Consider code splitting or tree shaking to reduce unused code.
Why this matters
This bundle has high unused code — code-split or tree-shake to ship only what executes.
Source: web.dev / Lighthouse coverage
Consider code splitting or tree shaking to reduce unused code.
Why this matters
This bundle has high unused code — code-split or tree-shake to ship only what executes.
Source: web.dev / Lighthouse coverage
Consider code splitting or tree shaking to reduce unused code.
Why this matters
This bundle has high unused code — code-split or tree-shake to ship only what executes.
Source: web.dev / Lighthouse coverage
Consider code splitting or tree shaking to reduce unused code.
Why this matters
This bundle has high unused code — code-split or tree-shake to ship only what executes.
Source: web.dev / Lighthouse coverage
B
HTTP/3 (QUIC)
HTTP/3 not advertised
REVIEW
HTTP/3 not advertised
Info::
i
HTTP/3 (QUIC) is not advertised
HTTP/3 isn't advertised via Alt-Svc and the worker didn't negotiate h3. HTTP/3 reduces handshake latency (1-RTT instead of 2-3 RTTs) and is more resilient on lossy connections. Most modern CDNs (Cloudflare, Fastly, AWS CloudFront, Google Cloud CDN) support HTTP/3 with a single config switch -- consider enabling for mobile-heavy workloads.
C
Compression Algorithm
Action
Main response served uncompressed
REVIEW
Main response served uncompressed
Info::
i
Main HTML response has no Content-Encoding (uncompressed)
The main HTML document is served without compression. The Text Compression section above lists the broader picture; for the main response specifically, even gzip would shave ~70-80% off most text payloads.
B
Main HTML Cache-Control
No Cache-Control header on main HTML response
REVIEW
No Cache-Control header on main HTML response
Info::
i
Main HTML response has no Cache-Control header
Without an explicit Cache-Control, browsers fall back to heuristic caching (~10% of Last-Modified age). Set `Cache-Control: no-cache` or `max-age=300` for HTML to control freshness explicitly -- prevents stale auth state and SPA shell drift.
B
Server-Timing Observability
No Server-Timing header found
REVIEW
No Server-Timing header found
Info::
i
No Server-Timing header found
Server-Timing exposes backend timing breakdowns to browser DevTools (e.g., `db: 45ms; render: 120ms; cache: 2ms`). Useful for diagnosing slow pages without backend log access. Most modern frameworks (Next.js, Cloudflare Workers, Fastly) emit it automatically; absence on a managed platform usually means telemetry headers are stripped at the edge.
C
Green Hosting
Action
Whether the site is served from green-energy infrastructure
REVIEW
Green Hosting
No green hosting detected
A+
Text Compression
All text resources are compressed
PASS
All text resources are compressed
Info::
✓
All text resources are compressed
All text resources are properly compressed.
A+
Font Loading
7 fonts (287 KB)
PASS
7 fonts (287 KB)
Info::
i
7 font(s) use font-display: swap (FOUT risk but functional)
Web fonts
7
287 KB total
Render-blocking
0
of 7
Dominant font-display
swap
Most common across fonts
Font loading timeline
TransferFOIT (block)FOUT (swap)
PublicSans-Light-05ff7d...woffswap
Size41 KB
Load time200 ms
Start1.3 s
RiskFOUT — text flashes from fallback to web font
Convert to woff2 for ~30% smaller file size
GT-America-Mono-Bold-5c...woff2swap
Size36 KB
Load time315 ms
Start1.3 s
RiskFOUT — text flashes from fallback to web font
GT-America-Mono-Regular...woff2swap
Size35 KB
Load time402 ms
Start1.3 s
RiskFOUT — text flashes from fallback to web font
PublicSans-Bold-c5f1403...woff2swap
Size33 KB
Load time294 ms
Start1.3 s
RiskFOUT — text flashes from fallback to web font
GT-Sectra-Fine-Bold-23b...woff2swap
Size70 KB
Load time383 ms
Start1.3 s
RiskFOUT — text flashes from fallback to web font
PublicSans-Bold-a239fb9...woffswap
Size41 KB
Load time407 ms
Start1.3 s
RiskFOUT — text flashes from fallback to web font
Convert to woff2 for ~30% smaller file size
PublicSans-ExtraBold-06...woff2swap
Size30 KB
Load time334 ms
Start1.3 s
RiskFOUT — text flashes from fallback to web font
Optimization checklist
Preload critical fonts (priority=high)
Use woff2 format for all fonts
Set font-display to swap, optional, or fallback
Subset large fonts (≤100 KB each)
Fixing the unchecked items could save ~25 KB and ~50 ms
A+
Resource Caching
All resources properly cached
PASS
All resources properly cached
Info::
✓
No caching issues found
All static resources have appropriate caching headers.
A+
Critical Rendering Path
No render-blocking resources
PASS
No render-blocking resources
Info::
✓
No render-blocking resources detected
A+
Resource Hints
No optimization needed
PASS
No optimization needed
Info::
✓
No resource hint issues
A+
LCP Image Preload
LCP preload audit not available
PASS
LCP preload audit not available
Info::
✓
LCP image preload audit not available for this scan
A+
Server Response Intelligence
1 server-response signal(s) detected
PASS
1 server-response signal(s) detected
Info::
i
No `ETag` or `Last-Modified` -- conditional GET not supported
Without either header, browsers can't issue conditional GETs and refresh always re-downloads the full response body even when nothing changed. Add `ETag: "<hash>"` (or `Last-Modified: <date>`) on cacheable responses; the server returns 304 Not Modified when the client's cached copy is still valid, saving bandwidth.
Network Waterfall
62 requests over 2949ms
INFO
HTML JavaScript CSS Images Fonts XHR/Fetch Other
Third-Party Script Cost
Per-script blocking time, transfer cost, and cache headers
INFO
67%of JavaScript execution is third-party
First-party Third-party484ms · 167KB · $6/mo
Script
Category
Execution
Transfer
Unused
Monthly Cost
Verdict
www.cia.gov
www.cia.gov
Other
310ms
94 KB
—
$4/mo
Costly
www.cia.gov
www.cia.gov
Other
114ms
45 KB
—
$2/mo
Optional
www.cia.gov
www.cia.gov
Other
59ms
28 KB
—
$1/mo
Optional
www.cia.gov
Other
Costly
Execution310ms
Transfer94 KB
Monthly Cost$4/mo
www.cia.gov
Other
Optional
Execution114ms
Transfer45 KB
Monthly Cost$2/mo
www.cia.gov
Other
Optional
Execution59ms
Transfer28 KB
Monthly Cost$1/mo
These scripts may cost more than they're worth
www.cia.gov adds 310ms and costs ~$4/month
67% of JavaScript execution time comes from third-party scripts.
Why this matters
Third-party scripts (analytics, ads, social, A/B testing) often dominate execution time — every one is a perf-and-privacy tax.
Learn more ▾▴
Each third-party script is a black box: you don't control when it loads, what it executes, or how much it grows. They often account for a major share of total blocking time on average sites (HTTP Archive's Web Almanac documents the trend). Audit which ones you actually need, defer the rest, and use facade patterns (lite-youtube, lite-vimeo) for embedded media.
Source: web.dev / HTTP Archive Web Almanac
www.cia.gov takes 310ms of CPU time. Consider loading it asynchronously or replacing it with a lighter alternative.
Why this matters
This script has high main-thread execution time — optimize hot paths or defer.