Summary
A Concise Overview of the scan result of url https://wawa.wexonline.com/
- Document
- HTML
- 1
- StyleSheets
- 6
- Scripts
- 18
- Font
- 6
- Images
- 5
- Links
- 0
- JavaScript Variables
- 189
- Console log messages
- 0
- Network
- Requests
- 53
- Bytes Transferred
- 3.26MB
- Bytes Total
- 12.43MB
- DNS Record
- CNAME Record
- 2
- A Record
- 1
- Technology
- Analytics
- 2
- User onboarding
- 1
- Security
- 2
- CDN
- 1
Document
Links
The outgoing links identified from the page.
Link | Text |
---|
JavaScript Variables
Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.
Technology
The technologies identified are present on the scanned URL.
Name | Description | Detected patterns |
---|---|---|
Analytics | ||
Pendo | Pendo is a product analytics platform used in release to enrich the product experience and provide insights to the product management team. | Type: scriptSrc Regex: \.pendo\.io\/ |
Google Analytics | Google Analytics is a free web analytics service that tracks and reports website traffic. | Type: scriptSrc Regex: google-analytics\.com\/(?:ga|urchin|analytics)\.js |
Security | ||
Imperva | Imperva is a cyber security software and services company for networking, data, and application security. | Type: headers Name: x-cdn Regex: (?:) |
HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS. | Type: headers Name: strict-transport-security Regex: (?:) | |
CDN | ||
Imperva | Imperva is a cyber security software and services company for networking, data, and application security. | Type: headers Name: x-cdn Regex: (?:) |
User onboarding | ||
Pendo | Pendo is a product analytics platform used in release to enrich the product experience and provide insights to the product management team. | Type: scriptSrc Regex: \.pendo\.io\/ |
Performance
The speed and efficiency of the scanned URL loads and displays its content.
- dns
- 1 msGood
- tcp
- 311 msPoor
- requestTime
- 365 msGood
- dom
- 3659 msPoor
DNS Record
A DNS record maps a domain name to an IP address or other resource information.
Type | Name | Content | DNSSEC |
---|---|---|---|
CNAME | wawa.wexonline.com | 9h97fgu.x.incapdns.net. | no |
A | 9h97fgu.x.incapdns.net | 45.60.45.96 | no |
CNAME | wawa.wexonline.com | 9h97fgu.x.incapdns.net. | no |
SSL Certificate
An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.
Subject | Issue date | Expiry date | Valid |
---|---|---|---|
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q2 | 4/16/2024 | 10/13/2024 | 6 months |
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1 | 12/15/2023 | 1/2/2025 | 1 year 19 days |
*.google-analytics.com WR2 | 7/30/2024 | 10/22/2024 | 2 months 23 days |
cdn.pendo.io WR3 | 7/23/2024 | 10/21/2024 | 3 months |
pendo.io WR3 | 7/19/2024 | 10/17/2024 | 3 months |
*.storage.googleapis.com WR2 | 7/30/2024 | 10/22/2024 | 2 months 23 days |
*.okta.com DigiCert TLS RSA SHA256 2020 CA1 | 2/12/2024 | 3/14/2025 | 1 year 1 month 1 day |
HTTP Headers
HTTP Header
An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.
Name | Value |
---|---|
accept-ranges | bytes |
cache-control | max-age=0, no-cache |
content-encoding | gzip |
content-security-policy | default-src 'self'; frame-ancestors 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io *.okta.com *.oktapreview.com *.oktacdn.com *.evergage.com *.googleapis.com *.wexhosted.com *.wexdrive.com *.gstatic.com *.google-analytics.com *.evgnet.com *.wexglobal.com *.sandbox.my.salesforce.com *.salesforceliveagent.com *.sandbox.my.salesforce-sites.com static.lightning.force.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io *.okta.com *.oktapreview.com *.oktacdn.com *.evergage.com *.googleapis.com *.wexhosted.com *.wexdrive.com *.gstatic.com *.google-analytics.com *.evgnet.com *.wexglobal.com *.sandbox.my.salesforce.com *.salesforceliveagent.com *.sandbox.my.salesforce-sites.com static.lightning.force.com; style-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io *.okta.com *.oktapreview.com *.oktacdn.com *.evergage.com *.googleapis.com *.wexhosted.com *.wexdrive.com *.gstatic.com *.google-analytics.com *.evgnet.com *.wexglobal.com *.sandbox.my.salesforce.com *.salesforceliveagent.com *.sandbox.my.salesforce-sites.com static.lightning.force.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io *.okta.com *.oktapreview.com *.oktacdn.com *.evergage.com *.googleapis.com *.wexhosted.com *.wexdrive.com *.gstatic.com *.google-analytics.com *.evgnet.com *.wexglobal.com *.sandbox.my.salesforce.com *.salesforceliveagent.com *.sandbox.my.salesforce-sites.com static.lightning.force.com; font-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io *.okta.com *.oktapreview.com *.oktacdn.com *.evergage.com *.googleapis.com *.wexhosted.com *.wexdrive.com *.gstatic.com *.google-analytics.com *.evgnet.com *.wexglobal.com *.sandbox.my.salesforce.com *.salesforceliveagent.com *.sandbox.my.salesforce-sites.com static.lightning.force.com data:; connect-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io *.okta.com *.oktapreview.com *.oktacdn.com *.evergage.com *.googleapis.com *.wexhosted.com *.wexdrive.com *.gstatic.com *.google-analytics.com *.evgnet.com *.wexglobal.com *.sandbox.my.salesforce.com *.salesforceliveagent.com *.sandbox.my.salesforce-sites.com static.lightning.force.com; frame-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io *.okta.com *.oktapreview.com *.oktacdn.com *.evergage.com *.googleapis.com *.wexhosted.com *.wexdrive.com *.gstatic.com *.google-analytics.com *.evgnet.com *.wexglobal.com *.sandbox.my.salesforce.com *.salesforceliveagent.com *.sandbox.my.salesforce-sites.com static.lightning.force.com; form-action 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io *.okta.com *.oktapreview.com *.oktacdn.com *.evergage.com *.googleapis.com *.wexhosted.com *.wexdrive.com *.gstatic.com *.google-analytics.com *.evgnet.com *.wexglobal.com *.sandbox.my.salesforce.com *.salesforceliveagent.com *.sandbox.my.salesforce-sites.com static.lightning.force.com; img-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io *.okta.com *.oktapreview.com *.oktacdn.com *.evergage.com *.googleapis.com *.wexhosted.com *.wexdrive.com *.gstatic.com *.google-analytics.com *.evgnet.com *.wexglobal.com *.sandbox.my.salesforce.com *.salesforceliveagent.com *.sandbox.my.salesforce-sites.com static.lightning.force.com data:; upgrade-insecure-requests |
content-type | text/html |
date | Fri, 02 Aug 2024 12:36:06 GMT |
etag | "66705d09-97b4" |
last-modified | Mon, 17 Jun 2024 15:58:01 GMT |
pragma | no-cache |
strict-transport-security | max-age=31536000; includeSubDomains; preload |
x-cdn | Imperva |
x-content-type-options | nosniff |
x-iinfo | 1011-13622091-13622103 nNYN RT(1722602165647 176) q(0 1 3 0) r(5 5) U12 |
Content Security Policy
Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.
Name | Value |
---|---|
default-src | 'self' |
frame-ancestors | 'self' |
style-src | 'self''unsafe-inline''unsafe-eval'*.pendo.io*.okta.com*.oktapreview.com*.oktacdn.com*.evergage.com*.googleapis.com*.wexhosted.com*.wexdrive.com*.gstatic.com*.google-analytics.com*.evgnet.com*.wexglobal.com*.sandbox.my.salesforce.com*.salesforceliveagent.com*.sandbox.my.salesforce-sites.comstatic.lightning.force.com |
script-src | 'self''unsafe-inline''unsafe-eval'*.pendo.io*.okta.com*.oktapreview.com*.oktacdn.com*.evergage.com*.googleapis.com*.wexhosted.com*.wexdrive.com*.gstatic.com*.google-analytics.com*.evgnet.com*.wexglobal.com*.sandbox.my.salesforce.com*.salesforceliveagent.com*.sandbox.my.salesforce-sites.comstatic.lightning.force.com |
style-src-elem | 'self''unsafe-inline''unsafe-eval'*.pendo.io*.okta.com*.oktapreview.com*.oktacdn.com*.evergage.com*.googleapis.com*.wexhosted.com*.wexdrive.com*.gstatic.com*.google-analytics.com*.evgnet.com*.wexglobal.com*.sandbox.my.salesforce.com*.salesforceliveagent.com*.sandbox.my.salesforce-sites.comstatic.lightning.force.com |
script-src-elem | 'self''unsafe-inline''unsafe-eval'*.pendo.io*.okta.com*.oktapreview.com*.oktacdn.com*.evergage.com*.googleapis.com*.wexhosted.com*.wexdrive.com*.gstatic.com*.google-analytics.com*.evgnet.com*.wexglobal.com*.sandbox.my.salesforce.com*.salesforceliveagent.com*.sandbox.my.salesforce-sites.comstatic.lightning.force.com |
font-src | 'self''unsafe-inline''unsafe-eval'*.pendo.io*.okta.com*.oktapreview.com*.oktacdn.com*.evergage.com*.googleapis.com*.wexhosted.com*.wexdrive.com*.gstatic.com*.google-analytics.com*.evgnet.com*.wexglobal.com*.sandbox.my.salesforce.com*.salesforceliveagent.com*.sandbox.my.salesforce-sites.comstatic.lightning.force.comdata: |
connect-src | 'self''unsafe-inline''unsafe-eval'*.pendo.io*.okta.com*.oktapreview.com*.oktacdn.com*.evergage.com*.googleapis.com*.wexhosted.com*.wexdrive.com*.gstatic.com*.google-analytics.com*.evgnet.com*.wexglobal.com*.sandbox.my.salesforce.com*.salesforceliveagent.com*.sandbox.my.salesforce-sites.comstatic.lightning.force.com |
frame-src | 'self''unsafe-inline''unsafe-eval'*.pendo.io*.okta.com*.oktapreview.com*.oktacdn.com*.evergage.com*.googleapis.com*.wexhosted.com*.wexdrive.com*.gstatic.com*.google-analytics.com*.evgnet.com*.wexglobal.com*.sandbox.my.salesforce.com*.salesforceliveagent.com*.sandbox.my.salesforce-sites.comstatic.lightning.force.com |
form-action | 'self''unsafe-inline''unsafe-eval'*.pendo.io*.okta.com*.oktapreview.com*.oktacdn.com*.evergage.com*.googleapis.com*.wexhosted.com*.wexdrive.com*.gstatic.com*.google-analytics.com*.evgnet.com*.wexglobal.com*.sandbox.my.salesforce.com*.salesforceliveagent.com*.sandbox.my.salesforce-sites.comstatic.lightning.force.com |
img-src | 'self''unsafe-inline''unsafe-eval'*.pendo.io*.okta.com*.oktapreview.com*.oktacdn.com*.evergage.com*.googleapis.com*.wexhosted.com*.wexdrive.com*.gstatic.com*.google-analytics.com*.evgnet.com*.wexglobal.com*.sandbox.my.salesforce.com*.salesforceliveagent.com*.sandbox.my.salesforce-sites.comstatic.lightning.force.comdata: |
upgrade-insecure-request |
Cookies
Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.
Name | Value | Domain/Path | Expires | Secure | HTTP Only |
---|---|---|---|---|---|
SESSION | [SESSION redacted] | wawa.wexonline.com/web/ | 12/31/1969, 11:59:59 PM | no | yes |
nlbi_1798405 | gjPNAEkhxzxKuo2N/3FrHAAAAACTnWziRJ7KqGTY7Mus2BAM | .wexonline.com/ | 12/31/1969, 11:59:59 PM | yes | yes |
visid_incap_1798405 | ouigTMrZStmRCT6v46oSr7XSrGYAAAAAQUIPAAAAAAD1bCm68E9469ZQb0tzXQGt | .wexonline.com/ | 8/1/2025, 10:35:56 PM | yes | yes |
incap_ses_1395_1798405 | cmjoc+1CC30dvizYNwlcE7bSrGYAAAAAo1QR/z4o5VGtigpM+CAf4Q== | .wexonline.com/ | 12/31/1969, 11:59:59 PM | yes | no |
nlbi_1798405_2147483392 | YxtUR+5T2RzRdRUJ/3FrHAAAAAB2C/ol/X6BhBpNwuCv7xIo | .wexonline.com/ | 12/31/1969, 11:59:59 PM | yes | yes |