indexo.dev

lh1ondemand.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 1896 ms crawled 2026-05-18

US · 45.223.161.93 · AS19551 Incapsula Inc

Reputation 100/100

Classifying

HTML metadata

Title
Generic Login - WEX Benefits
Language
en

Technology

Server
Microsoft-IIS

Registration

Registrar
Amazon Registrar, Inc.
Created
2005-12-28
Expires
2026-12-28 221 days left
Updated
2026-05-14
Name servers
  • ns1-04.azure-dns.com
  • ns2-04.azure-dns.net
  • ns3-04.azure-dns.org
  • ns4-04.azure-dns.info

DNS records live

NS
  • ns1-04.azure-dns.com
  • ns2-04.azure-dns.net
  • ns3-04.azure-dns.org
  • ns4-04.azure-dns.info
MX
  • 10 mx1.lh1ondemand.com
  • 10 mx2.lh1ondemand.com
Verified for
  • GlobalSign
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 mx include:moveitcloud.com ip4:204.232.191.30 -all
strict (-all)
DMARC
v=DMARC1; p=reject; rua=mailto:9t7oikpq@ag.dmarcian.com; ruf=mailto:9t7oikpq@fr.dmarcian.com; fo=0:1:d:s
policy: reject (enforced)
DKIM
  • smtpapi: k=rsa;t=s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76yo…
selectors probed

Certificate (current)

GlobalSign RSA OV SSL CA 2018
from 2025-07-10 to 2026-08-11
Expires in 83 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://lh1ondemand.com/LoginGeneric.aspx

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; default-src 'self' https://cdn.plaid.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' assets.adobedtm.com https://www.google.com https://www.gstatic.com https://cdn.plaid.com/link/v2/stable/link-initialize.js https://platform.benefits.wexglobal.com/identityverification/v1/js/identityverificationwrapper.min.js; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com fonts.googleapis.com; font-src 'self' https://maxcdn.bootstrapcdn.com fonts.gstatic.com; media-src *; object-src 'none'; frame-src 'self' http: fast.whc.demdex.net https://cdn.plaid.com; connect-src 'self' dpm.demdex.net https://production.plaid.com https://northamerica.directline.botframework.com wss://northamerica.directline.botframework.com blob:; img-src 'self' * data:;frame-ancestors 'self';;
strict-transport-security
max-age=31536000; includeSubDomains; preload

Linked from (13)