Summary
A Concise Overview of the scan result of url https://www.fca.org.uk/publications/multi-firm-reviews/insurance-multi-firm-review-outcomes-monitoring-under-consumer-duty
- Document
- HTML
- 3
- StyleSheets
- 2
- Scripts
- 12
- Font
- 0
- Images
- 14
- Links
- 5
- JavaScript Variables
- 32
- Console log messages
- 0
- Network
- Requests
- 33
- Bytes Transferred
- 580.21KB
- Bytes Total
- 1.76MB
- DNS Record
- A Record
- 2
- Technology
- CMS
- 1
- Programming languages
- 1
- Caching
- 1
- PaaS
- 2
- Security
- 2
- JavaScript libraries
- 2
- CDN
- 2
- Tag managers
- 1
Document
Links
The outgoing links identified from the page.
Link | Text |
---|---|
https://www.handbook.fca.org.uk/handbook/PRIN/2A/9.html | PRIN 2A.9 |
https://www.handbook.fca.org.uk/handbook/PROD/4/?view=chapter | PROD 4 |
https://www.linkedin.com/company/financial-conduct-authority | LinkedInLinkedInLink is external |
https://twitter.com/thefca | TwitterTwitterLink is external |
https://www.clearest.co.uk/gold-standard | Plain Language Commission Gold Award |
JavaScript Variables
Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.
Technology
The technologies identified are present on the scanned URL.
Name | Description | Detected patterns |
---|---|---|
CMS | ||
Drupal | Drupal is a free and open-source web content management framework. | Type: headers Name: x-drupal-cache Regex: 19 Nov 1978 |
Security | ||
reCAPTCHA | reCAPTCHA is a free service from Google that helps protect websites from spam and abuse. | Type: scriptSrc Regex: \/recaptcha\/(?:api|enterprise)\.js |
HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS. | Type: headers Name: strict-transport-security Regex: (?:) | |
Caching | ||
Varnish is a reverse caching proxy. | Type: headers Name: via Regex: varnish(?: \(Varnish\/([\d.]{1,250})\))? | |
Programming languages | ||
PHP is a general-purpose scripting language used for web development. | Dependent on Drupal | |
CDN | ||
jQuery CDN | jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder. | Type: scriptSrc Regex: code\.jquery\.com\/ |
Cloudflare | Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services. | Type: headers Name: cf-ray Regex: ^cloudflare$ |
Tag managers | ||
Google Tag Manager | Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app. | Type: html Regex: googletagmanager\.com\/ns\.html[^>]{1,250}><\/iframe> |
JavaScript libraries | ||
jQuery UI | jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML. | Type: scriptSrc Regex: ([\d.]{1,250})\/jquery-ui(?:\.min)?\.js |
jQuery | jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax. | Dependent on jQuery CDN,jQuery UI |
PaaS | ||
Amazon Web Services | Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality. | Dependent on Acquia Cloud Platform |
Acquia Cloud Platform | Acquia Cloud Platform is a Drupal-tuned application lifecycle management suite with an infrastructure to support Drupal deployment workflow processes. | Type: headers Name: x-ah-environment Regex: ^(next)?.{0,250}$ |
Performance
The speed and efficiency of the scanned URL loads and displays its content.
- dns
- 1 msGood
- tcp
- 39 msGood
- requestTime
- 44 msGood
- dom
- 36 msGood
DNS Record
A DNS record maps a domain name to an IP address or other resource information.
Type | Name | Content | DNSSEC |
---|---|---|---|
A | www.fca.org.uk | 104.17.107.103 | yes |
A | www.fca.org.uk | 104.17.106.103 | yes |
SSL Certificate
An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.
Subject | Issue date | Expiry date | Valid |
---|---|---|---|
fca.org.uk E5 | 7/14/2024 | 10/12/2024 | 2 months 29 days |
*.jquery.com Sectigo ECC Domain Validation Secure Server CA | 6/25/2024 | 6/25/2025 | 1 year |
www.google.com WR2 | 7/30/2024 | 10/22/2024 | 2 months 23 days |
*.gstatic.com WR2 | 7/30/2024 | 10/22/2024 | 2 months 23 days |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1 | 3/21/2024 | 4/22/2025 | 1 year 1 month 1 day |
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 | 9/29/2023 | 10/1/2024 | 1 year 3 days |
HTTP Headers
HTTP Header
An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.
Name | Value |
---|---|
cache-control | max-age=900, public |
cf-cache-status | HIT |
cf-ray | 8acd5bafec2169eb-MAD |
content-encoding | br |
content-language | en |
content-security-policy-report-only | default-src 'self' 'unsafe-inline' data: *.fca.org.uk; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com *.googletagmanager.com *.google.com *.gstatic.com *.facebook.net www.googleadservices.com siteimproveanalytics.com *.siteimproveanalytics.io *.twitter.com *.jquery.com *.nr-data.net *.newrelic.com static.ads-twitter.com js.adsrvr.org *.doubleclick.net *.fca.org.uk fca.funnelback.co.uk *.salesforceliveagent.com *.twentythree.net snap.licdn.com analytics.tiktok.com sc-static.net *.snapchat.com static.cloudflareinsights.com cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' data: *.facebook.com *.google-analytics.com *.siteimproveanalytics.io *.google.com t.co *.doubleclick.net *.fca.org.uk *.google.ie *.videomarketingplatform.co www.google.co.uk *.nr-data.net *.googletagmanager.com *.fca.org.uk *.gstatic.com www.glassdoor.co.uk *.fca.org.uk linkedin.com www.facebook.com t.co *.linkedin.com *.google.ch *.google.de *.google.nl *.google.com.eg *.google.es *.google.ee *.google.co.in *.google.co.uz *.adsymptotic.com *.tableau.com *.google.ge *.google.se *.google.com.bh *.google.sk *.twitter.com; frame-src 'self' 'unsafe-inline' *.buto.tv *.videomarketingplatform.co *.view-it.co.uk *.fcaconnect.force.com prezi.com wearebigrock.com *.fca.org.uk player.vimeo.com www.thinglink.com *.google.com *.doubleclick.net insight.adsrvr.org *.fca.org.uk *.googletagmanager.com *.youtube.com match.adsrvr.org *.twentythree.net gateway.zscaler.net *.tableau.com *.snapchat.com; frame-ancestors 'self' *.fca.org.uk; child-src 'self' 'unsafe-inline' *.buto.tv *.videomarketingplatform.co *.view-it.co.uk *.fcaconnect.force.com prezi.com wearebigrock.com *.fca.org.uk player.vimeo.com www.thinglink.com *.google.com *.fca.org.uk; font-src 'self' data: fonts.gstatic.com *.fca.org.uk at.alicdn.com; connect-src 'self' www.google-analytics.com *.googletagmanager.com *.google.com *.gstatic.com *.facebook.net www.googleadservices.com siteimproveanalytics.com *.siteimproveanalytics.io *.twitter.com *.jquery.com *.nr-data.net *.newrelic.com static.ads-twitter.com js.adsrvr.org *.doubleclick.net *.fca.org.uk fca.funnelback.co.uk *.googleapis.com analytics.tiktok.com *.snapchat.com *.google-analytics.com *.linkedin.com; report-uri https://o105440.ingest.sentry.io/api/234655/security/?sentry_key=78e86bb79e1f44d0b24b22ab1e9dc5d0; upgrade-insecure-requests |
content-type | text/html; charset=UTF-8 |
date | Fri, 02 Aug 2024 10:24:25 GMT |
expires | Sun, 19 Nov 1978 05:00:00 GMT |
last-modified | Fri, 02 Aug 2024 09:56:43 GMT |
referrer-policy | no-referrer-when-downgrade |
server | cloudflare |
strict-transport-security | max-age=15768000; preload |
vary | Cookie,X-Forwarded-Proto,Accept-Encoding |
via | varnish |
x-ah-environment | prod |
x-cache | HIT |
x-cache-hits | 7 |
x-content-type-options | nosniff |
x-drupal-cache | MISS |
x-drupal-dynamic-cache | MISS |
x-frame-options | SAMEORIGIN |
x-request-id | v-85a310ca-50b5-11ef-a0ec-a71b88c79686 |
Content Security Policy
Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.
Name | Value |
---|
Cookies
Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.
Name | Value | Domain/Path | Expires | Secure | HTTP Only |
---|