Summary
A Concise Overview of the scan result of url https://beta.sparkfinance.co.uk/
- Document
- HTML
- 1
- StyleSheets
- 12
- Scripts
- 29
- Font
- 1
- Images
- 4
- Links
- 0
- JavaScript Variables
- 101
- Console log messages
- 0
- Network
- Requests
- 51
- Bytes Transferred
- 6.03MB
- Bytes Total
- 6.2MB
- DNS Record
- A Record
- 3
- Technology
- Web frameworks
- 2
- PaaS
- 1
- Web servers
- 1
- JavaScript libraries
- 1
- Security
- 1
- CDN
- 2
- Analytics
- 1
- SSL/TLS certificate authorities
- 1
Document
Links
The outgoing links identified from the page.
Link | Text |
---|
JavaScript Variables
Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.
Technology
The technologies identified are present on the scanned URL.
Name | Description | Detected patterns |
---|---|---|
Analytics | ||
Google Analytics | Google Analytics is a free web analytics service that tracks and reports website traffic. | Type: scriptSrc Regex: googletagmanager\.com\/gtag\/js |
Security | ||
HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS. | Type: headers Name: strict-transport-security Regex: (?:) | |
Web frameworks | ||
Microsoft ASP.NET | ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages. | Dependent on Blazor,Kestrel |
Type: scriptSrc Regex: blazor\.server\.js | ||
Web servers | ||
Type: headers Name: server Regex: ^Kestrel | ||
CDN | ||
Google Hosted Libraries | Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries. | Type: scriptSrc Regex: ajax\.googleapis\.com\/ajax\/libs\/ |
Amazon S3 | Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface. | Type: headers Name: server Regex: s3[^ ]{0,250}amazonaws\.com |
JavaScript libraries | ||
jQuery | jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax. | Type: scriptSrc Regex: jquery |
PaaS | ||
Amazon Web Services | Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality. | Dependent on AWS Certificate Manager,Amazon S3 |
SSL/TLS certificate authorities | ||
AWS Certificate Manager | AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources. | Type: certIssuer Regex: Amazon |
Performance
The speed and efficiency of the scanned URL loads and displays its content.
- dns
- 1 msGood
- tcp
- 186 msNeeds Improvement
- requestTime
- 6 msGood
- dom
- 5 msGood
DNS Record
A DNS record maps a domain name to an IP address or other resource information.
Type | Name | Content | DNSSEC |
---|---|---|---|
A | beta.sparkfinance.co.uk | 35.178.70.218 | no |
A | beta.sparkfinance.co.uk | 13.41.231.221 | no |
A | beta.sparkfinance.co.uk | 3.10.129.150 | no |
SSL Certificate
An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.
Subject | Issue date | Expiry date | Valid |
---|---|---|---|
beta.sparkfinance.co.uk Amazon RSA 2048 M02 | 4/9/2024 | 5/8/2025 | 1 year 29 days |
*.google-analytics.com WR2 | 7/30/2024 | 10/22/2024 | 2 months 23 days |
upload.video.google.com WR2 | 7/30/2024 | 10/22/2024 | 2 months 23 days |
*.data-8.co.uk Sectigo RSA Domain Validation Secure Server CA | 1/30/2024 | 3/1/2025 | 1 year 1 month 1 day |
*.gstatic.com WR2 | 7/30/2024 | 10/22/2024 | 2 months 23 days |
HTTP Headers
HTTP Header
An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.
Name | Value |
---|---|
cache-control | no-cache, no-store, max-age=0 |
content-security-policy | default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' www.google-analytics.com https://webservices.data-8.co.uk/ ajax.googleapis.com *.googletagmanager.com; script-src-elem 'self' www.google-analytics.com https://webservices.data-8.co.uk/ ajax.googleapis.com *.googletagmanager.com jsd-widget.atlassian.com maps.googleapis.com; connect-src 'self' blob: maps.googleapis.com region1.analytics.google.com jsd-widget.atlassian.com api-private.atlassian.com; img-src 'self' maps.gstatic.com maps.googleapis.com spark-webapp-prod-public.s3.eu-west-2.amazonaws.com www.google-analytics.com data:; object-src 'self' *.company-information.service.gov.uk data: blob:; frame-src 'self' www.google.com maps.google.com *.company-information.service.gov.uk *.eu-west-2.amazonaws.com blob:; style-src 'self' https://fonts.googleapis.com/ https://webservices.data-8.co.uk/ 'unsafe-inline' https://cdn.jsdelivr.net/;base-uri 'self';form-action 'self'; font-src https://fonts.googleapis.com/ https://fonts.gstatic.com/ 'self' |
content-type | text/html; charset=utf-8 |
date | Fri, 02 Aug 2024 13:12:53 GMT |
permissions-policy | fullscreen=(), geolocation=() |
referrer-policy | no-referrer |
server | Kestrel |
strict-transport-security | max-age=2592000 |
x-content-type-options | nosniff |
x-frame-options | SAMEORIGIN |
x-xss-protection | 1; mode=block |
Content Security Policy
Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.
Name | Value |
---|---|
default-src | 'none' |
script-src | 'self''unsafe-eval''unsafe-inline'www.google-analytics.comhttps://webservices.data-8.co.uk/ajax.googleapis.com*.googletagmanager.com |
script-src-elem | 'self'www.google-analytics.comhttps://webservices.data-8.co.uk/ajax.googleapis.com*.googletagmanager.comjsd-widget.atlassian.commaps.googleapis.com |
connect-src | 'self'blob:maps.googleapis.comregion1.analytics.google.comjsd-widget.atlassian.comapi-private.atlassian.com |
img-src | 'self'maps.gstatic.commaps.googleapis.comspark-webapp-prod-public.s3.eu-west-2.amazonaws.comwww.google-analytics.comdata: |
object-src | 'self'*.company-information.service.gov.ukdata:blob: |
frame-src | 'self'www.google.commaps.google.com*.company-information.service.gov.uk*.eu-west-2.amazonaws.comblob: |
style-src | 'self'https://fonts.googleapis.com/https://webservices.data-8.co.uk/'unsafe-inline'https://cdn.jsdelivr.net/;base-uri'self';form-action'self' |
font-src | https://fonts.googleapis.com/https://fonts.gstatic.com/'self |
Cookies
Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.
Name | Value | Domain/Path | Expires | Secure | HTTP Only |
---|---|---|---|---|---|
_ga | GA1.1.1985842507.1722604374 | .sparkfinance.co.uk/ | 9/6/2025, 1:12:54 PM | no | no |
_ga_T09P3C2YZQ | GS1.1.1722604374.1.0.1722604374.60.0.0 | .sparkfinance.co.uk/ | 9/6/2025, 1:12:54 PM | no | no |
AWSALB | lsmYeyCFJ7n/kpf8/mTgJ3r8+BuB5CzhItUz9tMLQc+A40+0hECMXLJ0CtNmdLHjJj4Tbd9ljCOxS851ySBpMo5MUhor4VeM0pLG2gRvl/XA6GCTGUBcbIoy+NqJ | beta.sparkfinance.co.uk/ | 8/9/2024, 1:12:55 PM | no | no |
AWSALBCORS | lsmYeyCFJ7n/kpf8/mTgJ3r8+BuB5CzhItUz9tMLQc+A40+0hECMXLJ0CtNmdLHjJj4Tbd9ljCOxS851ySBpMo5MUhor4VeM0pLG2gRvl/XA6GCTGUBcbIoy+NqJ | beta.sparkfinance.co.uk/ | 8/9/2024, 1:12:55 PM | yes | no |