Quality and Performance reporthttps://sites.google.com/view/muzicland/%D0%B6%D0%B8%D0%B7%D0%BD%D1%8C-%D0%B0%D0%BB%D0%BB%D1%8B-%D0%BF%D1%83%D0%B3%D0%B0%D1%87%D0%B5%D0%B2%D0%BE%D0%B9
Report generated on Apr 28, 2017 8:03:37 AM
But still far from perfection
Share this report by email
Feel free to share this report with your collaborators, by copying the URL from the address bar,
or by clicking below:
Share the report
Tips and best practices:
Things to improve
2 critical dependencies detected
The failure of a third-party content provider could bring an overall breakdown of your website.
Single Point Of Failure
A Frontend Single Point Of Failure (SPOF) is a critical dependency on a third-party content, that may block the entire display of your page in case of failure of the content provider.
As an example, if your web page uses a blocking script hosted by Google’s servers, then your page is reliant on any failure from this script. Please read our blog post dedicated to SPOF for more information.
How to avoid SPOF?
As far as possible, exclude any of these dependencies, even from renowned providers. If you have to use a third-party content, ensure that you choosed an asynchronous integration and that you have a fallback in case of problem.
We are checking if the tested web page depends (in a critical way) on some of most widespread external resources (googleapis, typekit,...). That are known as Frontend SPOF (Single Point Of Failure) cases.
The following resources represent a SPOF for this page:
How can I fix this?
- use the async attribute;
- use the defer attribute;
- make sure your scripts are placed at the bottom of the page (ideally at the end of the body).
Add <h2> titles in your content
We recommend putting page keywords in at least the h1 and h2 tags. Search engines use the h1, h2, and h3 tags for SEO purposes.
This page contains:
- 2 <h1> element(s)
- 1 <h3> element(s)
You should define a 'description' meta tag
The page should define a unique description.
Description in search engines
The description of the page may be directly displayed in search engine results pages (SERP):
It allows you to control at best the entry preview in search engines, and to improve the click rate to your page. Learn more.
How to define a page's description?
<meta name="description" content="page description"> and place it in the
description has been found on this page. Please provide a <meta>
The Content Security Policy is missing
It is critical to restrict the origin of the contents of your webpage to protect your website from cross-site scripting attacks (XSS).
XSS attacks explained
An XSS attack aims to inject content into a page.
You can protect your pages against these attacks by implementing a content security policy that tells the web browser which servers are allowed to deliver resources on each page. If the browser makes a request to an unauthorized server, it must inform the user.
How can I prevent an XSS attack?
Set up a "Content-Security-Policy" (CSP) HTTP header. To specify a security policy on the source of your resources, configure your server so the response of the first resource contains the "Content-Security-Policy" HTTP header.
Here's an example:
Content-Security-Policy: script-src 'self' https://apis.google.com
In this case, the page loads correctly provided that all the scripts come from the current host or https://apis.google.com.
Please, be careful, if the header is misconfigured, some of your content, scripts, or styles may be blocked. That could cause unwanted side effects. Moreover, the restrictions apply to all pages of the website. We recommend you test the different pages of your website before deploying this header in your production environment.
No Content Security Policy on this page: it is more easily exposed to XSS attacks.
1 cookie is not secured
A cookie sent from the server to a web browser via the HTTPs protocol should only transit on a secure connection (except for some specific cases).
HTTP cookies are set by the server to the web browser via the
Set-Cookie HTTP header. Then, the browser transmits the cookies to the server for the next requests by using the
Cookie HTTP header. When the server uses a secure connection (HTTPs), the cookie probably contains some sensitive data: you have to garantee that the cookie cannot be exploited on an insecure connection.
The Secure directive
By adding the
Secure instruction in the
Set-Cookie HTTP header, the server informs the browser that it is allowed to transmit the cookie over secure connection only. Read our blog post to learn more.
The following Cookies are not secure, you should add the
Secure instruction in the
Set-Cookie HTTP header:
set-cookie: NID=102=hroz2o0mC7f_hukoVh8J8H-5gZFSXzmG0VpZviAfEharRycWMjX4FLGGKiADWqyQd6DcxTQrNNAODRTHvAp6Ls9WYqWFhlFLb7Oo4CH_WdNrYhSwTonXYRDDf_VTf5Qv;Domain=.google.com;Path=/;Expires=Sat, 28-Oct-2017 08:03:30 GMT;HttpOnly
Did you know?
The Slowest Resources
The page load time is 2.2 seconds. Listed below, are your site's slowest loading requests:
- sites.google.com/view/muzicland/%D0%B6%[...]%D0%B2%D0%BE%D0%B9 (295ms)
- accounts.google.com/o/oauth2/postmessag[...]UsrYh6TVDGP3oWluHw (184ms)
- https://apis.google.com/js/client.js (149ms)
- apis.google.com/_/scs/apps-static/_/js/[...]w/cb=gapi.loaded_0 (116ms)
- https://sites.google.com/logImpressions?_reqid=29012&rt=j (98ms)
- https://apis.google.com/js/rpc:shindig_random.js?onload=init (59ms)
- apis.google.com/_/scs/apps-static/_/js/[...]w/cb=gapi.loaded_0 (45ms)
- csi.gstatic.com/csi?v=3&s=atari&action=[...]rt=ibm.667,vpr.759 (525ms)
- lh5.googleusercontent.com/ym3Y_TcmQLH0t[...]83p1QXW6lrQQ=w1176 (346ms)
- www.gstatic.com/_/atari/_/ss/k=atari.vw[...]bXT2zUMNrlFn_lWGZA (249ms)
- www.gstatic.com/_/atari/_/js/k=atari.vw[...]OZ_dszU0pGhktNkqXA (219ms)
- www.gstatic.com/_/atari/_/js/k=atari.vw[...]OZ_dszU0pGhktNkqXA (197ms)
- https://www.google-analytics.com/analytics.js (154ms)
- stats.g.doubleclick.net/r/collect?v=1&a[...]v=j52&z=1615518746 (152ms)
- fonts.googleapis.com/css?family=Lato%3A[...]%2C700%2C700italic (134ms)
- https://ssl.gstatic.com/atari/images/favicon_2.ico (120ms)
- https://fonts.gstatic.com/s/lato/v13/EsvMC5un3kjyUhB9ZEPPwg.woff2 (101ms)
Excessively slow response times can be due to any number of reasons, usually because of a heavy resource that's loading or a temporary network issue.
For more information on page load time, you can consult the timeline.
No HTML code is commented
Comments allow you to detail a portion of code and help you navigate more efficiently in the DOM. However, make sure no sensitive information is exposed in your comments.
Well done, none of your comments contains HTML code.
No <noscript> tag is detected
When a web page uses scripts, it is advised to set at least one
This page does not load too much data (0,42 MB)
A too high page weight slows down the display, especially on low speed connections. This can lead to frustration for users paying for data (see whatdoesmysitecost.com).
Evaluate the Weight of my Web Page
In February 2016, the average weight of 100 most visited websites in the world was 1,38MB.
How to reduce the weight of my page?
You can report to our "Data amount" category to discover the possible optimizations in your case. Images are often involved.
Moreover, make sure to build your web pages in order to load data that is essential to the user experience (rendering optimization of the critical path).
For other contents (social networking plugins, advertising, content at the bottom of the page ...), it is better to delay the loading (asynchronous, lazy-loading ...), so they don't override priority contents.
We strongly recommend that you define performance budgets before you carry out your web projects. These budgets can be settled through the DareBoost monitoring feature.
We have established the weight distribution of the page by resource type:
- Font : 14,69% of total weight
- Images : 13,65% of total weight
- CSS : 11,46% of total weight
- Texts : 2,58% of total weight
- JSON : 0,11% of total weight
Here is the weight of the 10 heaviest resources over the network, and that are necessary to load the page:
- www.gstatic.com/_/atari/_/js/k=atari[...]_dszU0pGhktNkqXA (96 kB)
- apis.google.com/_/scs/apps-static/_/[...]cb=gapi.loaded_0 (83 kB)
- lh5.googleusercontent.com/ym3Y_TcmQL[...]p1QXW6lrQQ=w1176 (56 kB)
- www.gstatic.com/_/atari/_/ss/k=atari[...]T2zUMNrlFn_lWGZA (46 kB)
- fonts.gstatic.com/s/lato/v13/1YwB1sO[...]yjf12WNiUA.woff2 (23 kB)
- fonts.gstatic.com/s/lato/v13/EsvMC5u[...]UhB9ZEPPwg.woff2 (23 kB)
- fonts.gstatic.com/s/roboto/v16/CWB0X[...]kSThX0UTuA.woff2 (15 kB)
- https://www.google-analytics.com/analytics.js (12 kB)
- www.gstatic.com/_/atari/_/js/k=atari[...]_dszU0pGhktNkqXA (12 kB)
- apis.google.com/_/scs/apps-static/_/[...]cb=gapi.loaded_0 (10 kB)
This page contains 9 links
Two kind of links exist:
- Internal links that refer to pages with the same domain name;
- External links that point to other websites (must be relevant and point towards quality content).
If you reference many links, you can ask the SEO crawlers to consider only some of them, by adding the
rel=nofollow attribute to the irrelevant ones (e.g., advertisements).
Here is the distribution of 9 links present in the page:
- 9 internal links (100,00%)
- No "follow" external link (0,00%)
- No "nofollow" external link (0,00%)
Your server should be able to communicate with HTTP while it uses a HTTPS connection
Take precautionary measures against attacks like "man in the middle" by making sure to only communicate in HTTPS with the server.
The HTTP Strict Transport Security (HSTS) Header
When you communicate with a server through a secured connection, every sent request towards this server should use the HTTPS protocol. The HTTP HSTS header allows to indicate to the browser that all the requests sent to the domain concerned must be done via HTTPS. If the URL is presented under "http://...", the web browser is automatically going to replace it by "https://...".
However, we advise you to not set this header unless your entire website serves its resources in HTTPS.
No HSTS header has been detected on this page.
Well done, these best practices are respected
You do not use too long inline scripts
Any script with a significant size should let the browser cached them in order to reduce loading time/improve performance of your returning visitor.
Inline scripts / cache policy
"inline" scripts allow to integrate easily small portions of scripts directly in the HTML code. Example:
ga('create', 'UA-11111111-1', 'mywebsite.com');
By doing so, you avoid making a request to the server to retrieve the resource. So inline scripts represent a performance gain if you want to integrate small scripts.
However, once a script has a fairly substantial size, we advise you to outsource it and perform a request to retrieve it. So you will benefit from the cache mechanism.
What should I do?
Outsource your scripts with more than 1500 characters in one or more separate files.
This page uses only standard image formats
The images that use a non-standard format may not be indexed by search engines.
Only these image formats are considered standard on the web: jpeg, jpg, png, gif, svg, ico, webp. You should consider an alternative to any other format.
Moreover, remember to treat the text around your images: some search engines analyze approximately the 10 words preceding and following the image in order to add a context to the image.
No frameset, frame and noframes tags detected
These tags are obsolete, due to several issues related to the navigation consistency, SEO or browsers' bookmark features for example.
None of these tags is detected on this page.
The use of the iframe tag is prefered.
This page specifies a <title> tag
The page should define a unique title (using a <title> tag).
Use of titles by search engines
Once properly configured, the page title can be displayed in the search engine results page:
Using a suitable title is a major criterion for SEO. It allows you to control at best what is displayed in search results pages, and determine the keywords you want your site pops out.
How to define the title of a web page?
The title of the page is specified into the
<title> tag, which must be placed into the
<head> tag, at the beginning of the code.
This page defines a title the
Here is the page's title:
Все об Алле Пугачевой - Жизнь Аллы Пугачевой
No Java applets detected
Java applets are considered obsolete in 2015. HTML5 is powerful and more widely supported. Using Java applets can lead to compatibility issues and may send negative signals to your users (eg the browser indicating that content was blocked because it could be dangerous).
Congratulations, this page doesn't contain Java applets.
Do not use <bgsound> tag
bgsound tag detected. This is a good practice: this element is not a HTML standard. See more information.
Use the audio tag to deliver audio content on your page.
<audio src="my-audio-file.ogg" autoplay>
Your browser doesn't support the