indexo.dev

bain.com

.com toplist crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 4259 ms crawled 2026-05-19

SE · 217.114.94.2 · AS30811 Optimizely AB

Reputation 95/100 weak security headers

sector b2b services type homepage

HTML metadata

Title
Global Management Consulting Firm | Bain & Company
Description
Bain & Company is a top management consulting firm. We advise leaders on strategy, marketing, organization, operations, IT and M&A, across all industries and geographies.
Language
en
Canonical
https://www.bain.com/
Translations
  • de
  • el
  • en
  • fr-fr
  • it-it
  • ja-jp
  • ko-kr
  • pt-br

Open Graph

url
https://www.bain.com/
title
Bain & Company
locale
en
site name
Bain
locale:alternate
el

Technology

CDN
Cloudflare
CMS
Gatsby
Cookie consent
  • TrustArc

Third-party hosts loaded (3)

  • consent.trustarc.com×1
  • dev.visualwebsiteoptimizer.com×1
  • players.brightcove.net×1

Social

Contact

Phone

Registration

Registrar
Amazon Registrar, Inc.
Created
1994-02-02
Expires
2031-03-26 1771 days left
Updated
2026-05-16
Name servers
  • ns-1388.awsdns-45.org
  • ns-1707.awsdns-21.co.uk
  • ns-509.awsdns-63.com
  • ns-549.awsdns-04.net

DNS records live

NS
  • ns-1388.awsdns-45.org
  • ns-1707.awsdns-21.co.uk
  • ns-509.awsdns-63.com
  • ns-549.awsdns-04.net
MX
  • 10 mxa-0011b601.gslb.pphosted.com
  • 10 mxb-0011b601.gslb.pphosted.com
TXT
Show 36 TXT records
  • docusign=91ceedcb-06ff-40c0-98aa-e108a8b31b77
  • z4wydh5mbjbl5lckv67rdwmqz9mcqzhl
  • miro-verification=07ba3c58f57f2fa062eabcc4e2fc73d5dd06be32
  • zscaler-verification-18347671-9262025-l1Xbkv4J
  • jamf-site-verification=fTNGTmzhi8yJGIGlCunYyQ
  • notion-domain-verification=wIEGSBuyAVGbHk2irrXnVAcUMm57ihRl0GdO2qIcEhR
  • 78vvgbhs99rvp4wgqzwvq241r61frqf2
  • cursor-domain-verification-xj42kw=DXhuMvX6JAE7MTxocMnYArir5
  • atlassian-domain-verification=EkLjeEXlRYwFKaPAuK0l3JhX6RPkVLdHYQ8rq3CDALZ40nlKT1F97vhZ86mVRz93
  • onetrust-domain-verification=3df4edac6e194fed899817ecfd260e26
  • DqAyZE+fL6ZLymcdq2QjpBxcaXjdi3FtCLrBDtmg8DX6HcNHcg7CCirPAhiyfa7o2/HbCzuqOxQXEuGC1ZUccQ==
  • mandrill_verify.rvtwNvxF9BQ5ybEGBt-QUg
  • _blr28xpf4hsp7r6qopn0fminknj821s
  • ciscocidomainverification=24e45b082dd667e24ebdac1a2aebf9939f278f15fc229a59179fb867f5f33b5d
  • pendo-domain-verification=HpnrhhnSfABF_74_ftejBjpN-qs
  • aace35d4bfeb4b77a6cc3645a7a0fa37
  • ms-domain-verification=62be7bd7-1b07-4b70-8470-e09de90026ae
  • apple-domain-verification=JnMZkFAZF3WhhlfQ
  • _t4jqcfskfg49yj85u0g25l7zwovi0iu
  • digicert=22z8r0y88kspkqq5pwk7fw2r61d7jxgw
  • perplexity-ai-domain-verification-q85zmd=RKFjT3T6dPaBpaDwmybB4nCnq
  • docusign=2d31fca0-981e-45aa-8adf-6f5f20807745
  • ms-domain-verification=8bc5f87a-71d1-444e-8ebf-092bb4f9ebf8
  • SFMC-mHaQcoZEE2i18_pCzSZRtqGq837yL_Kn2FJWiMf2
  • bksbkbnmo87ukk8lc640g38t3h
  • 3o4b3o6ekta9r591qohgm9eop5
  • hcp-domain-verification=e942f1a1d34c8f6c687cea34f0cac47031496e90333a6d5b4e5c95e35e567fb9
  • google-site-verification=P8AO3xPkP84FN43yf1GF-Oq0YK5ZdsSxe9MUK3PhfRc
  • MS=ms51069991
  • anthropic-domain-verification-f6cbr7=98FlxH17hi5Z8kMJLvjFUpOUI
  • 2d31fca0-981e-45aa-8adf-6f5f20807745
  • s60IEPntyvZ64FvQGe3KOpveiWvXFgqOFvHHqKGGXg9HCA59dubiBvtpir1ehi5HlwTywlWDlZAduKESmb04Aw==
  • teamviewer-sso-verification=1cf60b76e6854cf39429ef802ccc8b92
  • yahoo-verification-key=Z2bOtmg1WRbxfS5ilcm1q3S3Lc+0a/FPH3U27Uw6iRA=
  • onetrust-domain-verification=a7c7fdf713c24785bec62ab2af721fe9
  • docker-verification=524ea8a4-ee67-4e6e-8779-5246298c375e

Email authentication strong

SPF
v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com include:spf.protection.outlook.com include:spfhost.messageprovider.com ip4:205.220.173.229 ip4:205.220.161.229 ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com
policy: reject (enforced)
DKIM
Show 7 DKIM selectors
  • default: v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Q5GTuCkTCXEAL7daVB4X5LsDzH8dVmEheTMulZx/NgXi3qEPvtR/rshhjNjiTfM1Gxf…
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnvy6oMMCUdQNVRBubhatoM4Y8f1L//dFOTuFFaEODVMJ6/b568fXG/8ODhwRJ9/6w152XJ4PhnNjJ…
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mz+djSzaj1fd3WZbLIOdNrwlrvAVjzNqCTcLS9UdQobTsy3FTYBq5MkDJr+KJ8DOJguiK2TYfLWXH…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70oWEkqj1QWaYmhzc1uYpzhx87vW8JSoJQ6YQQDOzq1DAImiEoKiToImUuOsSeI6ekG7ONfVHffNVe…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3AbFs8U1tw3deK9iwP0EuXZeThQbXS1XHn9jtMT1lHTSwnVfqlmX99yZqhL75gc2SZsbannlGrluzK/1A…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6fXHYy9oOiDXzblj9pUeBAbcBgyctLSKeVrN+GqFBwrAFgM7RdF5wO1ZWvwIMFdsHP0w/bRL2eBz8PP+ARsYN76…
selectors probed

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2025-07-08 to 2026-07-08
Expires in 49 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.bain.com/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
script-src 'nonce-5t6cqA2sdRcVQVDk2DET/ShmCmNwLcn7XBMcFFnTBi0=' 'strict-dynamic' 'self' 'unsafe-inline' 'unsafe-eval' https: http:; object-src 'self';

Links to (8)

Linked from (17)