Summary
A Concise Overview of the scan result of url https://www.mhhp-flex.org/Login.aspx?ReturnUrl=%2f
- Document
- HTML
- 3
- StyleSheets
- 3
- Scripts
- 26
- Font
- 0
- Images
- 1
- Links
- 0
- JavaScript Variables
- 192
- Console log messages
- 0
- Network
- Requests
- 36
- Bytes Transferred
- 328.07KB
- Bytes Total
- 1.08MB
- DNS Record
- CNAME Record
- 2
- A Record
- 1
- Technology
- Operating systems
- 1
- Web frameworks
- 1
- Web servers
- 1
- Personalisation
- 1
- Segmentation
- 1
- JavaScript libraries
- 1
- Security
- 2
- CDN
- 1
Document
Links
The outgoing links identified from the page.
Link | Text |
---|
JavaScript Variables
Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.
Technology
The technologies identified are present on the scanned URL.
Name | Description | Detected patterns |
---|---|---|
Security | ||
Imperva | Imperva is a cyber security software and services company for networking, data, and application security. | Type: headers Name: x-cdn Regex: (?:) |
HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS. | Type: headers Name: strict-transport-security Regex: (?:) | |
Web frameworks | ||
Microsoft ASP.NET | ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages. | Type: html Regex: <input[^>]{1,250}name="__VIEWSTATE |
Web servers | ||
Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family. | Type: headers Name: server Regex: ^(?:Microsoft-)?IIS(?:\/([\d.]{1,250}))? | |
Operating systems | ||
Windows Server | Windows Server is a brand name for a group of server operating systems. | Dependent on IIS |
CDN | ||
Imperva | Imperva is a cyber security software and services company for networking, data, and application security. | Type: headers Name: x-cdn Regex: (?:) |
JavaScript libraries | ||
jQuery | jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax. | Type: scriptSrc Regex: jquery |
Personalisation | ||
Salesforce Interaction Studio | Salesforce Interaction Studio (formerly Evergage) is a cloud-based software that allows users to collect, analyze, and respond to user behavior on their websites and web applications in real-time. | Type: scriptSrc Regex: cdn\.evgnet\.com |
Segmentation | ||
Salesforce Interaction Studio | Salesforce Interaction Studio (formerly Evergage) is a cloud-based software that allows users to collect, analyze, and respond to user behavior on their websites and web applications in real-time. | Type: scriptSrc Regex: cdn\.evgnet\.com |
Performance
The speed and efficiency of the scanned URL loads and displays its content.
- dns
- 1 msGood
- tcp
- 1 msGood
- requestTime
- 34 msGood
- dom
- 62 msGood
DNS Record
A DNS record maps a domain name to an IP address or other resource information.
Type | Name | Content | DNSSEC |
---|---|---|---|
CNAME | www.mhhp-flex.org | vw4ndhj.impervadns.net. | no |
A | vw4ndhj.impervadns.net | 45.223.161.93 | no |
CNAME | www.mhhp-flex.org | vw4ndhj.impervadns.net. | no |
SSL Certificate
An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.
Subject | Issue date | Expiry date | Valid |
---|---|---|---|
mhhp-flex.org Go Daddy Secure Certificate Authority - G2 | 10/3/2023 | 11/3/2024 | 1 year 1 month 2 days |
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1 | 2/14/2024 | 2/12/2025 | 12 months 4 days |
HTTP Headers
HTTP Header
An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.
Name | Value |
---|---|
cache-control | no-cache, private, must-revalidate, max-age=0, no-store, max-stale=0, post-check=0, pre-check=0 |
content-encoding | gzip |
content-security-policy | upgrade-insecure-requests; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' assets.adobedtm.com https://www.google.com https://www.gstatic.com https://cdn.evgnet.com https://wexinc2.us-5.evergage.com https://cdn.evergage.com; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com fonts.googleapis.com https://wexinc2.us-5.evergage.com https://cdn.evergage.com https://cdn.evgnet.com; font-src 'self' https://maxcdn.bootstrapcdn.com fonts.gstatic.com; media-src *; object-src 'none'; frame-src 'self' http: fast.whc.demdex.net; connect-src 'self' dpm.demdex.net https://wexinc2.us-5.evergage.com https://cdn.evergage.com https://northamerica.directline.botframework.com wss://northamerica.directline.botframework.com blob:; img-src 'self' * data:;frame-ancestors 'self';; |
content-type | text/html; charset=utf-8 |
date | Thu, 08 Aug 2024 11:03:57 GMT |
expires | -1 |
pragma | no-cache |
server | Microsoft-IIS/10.0 |
strict-transport-security | max-age=31536000; includeSubDomains; preload |
vary | Accept-Encoding |
x-cdn | Imperva |
x-content-type-options | nosniff |
x-iinfo | 7-62928716-62928721 PNNN RT(1723115036402 402) q(0 0 0 -1) r(2 3) U12 |
x-ua-compatible | IE=edge |
x-xss-protection | 1; mode=block |
Content Security Policy
Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.
Name | Value |
---|---|
upgrade-insecure-requests | |
default-src | 'self' |
script-src | 'self''unsafe-inline''unsafe-eval'assets.adobedtm.comhttps://www.google.comhttps://www.gstatic.comhttps://cdn.evgnet.comhttps://wexinc2.us-5.evergage.comhttps://cdn.evergage.com |
style-src | 'self''unsafe-inline'https://maxcdn.bootstrapcdn.comfonts.googleapis.comhttps://wexinc2.us-5.evergage.comhttps://cdn.evergage.comhttps://cdn.evgnet.com |
font-src | 'self'https://maxcdn.bootstrapcdn.comfonts.gstatic.com |
media-src | * |
object-src | 'none' |
frame-src | 'self'http:fast.whc.demdex.net |
connect-src | 'self'dpm.demdex.nethttps://wexinc2.us-5.evergage.comhttps://cdn.evergage.comhttps://northamerica.directline.botframework.comwss://northamerica.directline.botframework.comblob: |
img-src | 'self'*data:;frame-ancestors'self'; |
Cookies
Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.
Name | Value | Domain/Path | Expires | Secure | HTTP Only |
---|---|---|---|---|---|
cdh-cookieCORS | 04747d831c1607bc1de16347a1dbda7d | www.mhhp-flex.org/ | 12/31/1969, 11:59:59 PM | yes | no |
cdh-cookie | 04747d831c1607bc1de16347a1dbda7d | www.mhhp-flex.org/ | 12/31/1969, 11:59:59 PM | no | no |
visid_incap_2993125 | AKl63YsaT5KxfVvhXzaAThymtGYAAAAAQUIPAAAAAAAakbrhkee7i8h5QxuZy3VW | .mhhp-flex.org/ | 8/7/2025, 10:44:14 PM | yes | yes |
nlbi_2993125 | yp9pd3P1anScPWdqqUz09QAAAACUKgCtRkxzs2Rvf4bTVT4u | .mhhp-flex.org/ | 12/31/1969, 11:59:59 PM | yes | yes |
incap_ses_313_2993125 | 0Dz+cHIT0lxadL7D/P9XBBymtGYAAAAA6TytssZJ/ThrCjEDwoEOQw== | .mhhp-flex.org/ | 12/31/1969, 11:59:59 PM | yes | no |
ASP.NET_SessionId | a3b01cauncaght2exvseyp00 | www.mhhp-flex.org/ | 12/31/1969, 11:59:59 PM | yes | yes |
nlbi_2993125_2147483392 | Xk6bQqxAhhgs6hF9qUz09QAAAABJihoN4zAfeVpA1RsUkAj4 | .mhhp-flex.org/ | 12/31/1969, 11:59:59 PM | yes | yes |
reese84 | 3:QbL3e0vVtA3dYNz3kINWHA==:uoRa/1QWJyp2jN5lknDSgisTLQ/Ic9ku2dnOtztdu/t19oast67XdYK5fbe+ou403hY75NEXKJyntsP4FzIJREuB0Gd4JNs6A3DIQxMtRurbCXHKEPRep6M+H8W45OCIXuCC7gYiUBfjeYSfe/HfsyOt5z4+46vYRaopKBt0LoJBPjD64h1qcGZjU5C2/qrj6sws6yJApPCyIkjtC1cg6a8Ws+l3Jma2Qmwn9wtqqO0Cvtl4REqg7C8bQ2wDR4gmRbMAAi+A3TjUi6stpAXvms2vyFcoGRaXIJJUVa0Xbqy8gm9GzmI6BwDJ9WFXPt3gjIX0m3BEtEdDelRgZUzpvup4B5RZgtBF59N+Z3PZXzeGSaf9IAjF+K7rPG5cFd9m8KDHhVUmMl2Z6kBcWwjFerYmX1FwwXopTZTFvRnpu79SPXbPzdYC2bdGAtz7dNbhSYnHHcWTL61hhw45j7mhKqkPvnFYKhjZgPxU7RGrzdJBByZlraBQ0rLptLqdIVwv:+ckK2Ki/7DGawVIXS0xYxhONXcRefBiwgvVkymm6TWM= | .www.mhhp-flex.org/ | 9/7/2024, 11:03:59 AM | no | no |