidebar_ad > a > img

Link text (and alternate text for images, when used as links) that is discernible, unique, and focusable improves the navigation experience for screen reader users. Learn how to make links accessible.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Failing Elements
body.home > div#page > div.themonic-logo > a body.home > div#page > div.themonic-logo > a
header#masthead > div.desktop-social > div.socialmedia > a header#masthead > div.desktop-social > div.socialmedia > a
header#masthead > div.desktop-social > div.socialmedia > a.rss header#masthead > div.desktop-social > div.socialmedia > a.rss
header#masthead > div.desktop-social > div.socialmedia > a.rss header#masthead > div.desktop-social > div.socialmedia > a.rss
div#main > div#secondary > div#sidebar_ad > a div#main > div#secondary > div#sidebar_ad > a
div#main > div#secondary > aside#media_image-2 > a div#main > div#secondary > aside#media_image-2 > a

These are opportunities to improve the semantics of the controls in your application. This may enhance the experience for users of assistive technology, like a screen reader.

Tables and lists

Screen readers have a specific way of announcing lists. Ensuring proper list structure aids screen reader output. Learn more about proper list structure.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Failing Elements
1 2 3 4 Next › Last » div#content > div.themonic-pagination > div.pagination > ul

These are opportunities to improve the experience of reading tabular or list data using assistive technology, like a screen reader.

Interactive controls are keyboard focusable
Interactive elements indicate their purpose and state
The page has a logical tab order
Visual order on the page follows DOM order
User focus is not accidentally trapped in a region
The user's focus is directed to new content added to the page
HTML5 landmark elements are used to improve navigation
Offscreen content is hidden from assistive technology
Custom controls have associated labels
Custom controls have ARIA roles
`[aria-*]` attributes match their roles
`[aria-hidden="true"]` is not present on the document `<body>`
`[role]`s have all required `[aria-*]` attributes
`[role]` values are valid
`[aria-*]` attributes have valid values
`[aria-*]` attributes are valid and not misspelled
Input buttons have discernible text.
Form elements have associated labels
`[user-scalable="no"]` is not used in the `<meta name="viewport">` element and the `[maximum-scale]` attribute is not less than 5.
ARIA attributes are used as specified for the element's role
Elements use only permitted ARIA attributes
Document has a `<title>` element
`<html>` element has a `[lang]` attribute
`<html>` element has a valid value for its `[lang]` attribute
List items (`<li>`) are contained within `<ul>`, `<ol>` or `<menu>` parent elements
Touch targets have sufficient size and spacing.
Heading elements appear in a sequentially-descending order
Document has a main landmark.
Deprecated ARIA roles were not used
Identical links have the same purpose.
`[accesskey]` values are unique
`button`, `link`, and `menuitem` elements have accessible names
Elements with `role="dialog"` or `role="alertdialog"` have accessible names.
`[aria-hidden="true"]` elements do not contain focusable descendents
ARIA input fields have accessible names
ARIA `meter` elements have accessible names
ARIA `progressbar` elements have accessible names
Elements with an ARIA `[role]` that require children to contain a specific `[role]` have all required children.
`[role]`s are contained by their required parent element
Elements with the `role=text` attribute do not have focusable descendents.
ARIA toggle fields have accessible names
ARIA `tooltip` elements have accessible names
ARIA `treeitem` elements have accessible names
Buttons have an accessible name
The page contains a heading, skip link, or landmark region
`<dl>`'s contain only properly-ordered `<dt>` and `<dd>` groups, `<script>`, `<template>` or `<div>` elements.
Definition list items are wrapped in `<dl>` elements
ARIA IDs are unique
No form fields have multiple labels
`<frame>` or `<iframe>` elements have a title
`<html>` element has an `[xml:lang]` attribute with the same base language as the `[lang]` attribute.
`<input type="image">` elements have `[alt]` text
The document does not use `<meta http-equiv="refresh">`
`<object>` elements have alternate text
Select elements have associated label elements.
Skip links are focusable.
No element has a `[tabindex]` value greater than 0
Cells in a `<table>` element that use the `[headers]` attribute refer to table cells within the same table.
`<th>` elements and elements with `[role="columnheader"/"rowheader"]` have data cells they describe.
`[lang]` attributes have a valid value
`<video>` elements contain a `<track>` element with `[kind="captions"]`
Tables have different content in the summary attribute and `<caption>`.
All heading elements contain content.
Uses ARIA roles only on compatible elements
Image elements do not have `[alt]` attributes that are redundant text.
Elements with visible text labels have matching accessible names.
Tables use `<caption>` instead of cells with the `[colspan]` attribute to indicate a caption.
`<td>` elements in a large `<table>` have one or more table headers.
96

Best Practices

General

Errors logged to the console indicate unresolved problems. They can come from network request failures and other browser concerns. Learn more about this errors in console diagnostic audit

Why this matters

Performance issues directly impact user engagement and conversion rates.

SourceDescription
TypeError: $(...).colorbox is not a function at HTMLDocument.<anonymous> (https://krebsonsecurity.com/:105:19) at e (https://krebsonsecurity.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4:2:30158) at t (https://krebsonsecurity.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4:2:30460)
TypeError: Cannot read properties of undefined (reading 'msie') at https://krebsonsecurity.com/wp-content/plugins/jquery-lightbox-for-native-galleries/colorbox/jquery.colorbox-min.js?ver=1.3.14:4:2527 at https://krebsonsecurity.com/wp-content/plugins/jquery-lightbox-for-native-galleries/colorbox/jquery.colorbox-min.js?ver=1.3.14:4:8955
Uses HTTPS
Avoids deprecated APIs
Avoids third-party cookies
Allows users to paste into input fields
Avoids requesting the geolocation permission on page load
Avoids requesting the notification permission on page load
Displays images with correct aspect ratio
Serves images with appropriate resolution
Page has the HTML doctype
Properly defines charset
No issues in the `Issues` panel in Chrome Devtools
Ensure CSP is effective against XSS attacks
Use a strong HSTS policy
Ensure proper origin isolation with COOP
Mitigate clickjacking with XFO or CSP
Mitigate DOM-based XSS with Trusted Types
Detected JavaScript libraries
Page has valid source maps
Redirects HTTP traffic to HTTPS
83

SEO

These checks ensure that your page is following basic search engine optimization advice. There are many additional factors Lighthouse does not score here that may affect your search ranking, including performance on Core Web Vitals. Learn more about Google Search Essentials.

Content Best Practices

Meta descriptions may be included in search results to concisely summarize page content. Learn more about the meta description.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Informative elements should aim for short, descriptive alternate text. Decorative elements can be ignored with an empty alt attribute. Learn more about the `alt` attribute.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Failing Elements
div#page > div.themonic-logo > a > img div#page > div.themonic-logo > a > img
div#secondary > div#sidebar_ad > a > img div#secondary > div#sidebar_ad > a > img

Format your HTML in a way that enables crawlers to better understand your app’s content.

Structured data is valid
Page isn’t blocked from indexing
Document has a `<title>` element
Page has successful HTTP status code
Links have descriptive text
Links are crawlable
robots.txt is valid
Document has a valid `hreflang`
Document has a valid `rel=canonical`

Send Feedback