indexo.dev

lesmills.com

.com crawl

First seen 2026-04-13 · Last seen 2026-05-15 · ok HTTP/1.1 200 1143 ms crawled 2026-05-06

US · 198.202.211.1 · AS209242 Cloudflare London, LLC

Reputation 100/100

Classifying

HTML metadata

Title
Science-Backed Workouts | Les Mills
Description
Combining science, music and movement, we create life-changing workouts – and help millions of people find fitness joy in gyms and homes worldwide.
Language
en
Canonical
https://www.lesmills.com
Translations
  • de-de
  • en
  • en-ae
  • en-gb
  • en-se
  • en-us
  • ja-jp
  • nl-nl
  • pt-br

Open Graph

title
Science-Backed Workouts | Les Mills
description
Combining science, music and movement, we create life-changing workouts – and help millions of people find fitness joy in gyms and homes worldwide.

Technology

CDN
Cloudflare
Fonts
  • Google Fonts
Third-party hosts loaded (13)
  • cdn.prod.website-files.com×131
  • cdn.jsdelivr.net×2
  • cdnjs.cloudflare.com×2
  • 117886483.intellimizeio.com×1
  • ajax.googleapis.com×1
  • api.intellimize.co×1
  • cdn.intellimize.co×1
  • d3e54v103j8qbb.cloudfront.net×1
  • fonts.googleapis.com×1
  • fonts.gstatic.com×1
  • geoip-js.com×1
  • log.intellimize.co×1
  • unpkg.com×1

Social

Registration

Registrar
GoDaddy.com, LLC
Created
1998-01-26
Expires
2027-01-25 250 days left
Updated
2026-01-26
Name servers
  • pdns07.domaincontrol.com
  • pdns08.domaincontrol.com

DNS records live

NS
  • pdns07.domaincontrol.com
  • pdns08.domaincontrol.com
MX
  • 0 lesmills-com.mail.protection.outlook.com
TXT
Show 16 TXT records
  • g6qqsmqpd3slfhj0uhntf9if7f
  • atlassian-domain-verification=efeg9U8E9t8gsFaapC4fgcyetZZbrk9dKnBEsB0wPp5DeVDhcqgSoEe7kweO1fjI
  • google-site-verification=7UmgDyU9eFR-H8f5D79ARtrCzlGjvExzFclRm1HJnHU
  • jamf-site-verification=gg6YClxvU6kmWPhRYbn7Eg
  • lesmills-redirect.azurewebsites.net
  • e2bgd15lh58ih2c7jtoiaqka5l
  • MS=ms63361952
  • apple-domain-verification=Abpznq7e95luVxVe
  • facebook-domain-verification=s9lly1dfzvxnehcoa1eiafqx568doi
  • anthropic-domain-verification-xr445k=SZWrEj6Nv7s98Gk8cjq9YfPB5
  • gg6YClxvU6kmWPhRYbn7Eg
  • facebook-domain-verification=6xuxomt9rz6nbt9vo043rjvlritqld
  • miro-verification=ee018b9fa5124489a308bb7a59b864cde7d6e9d9
  • google-site-verification=sjP-961c9UyeCwnmQ4H7izFrITVTlRoMtuY-zPFnCgw
  • google-site-verification=7VgU3bPLGkGPm_dK3V8BXZvk2Bsm-2vVNmrcn1XOG84
  • _globalsign-domain-verification=tUc0bLSi2FY2kqPD-V5Th3PKxdGm0u51kBPaK1jkNy

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com include:sendgrid.net include:amazonses.com include:servers.mcsv.net include:_spf.salesforce.com include:_spf.qualtrics.com include:_spf.psm.knowbe4.com -all
strict (-all)
DMARC
v=DMARC1; p=reject; rua=mailto:4urpkf1k@ag.au.dmarcian.com;
policy: reject (enforced)
DKIM
Show 6 DKIM selectors
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDEyRls13H2j3HTHaw99mHPCFDx+erCQh1zkTSR0wRsgQFH+3bkRQIjehZ7G4BzHzLPKgmi8XGsxMz…
  • selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwJAspOtF4+dxUFtznDOPAXFp+7i2ddWZnpw3JajfwZ5pcZelXCyiAzKvnsb13dG4sY8ifiwQbUS4aGWq7Fg…
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBhqu7KDNduXLRjmPwPzxm+krRPZGLZbLbwzMI9Lc9LSA0OXqjtDMYU0638rW1yvAUpD5TMsWHd+4g0HZV…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCcmnxT3fjRInvhdspXjZJw/lUwq/HNgHmm2na4ns2Kw4cYWZBIL9n8EcGLzVIy+zI5dGYp4cOa8ALbLQq8RSda4c…
selectors probed

Certificate (current)

WE1
from 2026-04-28 to 2026-07-27
Expires in 68 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.lesmills.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.adnxs.com *.azureedge.net *.c212.net *.clarity.ms *.cloudflare.com *.cloudfront.net *.cookiebot.com *.datadoghq-browser-agent.com *.doubleclick.net *.eloqua.com *.en25.com *.facebook.com *.facebook.net *.force.com *.google-analytics.com *.google.co.nz *.google.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.hs-scripts.com *.hsforms.com *.hubspot.com *.hubspot.net *.intellimize.co *.intellimizeio.com *.jsdelivr.net *.lesmills.com *.linkedin.com *.livechatinc.com *.magisto.com *.mapbox.com *.maxmind.com *.mediatrackr.com *.pinimg.com *.pinterest.com *.prod.lesmills.com *.rdstation.com.br *.salesforceliveagent.com *.snapchat.com *.staging.lesmills.com *.storepoint.co *.tiktok.com *.vimeocdn.com *.yotpo.com *.youtube.com analytics.webflow.com cdn.prod.website-files.com cdn.prod.website-files.com challenges.cloudflare.com geoip-js.com hooks.zapier.com ipapi.co js.zi-scripts.com lesmills--uat.sandbox.my.site
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (11)

Linked from (6)