portswigger.net
Free website and domain report on portswigger.net
Last Updated: 15th November, 2022 Update Now
Overview
Snoop Summary for portswigger.net
This is a free and comprehensive report about portswigger.net. The domain portswigger.net is currently hosted on a server located in Dublin, Leinster in Ireland with the IP address 54.246.133.196, where the local currency is EUR and English is the local language. Our records indicate that portswigger.net is owned/operated by PortSwigger Ltd. Portswigger.net is expected to earn an estimated $18 USD per day from advertising revenue. The sale of portswigger.net would possibly be worth $13,392 USD. This figure is based on the daily revenue potential of the website over a 24 month period. Portswigger.net receives an estimated 6,432 unique visitors every day - a huge amount of traffic! This report was last updated 15th November, 2022.
About portswigger.net
| Site Preview: |   |
| Title: | Web Application Security, Testing, & Scanning - PortSwigger |
| Description: | Web application security testing software. Product details, downloads, how to order and screenshots. |
| Keywords and Tags: | computers, hardware, information security, internet, popular, products, security, security scanners, software, tools |
| Related Terms: | scanning |
| Fav Icon: | |
| Age: | Over 22 years old |
| Domain Created: | 9th September, 2001 |
| Domain Updated: | 18th August, 2020 |
| Domain Expires: | 9th September, 2021 |
Review
Snoop Score
3/5 (Great!)
Valuation
$13,392 USD
Note: All valuation figures are estimates.
Popularity
High
Note: Popularity is estimated.
Rank, Reach and Authority
| Alexa Rank: | 74,852 |
| Alexa Reach: | 0.0012% |
| SEMrush Rank (US): | |
| SEMrush Authority Score: | |
| Moz Domain Authority: | 0 |
| Moz Page Authority: | 0 |
Rank By Country
| Country | Alexa Rank |
|---|---|
 Brazil | 44,188 |
 Canada | 115,613 |
 Germany | 103,123 |
 Denmark | 15,004 |
 France | 104,246 |
 United Kingdom | 47,040 |
 Israel | 35,701 |
 India | 28,721 |
 Italy | 49,437 |
 Japan | 38,497 |
 Morocco | 15,770 |
 Nigeria | 40,368 |
 Pakistan | 22,974 |
 Poland | 52,034 |
 Russian Federation | 317,059 |
 Singapore | 38,113 |
 Thailand | 57,314 |
 Turkey | 55,165 |
 United States | 67,533 |
 Viet Nam | 43,768 |
Organic vs Paid (Google Ads)
Traffic
Visitors
| Daily Visitors: | 6,432 |
| Monthly Visitors: | 195,770 |
| Yearly Visitors: | 2,347,680 |
Note: All visitors figures are estimates.
Visitors By Country
| Country | Visitors (Unique) | Percentage |
|---|---|---|
| Brazil | Daily: 193 Monthly: 5,873 Yearly: 70,430 | 3% |
| Canada | Daily: 51 Monthly: 1,566 Yearly: 18,781 | 0.8% |
| Germany | Daily: 154 Monthly: 4,698 Yearly: 56,344 | 2.4% |
| Denmark | Daily: 122 Monthly: 3,720 Yearly: 44,606 | 1.9% |
| France | Daily: 129 Monthly: 3,915 Yearly: 46,954 | 2% |
| United Kingdom | Daily: 289 Monthly: 8,810 Yearly: 105,646 | 4.5% |
| Israel | Daily: 39 Monthly: 1,175 Yearly: 14,086 | 0.6% |
| India | Daily: 868 Monthly: 26,429 Yearly: 316,937 | 13.5% |
| Italy | Daily: 180 Monthly: 5,482 Yearly: 65,735 | 2.8% |
| Japan | Daily: 1,029 Monthly: 31,323 Yearly: 375,629 | 16% |
| Morocco | Daily: 51 Monthly: 1,566 Yearly: 18,781 | 0.8% |
| Nigeria | Daily: 45 Monthly: 1,370 Yearly: 16,434 | 0.7% |
| Other | Daily: 1,750 Monthly: 53,249 Yearly: 638,569 | 27.2% |
| Pakistan | Daily: 109 Monthly: 3,328 Yearly: 39,911 | 1.7% |
| Poland | Daily: 122 Monthly: 3,720 Yearly: 44,606 | 1.9% |
| Russian Federation | Daily: 32 Monthly: 979 Yearly: 11,738 | 0.5% |
| Singapore | Daily: 45 Monthly: 1,370 Yearly: 16,434 | 0.7% |
| Thailand | Daily: 39 Monthly: 1,175 Yearly: 14,086 | 0.6% |
| Turkey | Daily: 77 Monthly: 2,349 Yearly: 28,172 | 1.2% |
| United States | Daily: 1,042 Monthly: 31,715 Yearly: 380,324 | 16.2% |
| Viet Nam | Daily: 64 Monthly: 1,958 Yearly: 23,477 | 1% |
Note: All visitors figures are estimates.
Revenue
Revenue
| Daily Revenue: | $18 USD |
| Monthly Revenue: | $558 USD |
| Yearly Revenue: | $6,691 USD |
Note: All revenue figures are estimates.
Revenue By Country
| Country | Revenue | Percentage |
|---|---|---|
| Brazil | Daily: $0 USD Monthly: $2 USD Yearly: $23 USD | 0.3% |
| Canada | Daily: $0 USD Monthly: $2 USD Yearly: $22 USD | 0.3% |
| Germany | Daily: $0 USD Monthly: $8 USD Yearly: $99 USD | 1.5% |
| Denmark | Daily: $0 USD Monthly: $0 USD Yearly: $4 USD | 0.1% |
| France | Daily: $0 USD Monthly: $4 USD Yearly: $46 USD | 0.7% |
| United Kingdom | Daily: $1 USD Monthly: $19 USD Yearly: $230 USD | 3.4% |
| Israel | Daily: $0 USD Monthly: $0 USD Yearly: $1 USD | <0.1% |
| India | Daily: $2 USD Monthly: $52 USD Yearly: $619 USD | 9.3% |
| Italy | Daily: $0 USD Monthly: $2 USD Yearly: $26 USD | 0.4% |
| Japan | Daily: $0 USD Monthly: $10 USD Yearly: $124 USD | 1.9% |
| Morocco | Daily: $0 USD Monthly: $0 USD Yearly: $1 USD | <0.1% |
| Nigeria | Daily: $0 USD Monthly: $0 USD Yearly: $3 USD | <0.1% |
| Other | Daily: $0 USD Monthly: $0 USD Yearly: $0 USD | <0.1% |
| Pakistan | Daily: $0 USD Monthly: $1 USD Yearly: $11 USD | 0.2% |
| Poland | Daily: $0 USD Monthly: $1 USD Yearly: $6 USD | 0.1% |
| Russian Federation | Daily: $0 USD Monthly: $0 USD Yearly: $1 USD | <0.1% |
| Singapore | Daily: $0 USD Monthly: $0 USD Yearly: $2 USD | <0.1% |
| Thailand | Daily: $0 USD Monthly: $0 USD Yearly: $2 USD | <0.1% |
| Turkey | Daily: $0 USD Monthly: $1 USD Yearly: $7 USD | 0.1% |
| United States | Daily: $15 USD Monthly: $455 USD Yearly: $5,459 USD | 81.6% |
| Viet Nam | Daily: $0 USD Monthly: $0 USD Yearly: $4 USD | 0.1% |
Note: All revenue figures are estimates.
SEO
Backlinks Analysis (SEMrush)
Top New Follow Links
Top Ranking Keywords (US)
Domain Analysis
| Value | Length | |
|---|---|---|
| Domain: | portswigger.net | 15 |
| Domain Name: | portswigger | 11 |
| Extension (TLD): | net | 3 |
| Expiry Check: | |
Page Speed Analysis
| Average Load Time: | 1.49 seconds |
| Load Time Comparison: | Faster than 59% of sites |
PageSpeed Insights
Avg. (All Categories)
Performance
Accessibility
Best Practices
SEO
Progressive Web App
0–49 (Fail) 50–89 (Average) 90–100 (Pass) 
URL: https://portswigger.net/
Updated: 16th February, 2021
2.46 seconds
First Contentful Paint (FCP)
0.00 seconds
First Input Delay (FID) Simulate loading on desktop
Performance
Indicates how well the page is performing and highlights opportunities where performance may be improved for portswigger.net. This includes details about optimizing page load times which can result in a better user experience.Metrics
First Contentful Paint — 0.5 s The time taken for the first image or text on the page to be rendered.
Time to Interactive — 0.5 s The time taken for the page to become fully interactive.
Total Blocking Time — 0 ms The total blocking time is the sum of all time periods between First Contentful Paint and Time to Interactive (when task length exceeded 50ms).
Cumulative Layout Shift — 0.001 Cumulative Layout Shift is the measurement of visible elements collective movement within the viewport.
View Data
Other
First CPU Idle — 0.5 s The time taken for the page's main thread to be quiet enough to handle input.
Max Potential First Input Delay — 30 ms Users could experience a delay when interacting with the page.
First Meaningful Paint — 0.5 s The time taken for the primary content of the page to be rendered.
Estimated Input Latency — 10 ms The time taken for the page to respond to user input (during the busiest 5 second window of page load). Users are likely to perceive portswigger.net as laggy when the latency is higher than 0.05 seconds.
Network Requests Below is a list of network requests that were made during page load.
| URL | Start Time (Ms) | End Time (Ms) | Transfer Size (Bytes) | Resource Size (Bytes) | Status Code | MIME Type | Resource Type |
|---|---|---|---|---|---|---|---|
| http://portswigger.net/ | 0 | 198.46600014716 | 425 | 0 | 301 | ||
| https://portswigger.net/ | 198.97500006482 | 871.15400005132 | 14157 | 38935 | 200 | text/html | Document |
| https://portswigger.net/Content/Fonts/ps-icons-small/ps-icons-small.woff?td2uot | 882.68999988213 | 1472.1070001833 | 9587 | 8496 | 200 | application/font-woff | Font |
| https://portswigger.net/Content/Fonts/ps-main/ps-icons.woff?l1la2n | 882.91800022125 | 983.91500022262 | 16860 | 15768 | 200 | application/font-woff | Font |
| https://portswigger.net/content/PSLandingPages.css | 883.87400005013 | 1703.9990001358 | 75749 | 1057596 | 200 | text/css | Stylesheet |
| https://portswigger.net/content/images/svg/icons/enterprise.svg | 1473.9149999805 | 1573.6430003308 | 1608 | 560 | 200 | image/svg+xml | Image |
| https://portswigger.net/content/images/svg/icons/professional.svg | 1575.2070001327 | 2068.7549998984 | 1446 | 398 | 200 | image/svg+xml | Image |
| https://portswigger.net/content/images/svg/icons/community.svg | 1707.5260002166 | 1809.8360002041 | 1608 | 560 | 200 | image/svg+xml | Image |
| https://portswigger.net/content/images/callouts/burp-scanner.jpg | 1742.0880002901 | 2443.4430003166 | 27564 | 26550 | 200 | image/jpeg | Image |
| https://portswigger.net/content/images/callouts/enterprise.jpg | 1742.2640002333 | 1845.260000322 | 15156 | 14142 | 200 | image/jpeg | Image |
| https://portswigger.net/content/images/logos/academy-logo-large.svg | 1742.3880002461 | 2338.4279999882 | 9896 | 8847 | 200 | image/svg+xml | Image |
| https://portswigger.net/content/images/logos/burpsuite-logo-large.svg | 1742.6920002326 | 1844.7990003042 | 3536 | 2487 | 200 | image/svg+xml | Image |
| https://portswigger.net/content/images/logos/the-daily-swig-logo-large.svg | 1742.9690002464 | 2337.2410000302 | 10491 | 9442 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/amazon.svg | 1743.133999873 | 2242.0069999062 | 6280 | 5231 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/google.svg | 1743.3080002666 | 2242.3580000177 | 2781 | 1732 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/walmart.svg | 1743.5460002162 | 2243.2180000469 | 4307 | 3258 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/fedex.svg | 1743.6350001954 | 2235.6250002049 | 3728 | 2679 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/axa.svg | 1743.8020003028 | 2243.7960002571 | 2542 | 1493 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/p-and-g.svg | 1744.0160000697 | 2343.8360001892 | 8001 | 6952 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/microsoft.svg | 1744.1070000641 | 2245.8530003205 | 4437 | 3388 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/salesforce.svg | 1744.1799999215 | 2241.3530000485 | 6558 | 5509 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/standard-chartered.svg | 1744.3030001596 | 2335.4899999686 | 8019 | 6970 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/samsung.svg | 1744.7299999185 | 2245.3850000165 | 2939 | 1890 | 200 | image/svg+xml | Image |
| https://portswigger.net/bundles/public/main?v=sU2SIp2WpNQ-3tcEAlQ1SiZOTUOBRo8EcZfBYRTQicM1 | 1744.8690002784 | 2246.2390000001 | 3374 | 5012 | 200 | text/javascript | Script |
| https://portswigger.net/content/images/logos/portswigger-logo.svg | 1744.975999929 | 2242.7030000836 | 4341 | 3292 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/Logos/portswigger-logo.svg | 1754.7070002183 | 2247.1480001695 | 4341 | 3292 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/Banners/banner-home.webp | 1758.1790001132 | 2358.159000054 | 14952 | 13934 | 200 | image/webp | Image |
| https://portswigger.net/Content/Images/Banners/banner-home-acad-background.webp | 1760.9740002081 | 2452.1230002865 | 21282 | 20264 | 200 | image/webp | Image |
| https://www.google-analytics.com/analytics.js | 2273.6470000818 | 2277.5380001403 | 19451 | 47051 | 200 | text/javascript | Script |
| https://www.googletagmanager.com/gtm.js?id=GTM-M4CF4TD | 2274.3589999154 | 2301.8360002898 | 28917 | 71158 | 200 | application/javascript | Script |
| https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1733675788&t=pageview&_s=1&dl=https%3A%2F%2Fportswigger.net%2F&ul=en-us&de=UTF-8&dt=Web%20Application%20Security%2C%20Testing%2C%20%26%20Scanning%20-%20PortSwigger&sd=24-bit&sr=800x600&vp=1350x940&je=0&_u=aEBAAEABEAAAAC~&jid=2091359187&gjid=498403084&cid=272824554.1613476083&tid=UA-58487031-1&_gid=1898043058.1613476083&_r=1&z=651650658 | 2302.5380000472 | 2305.9550002217 | 624 | 2 | 200 | text/plain | XHR |
| https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-58487031-1&cid=272824554.1613476083&jid=2091359187&gjid=498403084&_gid=1898043058.1613476083&_u=aEBAAEAAEAAAAC~&z=1621741571 | 2309.297000058 | 2309.3050001189 | 0 | 0 | -1 | XHR | |
| https://portswigger.net/content/images/banners/banner-home-acad-screengrabs.webp | 3484.8879999481 | 3829.8980002292 | 89818 | 88800 | 200 | image/webp | Image |
| https://portswigger.net/content/images/logos/academy-logo-01.svg | 3616.7430002242 | 3722.0640000887 | 9721 | 8672 | 200 | image/svg+xml | Image |
Network Round Trip Times — 0 ms High Network RTT (Round Trip Times) can have a large impact on performance. Providing servers geographically closer to the user could improve performance.
Server Backend Latencies — 0 ms High server latencies indicate the server is overloaded or has a poor backend performance.
Tasks Below is a list of the top-level main thread tasks that executed during page load.
| Start Time (Ms) | End Time (Ms) |
|---|---|
| 905.102 | 7.237 |
| 1737.994 | 29.654 |
| 1767.707 | 8.991 |
| 1776.716 | 33.183 |
| 1813.577 | 7.473 |
| 1829.908 | 39.697 |
| 2312.463 | 21.483 |
| 2341.206 | 5.244 |
| 2375.446 | 5.287 |
Opportunities
Properly size images Images can slow down the page's load time. Portswigger.net should consider serving more appropriate-sized images.
Defer offscreen images Time to Interactive can be slowed down by resources on the page. Portswigger.net should consider lazy-loading offscreen and hidden images.
Minify CSS Cascading Style Sheets (CSS) files can contribute to network payload sizes. Portswigger.net should consider minifying CSS files.
Minify JavaScript JavaScript (JS) files can contribute to network payload sizes and increase script parse times. Portswigger.net should consider minifying JS files.
Remove unused CSS — Potential savings of 71 KiB Dead and/or unused rules in Style Sheets (CSS) can contribute to network payload sizes. Portswigger.net should consider removing dead rules from style sheets and deferring the loading of CSS not used for above-the-fold content.
| URL | Transfer Size (Bytes) | Potential Savings (Bytes) |
|---|---|---|
| https://portswigger.net/content/PSLandingPages.css | 75749 | 73065 |
Remove unused JavaScript It is advised to remove unused JavaScript in order to reduce bytes consumed by network activity.
Efficiently encode images — Potential savings of 8 KiB Unoptimized images can consume more cellular data than what is necessary.
| URL | Resource Size (Bytes) | Potential Savings (Bytes) |
|---|---|---|
| https://portswigger.net/content/images/callouts/burp-scanner.jpg | 26550 | 7727 |
Serve images in next-gen formats — Potential savings of 14 KiB Image formats like PNG and JPEG have poor compression when compared to other next-gen formats, such as JPEG 200, JPEG XR and WebP.
| URL | Resource Size (Bytes) | Potential Savings (Bytes) |
|---|---|---|
| https://portswigger.net/content/images/callouts/burp-scanner.jpg | 26550 | 14408 |
Enable text compression Text-based resources should be served with compression, such as gzip, deflate or brotli.
Preconnect to required origins Resource hints, such as 'preconnect' or 'dns-prefetch', may assist in establishing early connections to important third-party origins.
Avoid multiple page redirects — Potential savings of 190 ms Redirects can cause additional delays before the page can begin loading. Portswigger.net should avoid multiple or unnecessary page redirects.
| URL | Time Spent (Ms) |
|---|---|
| http://portswigger.net/ | 190 |
| https://portswigger.net/ | 0 |
Preload key requests Key requests can be preloaded by using '<link rel=preload>'. Portswigger.net should consider using '<link rel=preload>' to prioritize fetching resources that are currently requested later in page load.
Use video formats for animated content Large GIFs are inefficient for delivering animated content. It is recommended to use MPEG4/WebM videos for animations and PNG/WebP for static images instead of GIF.
Remove duplicate modules in JavaScript bundles Ensure that no duplicate JavaScript modules from bundles exist to reduce bytes consumed by network activity.
Avoid serving legacy JavaScript to modern browsers Polyfills and transforms enable legacy browsers to use new JavaScript features. For bundled JavaScript it is recommended to adopt a modern script deployment strategy using module/nomodule feature detection. This will reduce the amount of code shipped to modern browsers.
Diagnostics
Avoids enormous network payloads — Total size was 424 KiB Large network payloads can cost users money and are linked to long load times.
| URL | Transfer Size (Bytes) |
|---|---|
| https://portswigger.net/content/images/banners/banner-home-acad-screengrabs.webp | 89818 |
| https://portswigger.net/content/PSLandingPages.css | 75749 |
| https://www.googletagmanager.com/gtm.js?id=GTM-M4CF4TD | 28917 |
| https://portswigger.net/content/images/callouts/burp-scanner.jpg | 27564 |
| https://portswigger.net/Content/Images/Banners/banner-home-acad-background.webp | 21282 |
| https://www.google-analytics.com/analytics.js | 19451 |
| https://portswigger.net/Content/Fonts/ps-main/ps-icons.woff?l1la2n | 16860 |
| https://portswigger.net/content/images/callouts/enterprise.jpg | 15156 |
| https://portswigger.net/Content/Images/Banners/banner-home.webp | 14952 |
| https://portswigger.net/ | 14157 |
Uses efficient cache policy on static assets — 1 resource found Portswigger.net can speed up repeat visits by increasing the cache lifetime, which is essentially how long before a cached copy expires.
| URL | Cache TTL (Ms) | Transfer Size (Bytes) |
|---|---|---|
| https://www.google-analytics.com/analytics.js | 7200000 | 19451 |
Avoids an excessive DOM size — 338 elements A large DOM (Document Object Model) will increase memory usage, cause longer system calculations as well as costly layout reflows.
| Statistic | Element | Value |
|---|---|---|
| Total DOM Elements | 338 | |
| Maximum DOM Depth | 14 | |
| Maximum Child Elements | 22 |
Avoid chaining critical requests — 1 chain found Below is a list of Critical Request Chains, which shows which resources are loaded with a high priority. Portswigger.net should consider reducing the length of chains, reducing the download size of resources, or deferring the download of unnecessary resources to improve page load.
User Timing marks and measures Make use of the User Timing API to measure an app's real-world performance during key user experiences.
JavaScript execution time — 0.0 s JavaScript (JS) execution time can be lowered by reducing the time required for parsing, compiling and executing JS. Delivering smaller JS payloads may help with this.
| URL | Total CPU Time (Ms) | Script Evaluation (Ms) | Script Parse (Ms) |
|---|---|---|---|
| https://portswigger.net/ | 136.567 | 16.658 | 1.748 |
| Unattributable | 67.545 | 1.557 | 0.18 |
Minimizes main-thread work — 0.3 s Main-thread work timing can be lowered by reducing the time required for parsing, compiling and executing JS. Delivering smaller JS payloads may help with this.
| Category | Time Spent (Ms) |
|---|---|
| Other | 115.028 |
| Script Evaluation | 50.151 |
| Style & Layout | 48.633 |
| Parse HTML & CSS | 33.609 |
| Rendering | 20.046 |
| Script Parsing & Compilation | 5.672 |
Keep request counts low and transfer sizes small — 34 requests • 424 KiB It is advised to add a budgets.json file in order to set budgets for the quantity and size of page resources.
| Resource Type | Requests | Transfer Size (Bytes) |
|---|---|---|
| Total | 34 | 434496 |
| Image | 24 | 265352 |
| Stylesheet | 1 | 75749 |
| Script | 3 | 51742 |
| Font | 2 | 26447 |
| Document | 1 | 14157 |
| Other | 3 | 1049 |
| Media | 0 | 0 |
| Third-party | 4 | 48992 |
Minimize third-party usage — Third-party code blocked the main thread for 0 ms It is advised to either limit, remove or delay the loading of redundant third-party code which may be significantly impacting load performance.
| Third-Party | Transfer Size (Bytes) | Main-Thread Blocking Time (Ms) |
|---|---|---|
| 28917 | 0 | |
| 20075 | 0 | |
| 0 | 0 |
Largest Contentful Paint element — 1 element found The element which was identified as the Largest Contentful Paint.
| Element |
|---|
Avoid large layout shifts — 4 elements found Below is a list of all DOM elements that contribute to the CLS of the page.
| Element | CLS Contribution |
|---|---|
| 0.00035420132504451 | |
| 0.00014724767880468 | |
| 0.00014359259457903 | |
| 0.0001196024782726 |
Uses passive listeners to improve scrolling performance Improve the page's scroll performance by marking touch and wheel event listeners as 'passive'.
Avoids `document.write()` Avoid or limit the use of external scripts that are dynamically injected via 'document.write()' as users on slow connections will be delayed by tens of seconds.
Avoid long main-thread tasks Below is a list of the longest tasks on the main thread, which is useful when identifying the worst input delay contributors.
Avoid non-composited animations It is recommended to avoid non-composited animations which are often janky and increase CLS.
Avoids large JavaScript libraries with smaller alternatives — 0 large libraries found It is recommended to work with smaller JavaScript libraries to reduce your bundle size and avoid poor performance.
Budgets
Performance budget It is advised to keep the quantity and size of all network requests under the targets set by the provided performance budget.
Timing budget It is advised to set a timing budget to monitor the performance of your site.
Metrics
Speed Index — 1.5 s The time taken for the page contents to be visibly populated.
Largest Contentful Paint — 1.9 s The timing of the largest text or image that is painted.
Opportunities
Eliminate render-blocking resources — Potential savings of 130 ms Resources, such as JavaScript and style sheets, can block the first paint of the page. Portswigger.net should consider delivering critical JavaScript/style sheets (JS/CSS) inline and deferring all non-critical JS/CSS.
| URL | Transfer Size (Bytes) | Potential Savings (Ms) |
|---|---|---|
| https://portswigger.net/content/PSLandingPages.css | 75749 | 150 |
Opportunities
Reduce initial server response time — Root document took 670 ms It is advised to keep the server response time short for the main document, because all other requests depend on it.
| URL | Time Spent (Ms) |
|---|---|
| https://portswigger.net/ | 673.177 |
Diagnostics
Ensure text remains visible during webfont load Make use of the font-display CSS feature, which will ensure text is user-visible while webfonts are loading.
| URL | Potential Savings (Ms) |
|---|---|
| https://portswigger.net/Content/Fonts/ps-icons-small/ps-icons-small.woff?td2uot | 589.41700030118 |
Accessibility
Indicates how accessible the page is and highlights opportunities where the page can be made more accessible to users of portswigger.net. This includes details about various page attributes that can be optimized.Navigation
`[accesskey]` values are unique Access keys assist users with focusing on different parts of the page. Each access key should be unique for proper navigation.
The page contains a heading, skip link, or landmark region It is advised to provide ways to bypass repetitive content, allowing users to navigate the page efficiently.
`[id]` attributes on active, focusable elements are unique Ensure all focusable elements have a unique id value to allow them to be visible to users of assistive technologies, like a screen reader.
Heading elements appear in a sequentially-descending order Properly order all headers and do not skip heading levels to better the navigation and readability for users of assistive technologies, like a screen reader.
No element has a `[tabindex]` value greater than 0 Although technically valid, a tabindex value greater than 0 often creates frustrating experiences for users who rely on assistive technologies.
ARIA
`[aria-*]` attributes match their roles Avoid mismatching 'aria-*' attributes and their 'role' value, as it invalidates the attribute.
`[aria-hidden="true"]` is not present on the document `<body>` If aria-hidden=true is set on the document body, assistive technologies, like a screen reader will work inconsistently.
`[aria-hidden="true"]` elements do not contain focusable descendents Interactive elements within an aria-hidden=true element are unavailable to users of assistive technologies, like a screen reader.
ARIA input fields have accessible names Generic names are announced to users of assistive technologies, like a screen reader, when an input field does not have an accessible name specified.
`[role]`s have all required `[aria-*]` attributes Some ARIA roles have required 'aria-*' attributes, which provide essential information about state and functionality.
Elements with an ARIA `[role]` that require children to contain a specific `[role]` have all required children. Some ARIA parent roles cannot perform their intended functions if specific child roles are not used.
`[role]`s are contained by their required parent element Some ARIA child roles cannot perform their intended functions if specific parent roles are not used.
`[role]` values are valid All ARIA roles require valid values to perform their intended functions.
ARIA toggle fields have accessible names Generic names are announced to users of assistive technologies, like a screen reader, when a toggle field does not have an accessible name specified.
`[aria-*]` attributes have valid values ARIA attributes cannot be interpreted with invalid values when used by screen readers and other assistive technologies.
`[aria-*]` attributes are valid and not misspelled ARIA attributes cannot be interpreted with invalid names when used by screen readers and other assistive technologies.
ARIA IDs are unique Ensure all ARIA ID values are unique to prevent elements from being overlooked by assistive technologies, like a screen reader.
Names and labels
Buttons have an accessible name Buttons become unusable as they are announced simply as "button" when the button does not have an accessible name, when used by screen readers and other assistive technologies.
Document has a `<title>` element Search engines, screen reader users and other assistive technology users rely on the title to provide an overview of the page and to help determine if the page is relevant to their search.
No form fields have multiple labels Having multiple labels for form fields can be confusing to assistive technologies, like a screen reader.
`<frame>` or `<iframe>` elements have a title Screen reader users and other assistive technology users rely on frame titles to describe the contents of frames.
`<input type="image">` elements have `[alt]` text Input buttons with alternative text assist screen readers and other assistive technology users to understand its purpose.
Form elements have associated labels Screen readers and other assistive technologies rely on labels to properly announce form controls.
`<object>` elements have `[alt]` text It is advised that alt text is used on '<object>' elements in order to provide meaning to screen reader and other assistive technology users, as these technologies are unable to translate non-text content.
Tables and lists
`<dl>`'s contain only properly-ordered `<dt>` and `<dd>` groups, `<script>`, `<template>` or `<div>` elements. Screen readers and other assistive technologies may produce poor and inaccurate output when definition lists are not properly marked up.
Definition list items are wrapped in `<dl>` elements In order for screen readers and other assistive technologies to properly announce definition list items ('<dt>' and '<dd>'), they must be wrapped in parent a '<dl>' element.
Presentational `<table>` elements avoid using `<th>`, `<caption>` or the `[summary]` attribute. It is advised to not include data elements in tables which are used for layout purposes, as it may create confusion for screen reader and other assistive technology users.
Lists contain only `<li>` elements and script supporting elements (`<script>` and `<template>`). Use proper list structure to aid screen readers and other assistive technologies.
List items (`<li>`) are contained within `<ul>` or `<ol>` parent elements In order for screen readers to announce list items, ensure that list items ('<li>') are contained within parent '<ul>' or '<ol>' tags.
Cells in a `<table>` element that use the `[headers]` attribute refer to table cells within the same table. Screen readers and other assistive technologies have features to make navigating tables easier. Ensure that '<td>' cells using the headers attribute only refer to other cells in the same table, to improve screen reader user experience.
`<th>` elements and elements with `[role="columnheader"/"rowheader"]` have data cells they describe. Screen readers and other assistive technologies have features to make navigating tables easier. Ensure that table headers refer to some set of cells, to improve screen reader user experience.
Internationalization and localization
`<html>` element has a valid value for its `[lang]` attribute Specify a valid BCP 47 language in order to help screen readers and other assistive technologies announce text properly.
`[lang]` attributes have a valid value Specify a valid BCP 47 language on elements in order to help screen readers and other assistive technologies announce text properly.
Best practices
The document does not use `<meta http-equiv="refresh">` Pages that refresh automatically cause a poor user experience as focus is directed back to the top of the page unexpectedly.
`[user-scalable="no"]` is not used in the `<meta name="viewport">` element and the `[maximum-scale]` attribute is not less than 5. For users with low vision who rely on screen magnification, ensure that zooming is not disabled.
Audio and video
`<video>` elements contain a `<track>` element with `[kind="captions"]` Portswigger.net may provide assistance to deaf or hearing-impaired users with captions on videos.
`<video>` elements contain a `<track>` element with `[kind="description"]` Portswigger.net may provide relevant information that dialogue cannot, by using audio descriptions.
Contrast
Background and foreground colors do not have a sufficient contrast ratio. Many (if not most) users find low-contrast text difficult or impossible to read.
| Failing Elements |
|---|
Internationalization and localization
`<html>` element does not have a `[lang]` attribute It is advised to provide a lang attribute so that screen readers and other assistive technologies are guaranteed to announce the page's text correctly. When not provided, the user's default language setting will be used which may cause inaccuracies.
| Failing Elements |
|---|
Names and labels
Image elements do not have `[alt]` attributes Provide short and descriptive alternative text where possible on informative elements.
| Failing Elements |
|---|
Manual Checks
The page has a logical tab order The visual layout should be logical in its tab order and users cannot focus elements that are offscreen.
Interactive controls are keyboard focusable Ensure that custom interactive controls are keyboard focusable and that a focus indicator is displayed.
Interactive elements indicate their purpose and state Ensure that interactive elements (such as links and buttons) are distinguishable from non-interactive elements and that they indicate their state.
The user's focus is directed to new content added to the page When new content (such as a dialogue) is added to the page, the user's focus should be directed to it.
User focus is not accidentally trapped in a region Avoid focus being accidentally trapped when a user tabs in and out of controls or regions on page.
Custom controls have associated labels Ensure that custom interactive controls have associated labels, which are provided by aria-label and aria-labelledby attributes.
Custom controls have ARIA roles Ensure that all custom interactive controls have appropriate ARIA roles.
Visual order on the page follows DOM order Ensure that the DOM order matches with the page's visual order, in order to improve navigation for screen readers and other assistive technologies.
Offscreen content is hidden from assistive technology Ensure that offscreen content is hidden through the use of "display:none" styling or the aria-hidden attribute.
HTML5 landmark elements are used to improve navigation Elements such as <main> and <nav> are recommended as they are used by screen readers and other assistive technologies to improve keyboard navigation.
Best Practices
Indicates the recommended, best practices currently in place on the page and highlights the best practices that portswigger.net should incorporate. This includes practices such as protecting pages with HTTPS.Audits
Links to cross-origin destinations are safe Improve performance and prevent security vulnerabilities by adding rel="noopener" and rel="noreferrer" to external links.
Avoids requesting the geolocation permission on page load When requesting a user's location, provide context or consider tying the request to a user action to avoid confusion and mistrust from users.
Avoids requesting the notification permission on page load When requesting permission to send notifications, provide context or consider tying the request to a user action to avoid confusion and mistrust from users.
Avoids front-end JavaScript libraries with known security vulnerabilities Ensure that the use of third-party scripts is minimal and that only trusted third-party scripts are used as some may contain known security vulnerabilities which may be exploited by attackers.
Audits
Allows users to paste into password fields Ensure that password inputs may be pasted into to aid in the user's ability to use password managers and improve security.
Displays images with correct aspect ratio Ensure that image display dimensions match their natural aspect ratio.
Serves images with appropriate resolution For maximum image clarity, ensure images have natural dimensions and are proportional to the display size and pixel ratio.
Fonts with `font-display: optional` are preloaded It is recommended that optional fonts are preloaded.
Audits
Page has the HTML doctype Ensure a doctype is specified to prevent the browser from switching to quirks-mode.
Properly defines charset It is advised to declare a character encoding, optionally via a <meta> tag in the first 1024 bytes of the HTML or in the Content-Type HTTP response header.
Audits
Avoids `unload` event listeners The 'unload' event does not fire reliably, causing issues with browser optimizations such as the Back-Forward Cache. It is recommended that 'pagehide' or 'visibilitychange' events are used instead.
Avoids Application Cache Application cache is deprecated and is no longer recommended.
Detected JavaScript libraries Below is a list of all front-end JavaScript libraries that were detected on the page.
Avoids deprecated APIs Avoid deprecated APIs which will eventually be removed the browser.
Page has valid source maps Consider deploying source maps for added benefits such as the ability to debug while in production.
Audits
Does not use HTTPS — 1 insecure request found Ensure that all pages are protected with HTTPS (including those that do not handle sensitive data) as HTTPS prevents tampering and passive listening on communications between the app and its users. Additionally, HTTPS is a prerequisite for HTTP/2 and many new web platform APIs.
| Insecure URL |
|---|
| http://portswigger.net/ |
Audits
Browser errors were logged to the console Below is a list of all errors logged to the console, which indicate unresolved problems on the site.
| URL | Description |
|---|---|
| https://www.google-analytics.com/analytics.js | Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-58487031-1&cid=272824554.1613476083&jid=2091359187&gjid=498403084&_gid=1898043058.1613476083&_u=aEBAAEAAEAAAAC~&z=1621741571' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/".
|
SEO
Indicates how well the page is optimized for ranking in search engines and highlights Search Engine Optimization (SEO) opportunities for portswigger.net. This includes optimizations such as providing meta data.Mobile Friendly
Has a `<meta name="viewport">` tag with `width` or `initial-scale` It is advised to use a '<meta name="viewport">' tag for the optimization of portswigger.net on mobile screens.
Document uses legible font sizes Font sizes of 12px or less are too small to most mobile users without user gestures and further action. Aim for more than 60% of page text to use font sizes greater than 12px.
Tap targets are sized appropriately Interactive elements (such as buttons and links) should be appropriately spaced, sized and easy enough to select or tap with regard to their surrounding elements.
Content Best Practices
Document has a `<title>` element Search engines, screen reader users and other assistive technology users rely on the title to provide an overview of the page and to help determine if the page is relevant to their search.
Document has a meta description Meta descriptions may be used by search engines when displaying a link to the page and should concisely summarize the page's content.
Document has a valid `hreflang` Search engines can be instructed to list specific versions of a page for a given language or region through the use of hreflang links.
Document has a valid `rel=canonical` Search engines can be suggested which URL should be shown in search results through the use of canonical links.
Document avoids plugins The content of plugins cannot be indexed by search engines and many devices either restrict or do not support them.
Crawling and Indexing
Page has successful HTTP status code Avoid pages with unsuccessful HTTP status codes as they may not be indexed by search engines.
Links are crawlable Ensure that the 'href' attribute of anchor elements links to the appropriate destination. This allows for more pages of the site to be discovered by search engines.
Page isn’t blocked from indexing Pages that cannot be crawled by search engines cannot be indexed or included in their search results. Ensure that search engines have permission to crawl all pages that should be indexed.
robots.txt is valid Malformed robots.txt files prevent crawlers from understanding how a site wants to be crawled or indexed, which can be devastating to SEO.
Content Best Practices
Links do not have descriptive text — 3 links found Make use of descriptive link text to assist search engines in understanding the content.
| Link destination | Link Text |
|---|---|
| https://portswigger.net/organizations | Read More |
| https://portswigger.net/testers | Read More |
| https://portswigger.net/developers | Read More |
Image elements do not have `[alt]` attributes Provide short and descriptive alternative text where possible on informative elements.
| Failing Elements |
|---|
Manual Checks
Structured data is valid Structured data can be validated through the use of the Structured Data Testing Tool and the Structured Data Linter.
Progressive Web App
Indicates how valid the aspects of a Progressive Web App (PWA) are for the page and highlights opportunities to enable/improve the PWA of portswigger.net. This includes details about web app manifests.Fast and reliable
Page load is fast enough on mobile networks Ensure that the page loads fast enough over a cellular network, to ensure good mobile user experience.
PWA Optimized
Redirects HTTP traffic to HTTPS It is advised to redirect all HTTP traffic to HTTPS, in order to enable secure web features for all users.
Content is sized correctly for the viewport Ensure that the width of the app's content matches the width of the viewport, otherwise the app might not be optimized for mobile screens.
Has a `<meta name="viewport">` tag with `width` or `initial-scale` It is advised to use a '<meta name="viewport">' tag for the optimization of portswigger.net on mobile screens.
Contains some content when JavaScript is not available Apps should display alternative content for when JavaScript is disabled.
Provides a valid `apple-touch-icon` iOS users of Progressive Web Apps will benefit from an apple touch icon, which can be defined with 'apple-touch-icon', which must point to a non-transparent 192px (or 180px) square PNG.
Fast and reliable
Current page does not respond with a 200 when offline In order for Progressive Web Apps to be made available offline, ensure that the app is using a service worker.
`start_url` does not respond with a 200 when offline Consider using a service worker for Progressive Web Apps to ensure greater reliability for the user, in the case of poor network conditions.
Installable
Does not use HTTPS — 1 insecure request found Ensure that all pages are protected with HTTPS (including those that do not handle sensitive data) as HTTPS prevents tampering and passive listening on communications between the app and its users. Additionally, HTTPS is a prerequisite for HTTP/2 and many new web platform APIs.
| Insecure URL |
|---|
| http://portswigger.net/ |
Does not register a service worker that controls page and `start_url` A service worker is used to provide Progressive Web Apps the use of features such as working offline, the ability for the app to be added to the homescreen as well as push notifications.
Web app manifest does not meet the installability requirements User engagement may be increased by leveraging the browsers ability to proactively prompt users to add the app to their homescreen.
View Data
PWA Optimized
Is not configured for a custom splash screen Themed splash screens ensure a high-quality user experience at launch for app users.
View Data
Does not set a theme color for the address bar. A theme may be applied to the browser address bar, which ideally can be made to match the site.
View Data
Manifest doesn't have a maskable icon Maskable icons are great to ensure that images fill the entire shape when installing the app on a device.
Manual Checks
Site works cross-browser Ensure that the Progressive Web App works correctly across every major browser.
Page transitions don't feel like they block on the network Users perceive apps with responsive, snappy transitions as higher peforming and ensures a great user experience, even on a slow network.
Each page has a URL Ensure that all pages are deep linkable via URL. They should also be unique for the purpose of shareability on social media.
Avg. (All Categories)
Performance
Accessibility
Best Practices
SEO
Progressive Web App
0–49 (Fail) 50–89 (Average) 90–100 (Pass)
URL: https://portswigger.net/
Updated: 16th February, 2021
3.50 seconds
First Contentful Paint (FCP)
0.02 seconds
First Input Delay (FID) Simulate loading on mobile
Performance
Indicates how well the page is performing and highlights opportunities where performance may be improved for portswigger.net. This includes details about optimizing page load times which can result in a better user experience.Metrics
First Contentful Paint — 1.7 s The time taken for the first image or text on the page to be rendered.
Speed Index — 2.0 s The time taken for the page contents to be visibly populated.
Total Blocking Time — 90 ms The total blocking time is the sum of all time periods between First Contentful Paint and Time to Interactive (when task length exceeded 50ms).
Cumulative Layout Shift — 0.003 Cumulative Layout Shift is the measurement of visible elements collective movement within the viewport.
View Data
Other
First CPU Idle — 2.9 s The time taken for the page's main thread to be quiet enough to handle input.
First Meaningful Paint — 1.7 s The time taken for the primary content of the page to be rendered.
Estimated Input Latency — 10 ms The time taken for the page to respond to user input (during the busiest 5 second window of page load). Users are likely to perceive portswigger.net as laggy when the latency is higher than 0.05 seconds.
Network Requests Below is a list of network requests that were made during page load.
| URL | Start Time (Ms) | End Time (Ms) | Transfer Size (Bytes) | Resource Size (Bytes) | Status Code | MIME Type | Resource Type |
|---|---|---|---|---|---|---|---|
| http://portswigger.net/ | 0 | 98.964000004344 | 398 | 0 | 301 | ||
| https://portswigger.net/ | 99.515000008978 | 263.12899996992 | 14161 | 38935 | 200 | text/html | Document |
| https://portswigger.net/Content/Fonts/ps-icons-small/ps-icons-small.woff?td2uot | 276.46500000264 | 474.04899995308 | 9587 | 8496 | 200 | application/font-woff | Font |
| https://portswigger.net/Content/Fonts/ps-main/ps-icons.woff?l1la2n | 276.66299999692 | 377.07299995236 | 16860 | 15768 | 200 | application/font-woff | Font |
| https://portswigger.net/content/PSLandingPages.css | 278.91200000886 | 600.45599995647 | 75749 | 1057596 | 200 | text/css | Stylesheet |
| https://portswigger.net/content/images/svg/icons/enterprise.svg | 475.31699994579 | 574.92199994158 | 1608 | 560 | 200 | image/svg+xml | Image |
| https://portswigger.net/content/images/svg/icons/professional.svg | 576.11199992243 | 675.63499999233 | 1446 | 398 | 200 | image/svg+xml | Image |
| https://portswigger.net/content/images/svg/icons/community.svg | 605.13499996159 | 705.02300001681 | 1608 | 560 | 200 | image/svg+xml | Image |
| https://portswigger.net/content/images/callouts/burp-scanner.jpg | 655.41000000667 | 852.2959999973 | 27564 | 26550 | 200 | image/jpeg | Image |
| https://portswigger.net/content/images/callouts/enterprise.jpg | 655.55199992377 | 758.52999999188 | 15156 | 14142 | 200 | image/jpeg | Image |
| https://portswigger.net/content/images/logos/academy-logo-large.svg | 655.81399993971 | 858.02299994975 | 9896 | 8847 | 200 | image/svg+xml | Image |
| https://portswigger.net/content/images/logos/burpsuite-logo-large.svg | 656.20199998375 | 770.73599991854 | 3536 | 2487 | 200 | image/svg+xml | Image |
| https://portswigger.net/content/images/logos/the-daily-swig-logo-large.svg | 656.32099995855 | 767.84400001634 | 10491 | 9442 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/amazon.svg | 656.69899992645 | 770.35599993542 | 6280 | 5231 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/google.svg | 656.90499998163 | 768.80800002255 | 2781 | 1732 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/walmart.svg | 657.16800000519 | 769.02999996673 | 4307 | 3258 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/fedex.svg | 657.33999991789 | 769.37100000214 | 3728 | 2679 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/axa.svg | 657.44799992535 | 770.03899996635 | 2542 | 1493 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/p-and-g.svg | 657.58100000676 | 766.88899996225 | 8001 | 6952 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/microsoft.svg | 657.72299992386 | 769.65499995276 | 4437 | 3388 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/salesforce.svg | 657.8730000183 | 768.42700003181 | 6558 | 5509 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/standard-chartered.svg | 658.05700002238 | 767.49200001359 | 8019 | 6970 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/CompanyLogos/samsung.svg | 658.18999998737 | 766.40399999451 | 2939 | 1890 | 200 | image/svg+xml | Image |
| https://portswigger.net/bundles/public/main?v=sU2SIp2WpNQ-3tcEAlQ1SiZOTUOBRo8EcZfBYRTQicM1 | 658.33799995016 | 771.42399991862 | 3374 | 5012 | 200 | text/javascript | Script |
| https://portswigger.net/content/images/logos/portswigger-logo.svg | 658.45899994019 | 764.36899998225 | 4341 | 3292 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/Logos/portswigger-logo-mobile.svg | 670.62699992675 | 771.03699999861 | 1576 | 528 | 200 | image/svg+xml | Image |
| https://portswigger.net/Content/Images/Banners/banner-home.webp | 673.44099993352 | 778.44199992251 | 14952 | 13934 | 200 | image/webp | Image |
| https://portswigger.net/Content/Images/Banners/banner-home-acad-background.webp | 676.43200000748 | 780.2120000124 | 21282 | 20264 | 200 | image/webp | Image |
| https://www.google-analytics.com/analytics.js | 819.50199999847 | 826.93899993319 | 19451 | 47051 | 200 | text/javascript | Script |
| https://www.googletagmanager.com/gtm.js?id=GTM-M4CF4TD | 822.53399991896 | 848.36599999107 | 28917 | 71158 | 200 | application/javascript | Script |
| https://www.google-analytics.com/j/collect?v=1&_v=j87&a=287940716&t=pageview&_s=1&dl=https%3A%2F%2Fportswigger.net%2F&ul=en-us&de=UTF-8&dt=Web%20Application%20Security%2C%20Testing%2C%20%26%20Scanning%20-%20PortSwigger&sd=24-bit&sr=360x640&vp=360x640&je=0&_u=aEBAAEABEAAAAC~&jid=721463329&gjid=1522329280&cid=7481732.1613476095&tid=UA-58487031-1&_gid=612980780.1613476095&_r=1&z=2102887922 | 859.13499991875 | 863.10800001957 | 624 | 2 | 200 | text/plain | XHR |
| https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-58487031-1&cid=7481732.1613476095&jid=721463329&gjid=1522329280&_gid=612980780.1613476095&_u=aEBAAEAAEAAAAC~&z=1536197460 | 866.51900003199 | 866.52199993841 | 0 | 0 | -1 | XHR |
Network Round Trip Times — 0 ms High Network RTT (Round Trip Times) can have a large impact on performance. Providing servers geographically closer to the user could improve performance.
Server Backend Latencies — 0 ms High server latencies indicate the server is overloaded or has a poor backend performance.
Tasks Below is a list of the top-level main thread tasks that executed during page load.
| Start Time (Ms) | End Time (Ms) |
|---|---|
| 292.228 | 8.268 |
| 601.058 | 5.441 |
| 630.135 | 42.863 |
| 673.075 | 11.731 |
| 684.827 | 37.95 |
| 727.808 | 8.019 |
| 746.4 | 49.091 |
| 800.729 | 5.227 |
| 847.682 | 5.977 |
| 857.781 | 27.226 |
| 893.149 | 6.81 |
Opportunities
Properly size images Images can slow down the page's load time. Portswigger.net should consider serving more appropriate-sized images.
Defer offscreen images — Potential savings of 43 KiB Time to Interactive can be slowed down by resources on the page. Portswigger.net should consider lazy-loading offscreen and hidden images.
| URL | Resource Size (Bytes) | Potential Savings (Bytes) |
|---|---|---|
| https://portswigger.net/content/images/callouts/burp-scanner.jpg | 26550 | 26550 |
| https://portswigger.net/content/images/callouts/enterprise.jpg | 14142 | 14142 |
| https://portswigger.net/content/images/logos/portswigger-logo.svg | 3292 | 3292 |
Minify CSS Cascading Style Sheets (CSS) files can contribute to network payload sizes. Portswigger.net should consider minifying CSS files.
Minify JavaScript JavaScript (JS) files can contribute to network payload sizes and increase script parse times. Portswigger.net should consider minifying JS files.
Remove unused JavaScript It is advised to remove unused JavaScript in order to reduce bytes consumed by network activity.
Efficiently encode images — Potential savings of 8 KiB Unoptimized images can consume more cellular data than what is necessary.
| URL | Resource Size (Bytes) | Potential Savings (Bytes) |
|---|---|---|
| https://portswigger.net/content/images/callouts/burp-scanner.jpg | 26550 | 7727 |
Serve images in next-gen formats — Potential savings of 14 KiB Image formats like PNG and JPEG have poor compression when compared to other next-gen formats, such as JPEG 200, JPEG XR and WebP.
| URL | Resource Size (Bytes) | Potential Savings (Bytes) |
|---|---|---|
| https://portswigger.net/content/images/callouts/burp-scanner.jpg | 26550 | 14408 |
Enable text compression Text-based resources should be served with compression, such as gzip, deflate or brotli.
Preconnect to required origins Resource hints, such as 'preconnect' or 'dns-prefetch', may assist in establishing early connections to important third-party origins.
Initial server response time was short — Root document took 160 ms It is advised to keep the server response time short for the main document, because all other requests depend on it.
| URL | Time Spent (Ms) |
|---|---|
| https://portswigger.net/ | 164.611 |
Avoid multiple page redirects — Potential savings of 630 ms Redirects can cause additional delays before the page can begin loading. Portswigger.net should avoid multiple or unnecessary page redirects.
| URL | Time Spent (Ms) |
|---|---|
| http://portswigger.net/ | 630 |
| https://portswigger.net/ | 0 |
Preload key requests Key requests can be preloaded by using '<link rel=preload>'. Portswigger.net should consider using '<link rel=preload>' to prioritize fetching resources that are currently requested later in page load.
Use video formats for animated content Large GIFs are inefficient for delivering animated content. It is recommended to use MPEG4/WebM videos for animations and PNG/WebP for static images instead of GIF.
Remove duplicate modules in JavaScript bundles Ensure that no duplicate JavaScript modules from bundles exist to reduce bytes consumed by network activity.
Avoid serving legacy JavaScript to modern browsers Polyfills and transforms enable legacy browsers to use new JavaScript features. For bundled JavaScript it is recommended to adopt a modern script deployment strategy using module/nomodule feature detection. This will reduce the amount of code shipped to modern browsers.
Diagnostics
Avoids enormous network payloads — Total size was 324 KiB Large network payloads can cost users money and are linked to long load times.
| URL | Transfer Size (Bytes) |
|---|---|
| https://portswigger.net/content/PSLandingPages.css | 75749 |
| https://www.googletagmanager.com/gtm.js?id=GTM-M4CF4TD | 28917 |
| https://portswigger.net/content/images/callouts/burp-scanner.jpg | 27564 |
| https://portswigger.net/Content/Images/Banners/banner-home-acad-background.webp | 21282 |
| https://www.google-analytics.com/analytics.js | 19451 |
| https://portswigger.net/Content/Fonts/ps-main/ps-icons.woff?l1la2n | 16860 |
| https://portswigger.net/content/images/callouts/enterprise.jpg | 15156 |
| https://portswigger.net/Content/Images/Banners/banner-home.webp | 14952 |
| https://portswigger.net/ | 14161 |
| https://portswigger.net/content/images/logos/the-daily-swig-logo-large.svg | 10491 |
Uses efficient cache policy on static assets — 1 resource found Portswigger.net can speed up repeat visits by increasing the cache lifetime, which is essentially how long before a cached copy expires.
| URL | Cache TTL (Ms) | Transfer Size (Bytes) |
|---|---|---|
| https://www.google-analytics.com/analytics.js | 7200000 | 19451 |
Avoids an excessive DOM size — 338 elements A large DOM (Document Object Model) will increase memory usage, cause longer system calculations as well as costly layout reflows.
| Statistic | Element | Value |
|---|---|---|
| Total DOM Elements | 338 | |
| Maximum DOM Depth | 14 | |
| Maximum Child Elements | 22 |
Avoid chaining critical requests — 1 chain found Below is a list of Critical Request Chains, which shows which resources are loaded with a high priority. Portswigger.net should consider reducing the length of chains, reducing the download size of resources, or deferring the download of unnecessary resources to improve page load.
User Timing marks and measures Make use of the User Timing API to measure an app's real-world performance during key user experiences.
JavaScript execution time — 0.2 s JavaScript (JS) execution time can be lowered by reducing the time required for parsing, compiling and executing JS. Delivering smaller JS payloads may help with this.
| URL | Total CPU Time (Ms) | Script Evaluation (Ms) | Script Parse (Ms) |
|---|---|---|---|
| https://portswigger.net/ | 588.584 | 60.196 | 8.32 |
| Unattributable | 280.984 | 6.716 | 0.6 |
| https://portswigger.net/content/PSLandingPages.css | 171.452 | 0 | 0 |
| https://portswigger.net/bundles/public/main?v=sU2SIp2WpNQ-3tcEAlQ1SiZOTUOBRo8EcZfBYRTQicM1 | 113.088 | 108.2 | 2.136 |
Minimizes main-thread work — 1.2 s Main-thread work timing can be lowered by reducing the time required for parsing, compiling and executing JS. Delivering smaller JS payloads may help with this.
| Category | Time Spent (Ms) |
|---|---|
| Other | 514.608 |
| Script Evaluation | 224.064 |
| Style & Layout | 202.852 |
| Parse HTML & CSS | 184.772 |
| Rendering | 75.408 |
| Script Parsing & Compilation | 23.412 |
Keep request counts low and transfer sizes small — 32 requests • 324 KiB It is advised to add a budgets.json file in order to set budgets for the quantity and size of page resources.
| Resource Type | Requests | Transfer Size (Bytes) |
|---|---|---|
| Total | 32 | 332169 |
| Image | 22 | 163048 |
| Stylesheet | 1 | 75749 |
| Script | 3 | 51742 |
| Font | 2 | 26447 |
| Document | 1 | 14161 |
| Other | 3 | 1022 |
| Media | 0 | 0 |
| Third-party | 4 | 48992 |
Minimize third-party usage — Third-party code blocked the main thread for 0 ms It is advised to either limit, remove or delay the loading of redundant third-party code which may be significantly impacting load performance.
| Third-Party | Transfer Size (Bytes) | Main-Thread Blocking Time (Ms) |
|---|---|---|
| 28917 | 0 | |
| 20075 | 0 | |
| 0 | 0 |
Largest Contentful Paint element — 1 element found The element which was identified as the Largest Contentful Paint.
| Element |
|---|
Avoid large layout shifts — 2 elements found Below is a list of all DOM elements that contribute to the CLS of the page.
| Element | CLS Contribution |
|---|---|
| 0.0015104166666667 | |
| 0.0010731336805556 |
Uses passive listeners to improve scrolling performance Improve the page's scroll performance by marking touch and wheel event listeners as 'passive'.
Avoids `document.write()` Avoid or limit the use of external scripts that are dynamically injected via 'document.write()' as users on slow connections will be delayed by tens of seconds.
Avoid long main-thread tasks — 4 long tasks found Below is a list of the longest tasks on the main thread, which is useful when identifying the worst input delay contributors.
| URL | Start Time (Ms) | Duration (Ms) |
|---|---|---|
| https://portswigger.net/ | 1244 | 196 |
| https://portswigger.net/content/PSLandingPages.css | 1890 | 171 |
| https://www.google-analytics.com/analytics.js | 7110 | 109 |
| https://portswigger.net/ | 1168 | 76 |
Avoid non-composited animations It is recommended to avoid non-composited animations which are often janky and increase CLS.
Avoids large JavaScript libraries with smaller alternatives — 0 large libraries found It is recommended to work with smaller JavaScript libraries to reduce your bundle size and avoid poor performance.
Budgets
Performance budget It is advised to keep the quantity and size of all network requests under the targets set by the provided performance budget.
Timing budget It is advised to set a timing budget to monitor the performance of your site.
Metrics
Time to Interactive — 5.1 s The time taken for the page to become fully interactive.
Other
Max Potential First Input Delay — 170 ms Users could experience a delay when interacting with the page.
First Contentful Paint (3G) — 3690 ms The time taken for the first image or text on the page to be rendered while on a 3G network.
Opportunities
Eliminate render-blocking resources — Potential savings of 540 ms Resources, such as JavaScript and style sheets, can block the first paint of the page. Portswigger.net should consider delivering critical JavaScript/style sheets (JS/CSS) inline and deferring all non-critical JS/CSS.
| URL | Transfer Size (Bytes) | Potential Savings (Ms) |
|---|---|---|
| https://portswigger.net/content/PSLandingPages.css | 75749 | 630 |
Remove unused CSS — Potential savings of 71 KiB Dead and/or unused rules in Style Sheets (CSS) can contribute to network payload sizes. Portswigger.net should consider removing dead rules from style sheets and deferring the loading of CSS not used for above-the-fold content.
| URL | Transfer Size (Bytes) | Potential Savings (Bytes) |
|---|---|---|
| https://portswigger.net/content/PSLandingPages.css | 75749 | 73068 |
Metrics
Largest Contentful Paint — 4.8 s The timing of the largest text or image that is painted.
Diagnostics
Ensure text remains visible during webfont load Make use of the font-display CSS feature, which will ensure text is user-visible while webfonts are loading.
| URL | Potential Savings (Ms) |
|---|---|
| https://portswigger.net/Content/Fonts/ps-icons-small/ps-icons-small.woff?td2uot | 197.58399995044 |
Accessibility
Indicates how accessible the page is and highlights opportunities where the page can be made more accessible to users of portswigger.net. This includes details about various page attributes that can be optimized.Navigation
`[accesskey]` values are unique Access keys assist users with focusing on different parts of the page. Each access key should be unique for proper navigation.
The page contains a heading, skip link, or landmark region It is advised to provide ways to bypass repetitive content, allowing users to navigate the page efficiently.
`[id]` attributes on active, focusable elements are unique Ensure all focusable elements have a unique id value to allow them to be visible to users of assistive technologies, like a screen reader.
Heading elements appear in a sequentially-descending order Properly order all headers and do not skip heading levels to better the navigation and readability for users of assistive technologies, like a screen reader.
No element has a `[tabindex]` value greater than 0 Although technically valid, a tabindex value greater than 0 often creates frustrating experiences for users who rely on assistive technologies.
ARIA
`[aria-*]` attributes match their roles Avoid mismatching 'aria-*' attributes and their 'role' value, as it invalidates the attribute.
`[aria-hidden="true"]` is not present on the document `<body>` If aria-hidden=true is set on the document body, assistive technologies, like a screen reader will work inconsistently.
`[aria-hidden="true"]` elements do not contain focusable descendents Interactive elements within an aria-hidden=true element are unavailable to users of assistive technologies, like a screen reader.
ARIA input fields have accessible names Generic names are announced to users of assistive technologies, like a screen reader, when an input field does not have an accessible name specified.
`[role]`s have all required `[aria-*]` attributes Some ARIA roles have required 'aria-*' attributes, which provide essential information about state and functionality.
Elements with an ARIA `[role]` that require children to contain a specific `[role]` have all required children. Some ARIA parent roles cannot perform their intended functions if specific child roles are not used.
`[role]`s are contained by their required parent element Some ARIA child roles cannot perform their intended functions if specific parent roles are not used.
`[role]` values are valid All ARIA roles require valid values to perform their intended functions.
ARIA toggle fields have accessible names Generic names are announced to users of assistive technologies, like a screen reader, when a toggle field does not have an accessible name specified.
`[aria-*]` attributes have valid values ARIA attributes cannot be interpreted with invalid values when used by screen readers and other assistive technologies.
`[aria-*]` attributes are valid and not misspelled ARIA attributes cannot be interpreted with invalid names when used by screen readers and other assistive technologies.
ARIA IDs are unique Ensure all ARIA ID values are unique to prevent elements from being overlooked by assistive technologies, like a screen reader.
Names and labels
Buttons have an accessible name Buttons become unusable as they are announced simply as "button" when the button does not have an accessible name, when used by screen readers and other assistive technologies.
Document has a `<title>` element Search engines, screen reader users and other assistive technology users rely on the title to provide an overview of the page and to help determine if the page is relevant to their search.
No form fields have multiple labels Having multiple labels for form fields can be confusing to assistive technologies, like a screen reader.
`<frame>` or `<iframe>` elements have a title Screen reader users and other assistive technology users rely on frame titles to describe the contents of frames.
`<input type="image">` elements have `[alt]` text Input buttons with alternative text assist screen readers and other assistive technology users to understand its purpose.
Form elements have associated labels Screen readers and other assistive technologies rely on labels to properly announce form controls.
`<object>` elements have `[alt]` text It is advised that alt text is used on '<object>' elements in order to provide meaning to screen reader and other assistive technology users, as these technologies are unable to translate non-text content.
Tables and lists
`<dl>`'s contain only properly-ordered `<dt>` and `<dd>` groups, `<script>`, `<template>` or `<div>` elements. Screen readers and other assistive technologies may produce poor and inaccurate output when definition lists are not properly marked up.
Definition list items are wrapped in `<dl>` elements In order for screen readers and other assistive technologies to properly announce definition list items ('<dt>' and '<dd>'), they must be wrapped in parent a '<dl>' element.
Presentational `<table>` elements avoid using `<th>`, `<caption>` or the `[summary]` attribute. It is advised to not include data elements in tables which are used for layout purposes, as it may create confusion for screen reader and other assistive technology users.
Lists contain only `<li>` elements and script supporting elements (`<script>` and `<template>`). Use proper list structure to aid screen readers and other assistive technologies.
List items (`<li>`) are contained within `<ul>` or `<ol>` parent elements In order for screen readers to announce list items, ensure that list items ('<li>') are contained within parent '<ul>' or '<ol>' tags.
Cells in a `<table>` element that use the `[headers]` attribute refer to table cells within the same table. Screen readers and other assistive technologies have features to make navigating tables easier. Ensure that '<td>' cells using the headers attribute only refer to other cells in the same table, to improve screen reader user experience.
`<th>` elements and elements with `[role="columnheader"/"rowheader"]` have data cells they describe. Screen readers and other assistive technologies have features to make navigating tables easier. Ensure that table headers refer to some set of cells, to improve screen reader user experience.
Internationalization and localization
`<html>` element has a valid value for its `[lang]` attribute Specify a valid BCP 47 language in order to help screen readers and other assistive technologies announce text properly.
`[lang]` attributes have a valid value Specify a valid BCP 47 language on elements in order to help screen readers and other assistive technologies announce text properly.
Best practices
The document does not use `<meta http-equiv="refresh">` Pages that refresh automatically cause a poor user experience as focus is directed back to the top of the page unexpectedly.
`[user-scalable="no"]` is not used in the `<meta name="viewport">` element and the `[maximum-scale]` attribute is not less than 5. For users with low vision who rely on screen magnification, ensure that zooming is not disabled.
Audio and video
`<video>` elements contain a `<track>` element with `[kind="captions"]` Portswigger.net may provide assistance to deaf or hearing-impaired users with captions on videos.
`<video>` elements contain a `<track>` element with `[kind="description"]` Portswigger.net may provide relevant information that dialogue cannot, by using audio descriptions.
Contrast
Background and foreground colors do not have a sufficient contrast ratio. Many (if not most) users find low-contrast text difficult or impossible to read.
| Failing Elements |
|---|
Internationalization and localization
`<html>` element does not have a `[lang]` attribute It is advised to provide a lang attribute so that screen readers and other assistive technologies are guaranteed to announce the page's text correctly. When not provided, the user's default language setting will be used which may cause inaccuracies.
| Failing Elements |
|---|
Names and labels
Image elements do not have `[alt]` attributes Provide short and descriptive alternative text where possible on informative elements.
| Failing Elements |
|---|
Manual Checks
The page has a logical tab order The visual layout should be logical in its tab order and users cannot focus elements that are offscreen.
Interactive controls are keyboard focusable Ensure that custom interactive controls are keyboard focusable and that a focus indicator is displayed.
Interactive elements indicate their purpose and state Ensure that interactive elements (such as links and buttons) are distinguishable from non-interactive elements and that they indicate their state.
The user's focus is directed to new content added to the page When new content (such as a dialogue) is added to the page, the user's focus should be directed to it.
User focus is not accidentally trapped in a region Avoid focus being accidentally trapped when a user tabs in and out of controls or regions on page.
Custom controls have associated labels Ensure that custom interactive controls have associated labels, which are provided by aria-label and aria-labelledby attributes.
Custom controls have ARIA roles Ensure that all custom interactive controls have appropriate ARIA roles.
Visual order on the page follows DOM order Ensure that the DOM order matches with the page's visual order, in order to improve navigation for screen readers and other assistive technologies.
Offscreen content is hidden from assistive technology Ensure that offscreen content is hidden through the use of "display:none" styling or the aria-hidden attribute.
HTML5 landmark elements are used to improve navigation Elements such as <main> and <nav> are recommended as they are used by screen readers and other assistive technologies to improve keyboard navigation.
Best Practices
Indicates the recommended, best practices currently in place on the page and highlights the best practices that portswigger.net should incorporate. This includes practices such as protecting pages with HTTPS.Audits
Links to cross-origin destinations are safe Improve performance and prevent security vulnerabilities by adding rel="noopener" and rel="noreferrer" to external links.
Avoids requesting the geolocation permission on page load When requesting a user's location, provide context or consider tying the request to a user action to avoid confusion and mistrust from users.
Avoids requesting the notification permission on page load When requesting permission to send notifications, provide context or consider tying the request to a user action to avoid confusion and mistrust from users.
Avoids front-end JavaScript libraries with known security vulnerabilities Ensure that the use of third-party scripts is minimal and that only trusted third-party scripts are used as some may contain known security vulnerabilities which may be exploited by attackers.
Audits
Allows users to paste into password fields Ensure that password inputs may be pasted into to aid in the user's ability to use password managers and improve security.
Displays images with correct aspect ratio Ensure that image display dimensions match their natural aspect ratio.
Serves images with appropriate resolution For maximum image clarity, ensure images have natural dimensions and are proportional to the display size and pixel ratio.
Fonts with `font-display: optional` are preloaded It is recommended that optional fonts are preloaded.
Audits
Page has the HTML doctype Ensure a doctype is specified to prevent the browser from switching to quirks-mode.
Properly defines charset It is advised to declare a character encoding, optionally via a <meta> tag in the first 1024 bytes of the HTML or in the Content-Type HTTP response header.
Audits
Avoids `unload` event listeners The 'unload' event does not fire reliably, causing issues with browser optimizations such as the Back-Forward Cache. It is recommended that 'pagehide' or 'visibilitychange' events are used instead.
Avoids Application Cache Application cache is deprecated and is no longer recommended.
Detected JavaScript libraries Below is a list of all front-end JavaScript libraries that were detected on the page.
Avoids deprecated APIs Avoid deprecated APIs which will eventually be removed the browser.
Page has valid source maps Consider deploying source maps for added benefits such as the ability to debug while in production.
Audits
Does not use HTTPS — 1 insecure request found Ensure that all pages are protected with HTTPS (including those that do not handle sensitive data) as HTTPS prevents tampering and passive listening on communications between the app and its users. Additionally, HTTPS is a prerequisite for HTTP/2 and many new web platform APIs.
| Insecure URL |
|---|
| http://portswigger.net/ |
Audits
Browser errors were logged to the console Below is a list of all errors logged to the console, which indicate unresolved problems on the site.
| URL | Description |
|---|---|
| https://www.google-analytics.com/analytics.js | Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-58487031-1&cid=7481732.1613476095&jid=721463329&gjid=1522329280&_gid=612980780.1613476095&_u=aEBAAEAAEAAAAC~&z=1536197460' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/".
|
SEO
Indicates how well the page is optimized for ranking in search engines and highlights Search Engine Optimization (SEO) opportunities for portswigger.net. This includes optimizations such as providing meta data.Mobile Friendly
Has a `<meta name="viewport">` tag with `width` or `initial-scale` It is advised to use a '<meta name="viewport">' tag for the optimization of portswigger.net on mobile screens.
Document uses legible font sizes — 100% legible text Font sizes of 12px or less are too small to most mobile users without user gestures and further action. Aim for more than 60% of page text to use font sizes greater than 12px.
| Source | Selector | % of Page Text | Font Size |
|---|---|---|---|
| 100.00% | ≥ 12px |
Content Best Practices
Document has a `<title>` element Search engines, screen reader users and other assistive technology users rely on the title to provide an overview of the page and to help determine if the page is relevant to their search.
Document has a meta description Meta descriptions may be used by search engines when displaying a link to the page and should concisely summarize the page's content.
Document has a valid `hreflang` Search engines can be instructed to list specific versions of a page for a given language or region through the use of hreflang links.
Document has a valid `rel=canonical` Search engines can be suggested which URL should be shown in search results through the use of canonical links.
Document avoids plugins The content of plugins cannot be indexed by search engines and many devices either restrict or do not support them.
Crawling and Indexing
Page has successful HTTP status code Avoid pages with unsuccessful HTTP status codes as they may not be indexed by search engines.
Links are crawlable Ensure that the 'href' attribute of anchor elements links to the appropriate destination. This allows for more pages of the site to be discovered by search engines.
Page isn’t blocked from indexing Pages that cannot be crawled by search engines cannot be indexed or included in their search results. Ensure that search engines have permission to crawl all pages that should be indexed.
robots.txt is valid Malformed robots.txt files prevent crawlers from understanding how a site wants to be crawled or indexed, which can be devastating to SEO.
Content Best Practices
Links do not have descriptive text — 3 links found Make use of descriptive link text to assist search engines in understanding the content.
| Link destination | Link Text |
|---|---|
| https://portswigger.net/organizations | Read More |
| https://portswigger.net/testers | Read More |
| https://portswigger.net/developers | Read More |
Image elements do not have `[alt]` attributes Provide short and descriptive alternative text where possible on informative elements.
| Failing Elements |
|---|
Mobile Friendly
Tap targets are not sized appropriately — 44% appropriately sized tap targets Interactive elements (such as buttons and links) should be appropriately spaced, sized and easy enough to select or tap with regard to their surrounding elements.
| Tap Target | Size | Overlapping Target |
|---|---|---|
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 158x19 | ||
| 322x19 | ||
| 322x19 | ||
| 322x19 | ||
| 322x19 | ||
| 322x19 | ||
| 322x19 | ||
| 26x33 |
Manual Checks
Structured data is valid Structured data can be validated through the use of the Structured Data Testing Tool and the Structured Data Linter.
Progressive Web App
Indicates how valid the aspects of a Progressive Web App (PWA) are for the page and highlights opportunities to enable/improve the PWA of portswigger.net. This includes details about web app manifests.Fast and reliable
Page load is fast enough on mobile networks Ensure that the page loads fast enough over a cellular network, to ensure good mobile user experience.
PWA Optimized
Redirects HTTP traffic to HTTPS It is advised to redirect all HTTP traffic to HTTPS, in order to enable secure web features for all users.
Content is sized correctly for the viewport Ensure that the width of the app's content matches the width of the viewport, otherwise the app might not be optimized for mobile screens.
Has a `<meta name="viewport">` tag with `width` or `initial-scale` It is advised to use a '<meta name="viewport">' tag for the optimization of portswigger.net on mobile screens.
Contains some content when JavaScript is not available Apps should display alternative content for when JavaScript is disabled.
Provides a valid `apple-touch-icon` iOS users of Progressive Web Apps will benefit from an apple touch icon, which can be defined with 'apple-touch-icon', which must point to a non-transparent 192px (or 180px) square PNG.
Fast and reliable
Current page does not respond with a 200 when offline In order for Progressive Web Apps to be made available offline, ensure that the app is using a service worker.
`start_url` does not respond with a 200 when offline Consider using a service worker for Progressive Web Apps to ensure greater reliability for the user, in the case of poor network conditions.
Installable
Does not use HTTPS — 1 insecure request found Ensure that all pages are protected with HTTPS (including those that do not handle sensitive data) as HTTPS prevents tampering and passive listening on communications between the app and its users. Additionally, HTTPS is a prerequisite for HTTP/2 and many new web platform APIs.
| Insecure URL |
|---|
| http://portswigger.net/ |
Does not register a service worker that controls page and `start_url` A service worker is used to provide Progressive Web Apps the use of features such as working offline, the ability for the app to be added to the homescreen as well as push notifications.
Web app manifest does not meet the installability requirements User engagement may be increased by leveraging the browsers ability to proactively prompt users to add the app to their homescreen.
View Data
PWA Optimized
Is not configured for a custom splash screen Themed splash screens ensure a high-quality user experience at launch for app users.
View Data
Does not set a theme color for the address bar. A theme may be applied to the browser address bar, which ideally can be made to match the site.
View Data
Manifest doesn't have a maskable icon Maskable icons are great to ensure that images fill the entire shape when installing the app on a device.
Manual Checks
Site works cross-browser Ensure that the Progressive Web App works correctly across every major browser.
Page transitions don't feel like they block on the network Users perceive apps with responsive, snappy transitions as higher peforming and ensures a great user experience, even on a slow network.
Each page has a URL Ensure that all pages are deep linkable via URL. They should also be unique for the purpose of shareability on social media.
Hosting
Server Location
| Server IP Address: | 54.246.133.196 |
| Continent: | Europe |
| Country: | Ireland  |
| Region: | Leinster |
| City: | Dublin |
| Longitude: | -6.2488 |
| Latitude: | 53.3338 |
| Currencies: | EUR |
| Languages: | English Irish |
Web Hosting Provider
| Name | IP Address |
|---|---|
| Amazon Technologies Inc. |
Registration
Domain Registrant
| Private Registration: | No |
| Name: | Non-Public Data |
| Organization: | PortSwigger Ltd |
| Country: | GB |
| City: | Non-Public Data |
| State: | Cheshire |
| Post Code: | 00000 |
| Email: | |
| Phone: | +00.0000000 |
Note: Registration information is derived from various sources and may be inaccurate.
Domain Registrar
| Name | IP Address |
|---|---|
| Name.com, Inc. | 104.18.6.161 |
Security
Visitor Safety
| Mature Content: | Not Likely |
| McAfee WebAdvisor Rating: | Safe |
| WOT Rating: | 4.3/5 |
| WOT Trustworthiness: | 86/100 |
| WOT Child Safety: | 91/100 |
Note: Safety information is not guaranteed.
SSL/TLS Certificate
| Issued To: | *.portswigger.net |
| Issued By: | Sectigo RSA Domain Validation Secure Server CA |
| Valid From: | 1st June, 2020 |
| Valid To: | 1st June, 2021 |
| Subject: | CN = *.portswigger.net |
| Hash: | 6ae3f4d2 |
| Issuer: | CN = Sectigo RSA Domain Validation Secure Server CA O = Sectigo Limited S = GB |
| Version: | 2 |
| Serial Number: | 169587973369267067931391081061087016017 |
| Serial Number (Hex): | 7F9574A2FCA0E0BA385AE8BEC4057451 |
| Valid From: | 1st June, 2024 |
| Valid To: | 1st June, 2024 |
| Signature Algorithm (Short Name): | RSA-SHA256 |
| Signature Algorithm (Long Name): | sha256WithRSAEncryption |
| Authority Key Identifier: | keyid:8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1 |
| Extended Key Usage: | TLS Web Server Authentication, TLS Web Client Authentication |
| Certificate Policies: | Policy: 1.3.6.1.4.1.6449.1.2.2.7 CPS: https://sectigo.com/CPS Policy: 2.23.140.1.2.1 |
| Authority Information Access: | CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt OCSP - URI:http://ocsp.sectigo.com |
| SCT List: | Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89: 79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7 Timestamp : Jun 1 14:51:59.146 2020 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:6B:B2:A0:A1:8C:D7:24:3F:4B:62:CD:69: 85:4A:02:FF:51:A7:A8:CE:0A:65:63:42:5E:79:5F:11: 41:DE:A6:60:02:20:48:AA:27:52:D8:3B:24:37:95:65: 44:4C:1C:97:CD:EB:A0:8E:1A:A7:20:A6:F7:4A:3A:A2: E0:AC:2B:7E:63:09 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 94:20:BC:1E:8E:D5:8D:6C:88:73:1F:82:8B:22:2C:0D: D1:DA:4D:5E:6C:4F:94:3D:61:DB:4E:2F:58:4D:A2:C2 Timestamp : Jun 1 14:51:59.187 2020 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:14:E5:AB:97:96:F1:B3:18:F9:16:7E:35: FD:4F:F5:65:56:BF:49:C0:9D:31:32:0F:4D:71:27:2C: 22:8B:AD:7A:02:20:3A:CD:6A:BE:FB:A0:D4:B1:18:2A: DF:C2:AD:04:5C:48:1A:F2:5C:D5:17:E2:13:25:69:6A: 6D:3A:7D:5F:F0:D8 |
| Key Usage: | Digital Signature, Key Encipherment |
| Basic Constraints: | CA:FALSE |
| Subject Alternative Name: | DNS:portswigger.net DNS:*.portswigger.net |
Technical
DNS Lookup
A Records
| Host | IP Address | Class | TTL |
|---|---|---|---|
| portswigger.net. | 54.246.133.196 | IN | 21599 |
NS Records
| Host | Nameserver | Class | TTL |
|---|---|---|---|
| portswigger.net. | ns-1337.awsdns-39.org. | IN | 21599 |
| portswigger.net. | ns-194.awsdns-24.com. | IN | 21599 |
| portswigger.net. | ns-1955.awsdns-52.co.uk. | IN | 21599 |
| portswigger.net. | ns-573.awsdns-07.net. | IN | 21599 |
CAA Records
| Domain | Flags | Tag | Class | TTL |
|---|---|---|---|---|
| mailto:sysops@portswigger.net | 0 | iodef | IN | 299 |
| awstrust.com | 0 | issue | IN | 299 |
| comodoca.com | 0 | issue | IN | 299 |
MX Records
| Priority | Host | Server | Class | TTL |
|---|---|---|---|---|
| 10 | portswigger.net. | aspmx.l.google.com. | IN | 21599 |
| 20 | portswigger.net. | alt1.aspmx.l.google.com. | IN | 21599 |
| 20 | portswigger.net. | alt2.aspmx.l.google.com. | IN | 21599 |
| 30 | portswigger.net. | aspmx2.googlemail.com. | IN | 21599 |
| 30 | portswigger.net. | aspmx3.googlemail.com. | IN | 21599 |
| 30 | portswigger.net. | aspmx4.googlemail.com. | IN | 21599 |
| 30 | portswigger.net. | aspmx5.googlemail.com. | IN | 21599 |
SOA Records
| Domain Name | Primary NS | Responsible Email | TTL |
|---|---|---|---|
| portswigger.net. | ns-573.awsdns-07.net. | awsdns-hostmaster.amazon.com. | 21599 |
TXT Records
| Host | Value | Class | TTL |
|---|---|---|---|
| portswigger.net. | MS=ms35598444 | IN | 299 |
| portswigger.net. | ZOOM_verify_NV5iWvYrRZaRlK4AJLRWRg | IN | 299 |
| portswigger.net. | apple-domain-verification=SNLfBITPsMlWyJM1 | IN | 299 |
| portswigger.net. | v=DMARC1; | IN | 299 |
| portswigger.net. | v=spf1 | IN | 299 |
HTTP Response Headers
| HTTP-Code: | HTTP/1.1 200 OK |
| Cache-Control: | private, s-maxage=0,no-store, no-cache |
| Content-Type: | text/html; charset=utf-8 |
| Date: | 16th February, 2021 |
| Content-Length: | 38935 |
| Content-Security-Policy: | default-src 'none';base-uri 'none';child-src 'self' https://www.youtube.com/embed/;connect-src 'self' https://www.google-analytics.com/collect https://www.google-analytics.com/r/collect https://www.google-analytics.com/j/collect https://www.googletagmanager.com https://www.google.com/recaptcha/;font-src 'self';frame-src 'self' https://www.youtube.com/embed/ https://www.google.com/recaptcha/;img-src 'self';media-src 'self' https://d21v5rjx8s17cr.cloudfront.net/ https://d2gl1b374o3yzk.cloudfront.net/;script-src 'self' 'nonce-jTFqLjGwGLinymF161koLAyY8wZ/FDfl' 'strict-dynamic';style-src 'self'; |
| Set-Cookie: | * |
| X-Content-Type-Options: | nosniff |
| Strict-Transport-Security: | max-age=31536000; preload |
| X-XSS-Protection: | 1; mode=block |
| X-Frame-Options: | SAMEORIGIN |
Whois Lookup
| Created: | 9th September, 2001 |
| Changed: | 18th August, 2020 |
| Expires: | 9th September, 2021 |
| Registrar: | Name.com, Inc. |
| Status: | clientTransferProhibited |
| Nameservers: | ns-1337.awsdns-39.org ns-194.awsdns-24.com ns-1955.awsdns-52.co.uk ns-573.awsdns-07.net |
| Owner Name: | Non-Public Data |
| Owner Organization: | PortSwigger Ltd |
| Owner Street: | Non-Public Data |
| Owner Post Code: | 00000 |
| Owner City: | Non-Public Data |
| Owner State: | Cheshire |
| Owner Country: | GB |
| Owner Phone: | Non-Public Data |
| Owner Email: | https://www.name.com/contact-domain-whois/portswigger.net/registrant |
| Admin Name: | Non-Public Data |
| Admin Organization: | Non-Public Data |
| Admin Street: | Non-Public Data |
| Admin Post Code: | 00000 |
| Admin City: | Non-Public Data |
| Admin State: | Non-Public Data |
| Admin Country: | AB |
| Admin Phone: | Non-Public Data |
| Admin Email: | https://www.name.com/contact-domain-whois/portswigger.net/admin |
| Tech Name: | Non-Public Data |
| Tech Organization: | Non-Public Data |
| Tech Street: | Non-Public Data |
| Tech Post Code: | 00000 |
| Tech City: | Non-Public Data |
| Tech State: | Non-Public Data |
| Tech Country: | AB |
| Tech Phone: | Non-Public Data |
| Tech Email: | https://www.name.com/contact-domain-whois/portswigger.net/tech |
| Full Whois: | Domain Name: PORTSWIGGER.NET Registry Domain ID: 77090119_DOMAIN_NET-VRSN Registrar WHOIS Server: whois.name.com Registrar URL: http://www.name.com Updated Date: 2020-08-18T18:29:12Z Creation Date: 2001-09-09T13:51:14Z Registrar Registration Expiration Date: 2021-09-09T13:51:14Z Registrar: Name.com, Inc. Registrar IANA ID: 625 Reseller: Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited Registry Registrant ID: Not Available From Registry Registrant Name: Non-Public Data Registrant Organization: PortSwigger Ltd Registrant Street: Non-Public Data Registrant City: Non-Public Data Registrant State/Province: Cheshire Registrant Postal Code: 00000 Registrant Country: GB Registrant Phone: Non-Public Data Registrant Email: https://www.name.com/contact-domain-whois/portswigger.net/registrant Registry Admin ID: Not Available From Registry Admin Name: Non-Public Data Admin Organization: Non-Public Data Admin Street: Non-Public Data Admin City: Non-Public Data Admin State/Province: Non-Public Data Admin Postal Code: 00000 Admin Country: AB Admin Phone: Non-Public Data Admin Email: https://www.name.com/contact-domain-whois/portswigger.net/admin Registry Tech ID: Not Available From Registry Tech Name: Non-Public Data Tech Organization: Non-Public Data Tech Street: Non-Public Data Tech City: Non-Public Data Tech State/Province: Non-Public Data Tech Postal Code: 00000 Tech Country: AB Tech Phone: Non-Public Data Tech Email: https://www.name.com/contact-domain-whois/portswigger.net/tech Name Server: ns-1955.awsdns-52.co.uk Name Server: ns-573.awsdns-07.net Name Server: ns-1337.awsdns-39.org Name Server: ns-194.awsdns-24.com DNSSEC: unSigned Registrar Abuse Contact Email: abuse@name.com Registrar Abuse Contact Phone: +1.7203101849 URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/ >>> Last update of WHOIS database: 2021-02-16T11:47:59Z <<< For more information on Whois status codes, please visit https://icann.org/epp The data in the Name.com, Inc. WHOIS database is provided by Name.com, Inc. for information purposes, and to assist persons in obtaining information about or related to a domain name registration record. Name.com, Inc. does not guarantee its accuracy. Users accessing the Name.com, Inc. WHOIS service agree to use the data only for lawful purposes, and under no circumstances may this data be used to: a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the registrar's own existing customers and b) enable high volume, automated, electronic processes that send queries or data to the systems of Name.com, Inc., except as reasonably necessary to register domain names or modify existing registrations. When using the Name.com, Inc. WHOIS service, please consider the following: the WHOIS service is not a replacement for standard EPP commands to the SRS service. WHOIS is not considered authoritative for registered domain objects. The WHOIS service may be scheduled for downtime during production or OT&E maintenance periods. Where applicable, the presence of a [Non-Public Data] tag indicates that such data is not made publicly available due to applicable data privacy laws or requirements. Access to non-public data may be provided, upon request, where it can be reasonably confirmed that the requester holds a specific legitimate interest and a proper legal basis, for accessing the withheld data. Access to this data can be requested by submitting a request via the form found at https://www.name.com/layered-access-request . Name.com, Inc. reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy. |
Nameservers
| Name | IP Address |
|---|---|
| ns-1337.awsdns-39.org | 205.251.197.57 |
| ns-194.awsdns-24.com | 205.251.192.194 |
| ns-1955.awsdns-52.co.uk | 205.251.199.163 |
| ns-573.awsdns-07.net | 205.251.194.61 |
Love W3 Snoop?
Share This 
