indexo.dev

wexhealthcard.com

.com crawl

First seen 2026-04-28 · Last seen 2026-05-18 · ok HTTP/1.1 200 10042 ms crawled 2026-05-05

US · 45.223.181.93 · AS19551 Incapsula Inc

Reputation 100/100

sector health type homepage

HTML metadata

Title
Login to WEX Health Card Central

Registration

Registrar
Amazon Registrar, Inc.
Created
2016-07-20
Expires
2026-07-20 61 days left
Updated
2025-06-15
Name servers
  • ns1-04.azure-dns.com
  • ns2-04.azure-dns.net
  • ns3-04.azure-dns.org
  • ns4-04.azure-dns.info

DNS records live

NS
  • ns1-04.azure-dns.com
  • ns2-04.azure-dns.net
  • ns3-04.azure-dns.org
  • ns4-04.azure-dns.info
TXT
Show 4 TXT records
  • _globalsign-domain-verification=blyObPawODPCelGJt65t2fMwrbwhz3jX0IUBYhCl7v
  • _globalsign-domain-verification=Ifqfkihqi3KCoHxlONLspWvyfsOyxh4fZMlaI2Cws4
  • v=spf1 include:sendgrid.net include:moveitcloud.com ip4:204.232.191.30 -all
  • _globalsign-domain-verification=vjkACDKrjI_mNb_9fKV4b4P_U6XE3MgSoNZ2h0PhC3

Certificate (current)

GlobalSign RSA OV SSL CA 2018
from 2025-08-26 to 2026-09-27
Expires in 131 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://wexhealthcard.com/LoginPage.aspx?ReturnUrl=%2f

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; font-src 'self'; connect-src 'self'; frame-ancestors 'none'; base-uri 'self';
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (1)

Linked from (1)