Lighthouse Desktop

· 0 checks — Desktop Lighthouse audit -- Performance, Accessibility, Best Practices, and SEO category breakdown.

SCORE

GRADE

FIX

REVIEW

PASS

INFO

Detailed Report

Audit breakdown by category with detailed findings.

Performance

Insights

Remove large, duplicate JavaScript modules from bundles to reduce unnecessary bytes consumed by network activity.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Polyfills and transforms enable older browsers to use new JavaScript features. However, many aren't necessary for modern browsers. Consider modifying your JavaScript build process to not transpile Baseline features, unless you know you must support older browsers. Learn why most sites can deploy ES6+ code without transpiling

Why this matters

Performance issues directly impact user engagement and conversion rates.

3rd party code can significantly impact load performance. Reduce and defer loading of 3rd party code to prioritize your page's content.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Reducing the download time of images can improve the perceived load time of the page and LCP. Learn more about optimizing image size

Why this matters

Performance issues directly impact user engagement and conversion rates.

	URL	Resource Size	Est Savings
Zero-Knowledge Architecture `div.space-y-32 > div.grid > div.relative > img.relative`	stelgano.com/images/zero_knowledge_server.png	904.6 KiB	874.5 KiB
Ephemeral Identity Concept `div.space-y-32 > div.grid > div.order-1 > img.relative`	stelgano.com/images/ephemeral_identity.png	730.8 KiB	700.7 KiB
Client-Side Encryption `div.space-y-32 > div.grid > div.relative > img.relative`	stelgano.com/images/client_side_crypto.png	720.9 KiB	690.8 KiB
Contact-Layer Steganography Concept `div.max-w-6xl > div.grid > div.order-2 > img.relative`	stelgano.com/images/contact_steg.png	407.2 KiB	377.2 KiB
sTELgano vs Traditional Messaging Apps `div.max-w-7xl > div.grid > div.relative > img.relative`	stelgano.com/images/comparison_visual.jpg	295.5 KiB	279.1 KiB
sTELgano Secure Messaging `section.relative > div.grid > div.relative > img.relative`	stelgano.com/images/hero_visual.jpg	235.3 KiB	202.6 KiB

Avoid chaining critical requests by reducing the length of chains, reducing the download size of resources, or deferring the download of unnecessary resources to improve page load.

Why this matters

Performance issues directly impact user engagement and conversion rates.

description: [preconnect](https://developer.chrome.com/docs/lighthouse/performance/uses-rel-preconnect/) hints help the browser establish a connection earlier in the page load, saving time when the first request for that origin is made. The following are the origins that the page preconnected to.

title: Preconnected origins

value: no origins were preconnected

description: Add [preconnect](https://developer.chrome.com/docs/lighthouse/performance/uses-rel-preconnect/) hints to your most important origins, but try to use no more than 4.

title: Preconnect candidates

value: No additional origins are good candidates for preconnecting

Requests are blocking the page's initial render, which may delay LCP. Deferring or inlining can move these network requests out of the critical path.

Why this matters

Performance issues directly impact user engagement and conversion rates.

URL	Transfer Size	Duration
stelgano.com/assets/app.css	14.9 KiB	109 ms

These insights are also available in the Chrome DevTools Performance Panel - record a trace to view more detailed information.

Time to Interactive is the amount of time it takes for the page to become fully interactive. Learn more about the Time to Interactive metric.

Why this matters

Performance issues directly impact user engagement and conversion rates.

TTI

Diagnostics

Large network payloads cost users real money and are highly correlated with long load times. Learn how to reduce payload sizes.

Why this matters

Performance issues directly impact user engagement and conversion rates.

URL	Transfer Size
stelgano.com/images/zero_knowledge_server.png	905.8 KiB
stelgano.com/images/hero_illustration.png	835.1 KiB
stelgano.com/images/n_equals_1.png	751.0 KiB
stelgano.com/images/ephemeral_identity.png	732.0 KiB
stelgano.com/images/client_side_crypto.png	722.1 KiB
stelgano.com/images/contact_steg.png	408.4 KiB
stelgano.com/images/comparison_visual.jpg	296.6 KiB
stelgano.com/images/hero_visual.jpg	236.4 KiB
stelgano.com/fonts/inter-latin-600-normal.woff2	24.9 KiB
stelgano.com/fonts/inter-latin-500-normal.woff2	24.7 KiB

Set an explicit width and height on image elements to reduce layout shifts and improve CLS. Learn how to set image dimensions

Why this matters

Performance issues directly impact user engagement and conversion rates.

	URL
sTELgano Secure Messaging `section.relative > div.grid > div.relative > img.relative`	stelgano.com/images/hero_visual.jpg
Zero-Knowledge Architecture `div.space-y-32 > div.grid > div.relative > img.relative`	stelgano.com/images/zero_knowledge_server.png
Ephemeral Identity Concept `div.space-y-32 > div.grid > div.order-1 > img.relative`	stelgano.com/images/ephemeral_identity.png
Client-Side Encryption `div.space-y-32 > div.grid > div.relative > img.relative`	stelgano.com/images/client_side_crypto.png
Contact-Layer Steganography Concept `div.max-w-6xl > div.grid > div.order-2 > img.relative`	stelgano.com/images/contact_steg.png
N=1 Messaging - Shattering the previous message `section.px-4 > div.grid > div.relative > img.relative`	stelgano.com/images/n_equals_1.png
sTELgano Security Architecture `div.max-w-6xl > div.grid > div.relative > img.relative`	stelgano.com/images/hero_illustration.png
sTELgano vs Traditional Messaging Apps `div.max-w-7xl > div.grid > div.relative > img.relative`	stelgano.com/images/comparison_visual.jpg

More information about the performance of your application. These numbers don't directly affect the Performance score.

●Use efficient cache lifetimes

●Layout shift culprits

●Document request latency

●Optimize DOM size

●Font display

●Forced reflow

●LCP breakdown

●Modern HTTP

●Optimize viewport for mobile

●Max Potential First Input Delay 20 ms

●Minify CSS

●Minify JavaScript

●Reduce unused CSS

●Reduce unused JavaScript

●JavaScript execution time 0.0 s

●Minimizes main-thread work 0.7 s

●Avoid long main-thread tasks 3 long tasks found

●Page didn't prevent back/forward cache restoration

●Network Requests

●Network Round Trip Times 20 ms

●Server Backend Latencies 30 ms

●Tasks

●Diagnostics

●Metrics

●Screenshot Thumbnails

●Final Screenshot

●Script Treemap Data

●Resources Summary

●Avoid multiple page redirects

●Initial server response time was short Root document took 80 ms

●Avoid large layout shifts 1 layout shift found

○INP breakdown

○LCP request discovery

○User Timing marks and measures

○Avoid non-composited animations

Accessibility

These checks highlight opportunities to improve the accessibility of your web app. Automatic detection can only detect a subset of issues and does not guarantee the accessibility of your web app, so manual testing is also encouraged.

Contrast

Low-contrast text is difficult or impossible for many users to read. Learn how to provide sufficient color contrast.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Failing Elements
No plaintext ever touches the backend. Even a full database breach reveals noth… `ul.space-y-4 > li.flex > div > p.text-slate-500`
The protocol is designed so you don't even have to trust us. The cryptography g… `ul.space-y-4 > li.flex > div > p.text-slate-500`
We don't want to know who you are. The system is designed to prevent us from ev… `ul.space-y-4 > li.flex > div > p.text-slate-500`
Session keys are kept strictly in volatile memory. Close the browser, and the e… `ul.space-y-4 > li.flex > div > p.text-slate-500`
Your encryption keys are derived from your PIN and the Steg Number using 600,00… `ul.space-y-4 > li.flex > div > p.text-slate-500`
Because the payload is encrypted with AES-256-GCM before it ever hits the netwo… `ul.space-y-4 > li.flex > div > p.text-slate-500`
The moment a reply is sent, the previous message is atomically wiped from the d… `ul.space-y-6 > li.flex > div > p.text-slate-500`
Because old messages are actively destroyed to make room for new ones, there is… `ul.space-y-6 > li.flex > div > p.text-slate-500`
Even if a server is physically seized or fully compromised, there is nothing to… `ul.space-y-6 > li.flex > div > p.text-slate-500`
Pro Tip: Use Incognito/Private Mode to ensure no local traces remain. `div.w-full > section.px-6 > div.relative > p.text-xs`
The secure channel platform hidden in your contacts. `footer.px-6 > div.max-w-6xl > div.flex > p.text-slate-500`
STEL·GAH·NO — STEGANOGRAPHY + TEL `footer.px-6 > div.max-w-6xl > div.flex > p.text-slate-600`
AGPL-3.0 `div.max-w-6xl > div.flex > div.flex > div.px-2`
BUILD 2026.04 `div.max-w-6xl > div.flex > div.flex > div.px-2`
© 2026 sTELgano Contributors `footer.px-6 > div.max-w-6xl > div.flex > p.text-[9px]`

These are opportunities to improve the legibility of your content.

○Interactive controls are keyboard focusable

○Interactive elements indicate their purpose and state

○The page has a logical tab order

○Visual order on the page follows DOM order

○User focus is not accidentally trapped in a region

○The user's focus is directed to new content added to the page

○HTML5 landmark elements are used to improve navigation

○Offscreen content is hidden from assistive technology

○Custom controls have associated labels

○Custom controls have ARIA roles

●`[aria-hidden="true"]` is not present on the document `<body>`

●Image elements have `[alt]` attributes

●`[user-scalable="no"]` is not used in the `<meta name="viewport">` element and the `[maximum-scale]` attribute is not less than 5.

●`[aria-hidden="true"]` elements do not contain focusable descendents

●Document has a `<title>` element

●`<html>` element has a `[lang]` attribute

●`<html>` element has a valid value for its `[lang]` attribute

●Links have a discernible name

●Lists contain only `<li>` elements and script supporting elements (`<script>` and `<template>`).

●List items (`<li>`) are contained within `<ul>`, `<ol>` or `<menu>` parent elements

●Touch targets have sufficient size and spacing.

●Cells in a `<table>` element that use the `[headers]` attribute refer to table cells within the same table.

●Heading elements appear in a sequentially-descending order

●Document has a main landmark.

●Tables use `<caption>` instead of cells with the `[colspan]` attribute to indicate a caption.

●`<td>` elements in a large `<table>` have one or more table headers.

○`[accesskey]` values are unique

○`[aria-*]` attributes match their roles

○`button`, `link`, and `menuitem` elements have accessible names

○ARIA attributes are used as specified for the element's role

○Deprecated ARIA roles were not used

○Elements with `role="dialog"` or `role="alertdialog"` have accessible names.

○ARIA input fields have accessible names

○ARIA `meter` elements have accessible names

○ARIA `progressbar` elements have accessible names

○Elements use only permitted ARIA attributes

○`[role]`s have all required `[aria-*]` attributes

○Elements with an ARIA `[role]` that require children to contain a specific `[role]` have all required children.

○`[role]`s are contained by their required parent element

○`[role]` values are valid

○Elements with the `role=text` attribute do not have focusable descendents.

○ARIA toggle fields have accessible names

○ARIA `tooltip` elements have accessible names

○ARIA `treeitem` elements have accessible names

○`[aria-*]` attributes have valid values

○`[aria-*]` attributes are valid and not misspelled

○Buttons have an accessible name

○The page contains a heading, skip link, or landmark region

○`<dl>`'s contain only properly-ordered `<dt>` and `<dd>` groups, `<script>`, `<template>` or `<div>` elements.

○Definition list items are wrapped in `<dl>` elements

○ARIA IDs are unique

○No form fields have multiple labels

○`<frame>` or `<iframe>` elements have a title

○`<html>` element has an `[xml:lang]` attribute with the same base language as the `[lang]` attribute.

○Input buttons have discernible text.

○`<input type="image">` elements have `[alt]` text

○Form elements have associated labels

○Links are distinguishable without relying on color.

○The document does not use `<meta http-equiv="refresh">`

○`<object>` elements have alternate text

○Select elements have associated label elements.

○Skip links are focusable.

○No element has a `[tabindex]` value greater than 0

○`<th>` elements and elements with `[role="columnheader"/"rowheader"]` have data cells they describe.

○`[lang]` attributes have a valid value

○`<video>` elements contain a `<track>` element with `[kind="captions"]`

○Tables have different content in the summary attribute and `<caption>`.

○All heading elements contain content.

○Uses ARIA roles only on compatible elements

○Image elements do not have `[alt]` attributes that are redundant text.

○Identical links have the same purpose.

○Elements with visible text labels have matching accessible names.

Best Practices

General

Errors logged to the console indicate unresolved problems. They can come from network request failures and other browser concerns. Learn more about this errors in console diagnostic audit

Why this matters

Performance issues directly impact user engagement and conversion rates.

Source Description

Source	Description
stelgano.com/ line 748, col 0	`Executing inline script violates the following Content Security Policy directive 'script-src 'self' 'sha256-TcKTNdXTdoY7CPkISQBGRdZrB9mW+WPwtBzUlVAeDUI=' 'sha256-cdSspjwBpsvWsWkWNjpTJCWvOFqUartDG9ykPCr0lLM=' 'sha256-xJ+O11qzfGNdhPsakz+MANZJPuAEzgSwqFfTO6evqaU=''. Either the 'unsafe-inline' keyword, a hash ('sha256-KoForosNtU869tBr7lNqDDhuMJ8ffO9LmAcJMSBoaBI='), or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked.`
stelgano.com/	`Loading the script 'https://static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516' violates the following Content Security Policy directive: "script-src 'self' 'sha256-TcKTNdXTdoY7CPkISQBGRdZrB9mW+WPwtBzUlVAeDUI=' 'sha256-cdSspjwBpsvWsWkWNjpTJCWvOFqUartDG9ykPCr0lLM=' 'sha256-xJ+O11qzfGNdhPsakz+MANZJPuAEzgSwqFfTO6evqaU='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked.`

stelgano.com/ line 748, col 0

Executing inline script violates the following Content Security Policy directive 'script-src 'self' 'sha256-TcKTNdXTdoY7CPkISQBGRdZrB9mW+WPwtBzUlVAeDUI=' 'sha256-cdSspjwBpsvWsWkWNjpTJCWvOFqUartDG9ykPCr0lLM=' 'sha256-xJ+O11qzfGNdhPsakz+MANZJPuAEzgSwqFfTO6evqaU=''. Either the 'unsafe-inline' keyword, a hash ('sha256-KoForosNtU869tBr7lNqDDhuMJ8ffO9LmAcJMSBoaBI='), or a nonce ('nonce-...') is required to enable inline execution. The action has been blocked.

stelgano.com/

Loading the script 'https://static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516' violates the following Content Security Policy directive: "script-src 'self' 'sha256-TcKTNdXTdoY7CPkISQBGRdZrB9mW+WPwtBzUlVAeDUI=' 'sha256-cdSspjwBpsvWsWkWNjpTJCWvOFqUartDG9ykPCr0lLM=' 'sha256-xJ+O11qzfGNdhPsakz+MANZJPuAEzgSwqFfTO6evqaU='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. The action has been blocked.

Issues logged to the `Issues` panel in Chrome Devtools indicate unresolved problems. They can come from network request failures, insufficient security controls, and other browser concerns. Open up the Issues panel in Chrome DevTools for more details on each issue.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Issue type
Content security policy

●Uses HTTPS

●Avoids deprecated APIs

●Avoids third-party cookies

●Allows users to paste into input fields

●Avoids requesting the geolocation permission on page load

●Avoids requesting the notification permission on page load

●Displays images with correct aspect ratio

●Serves images with appropriate resolution

●Page has the HTML doctype

●Properly defines charset

●Ensure CSP is effective against XSS attacks

●Mitigate DOM-based XSS with Trusted Types

●Page has valid source maps

○Redirects HTTP traffic to HTTPS

○Use a strong HSTS policy

○Ensure proper origin isolation with COOP

○Mitigate clickjacking with XFO or CSP

○Detected JavaScript libraries

SEO

These checks ensure that your page is following basic search engine optimization advice. There are many additional factors Lighthouse does not score here that may affect your search ranking, including performance on Core Web Vitals. Learn more about Google Search Essentials.

Content Best Practices

Meta descriptions may be included in search results to concisely summarize page content. Learn more about the meta description.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Format your HTML in a way that enables crawlers to better understand your app’s content.

○Structured data is valid

●Page isn’t blocked from indexing

●Document has a `<title>` element

●Page has successful HTTP status code

●Links have descriptive text

●Links are crawlable

●robots.txt is valid

●Image elements have `[alt]` attributes

●Document has a valid `hreflang`

○Document has a valid `rel=canonical`