indexo.dev

ecovadis-survey.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 2818 ms crawled 2026-05-19

US · 150.171.109.101 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title
EcoVadis Platform
Language
en

Technology

CDN
Azure Front Door
CMS
Gatsby
Fonts
  • Google Fonts

Third-party hosts loaded (1)

  • fonts.googleapis.com×2

Registration

Registrar
NETIM SAS
Created
2007-09-24
Expires
2026-09-24 126 days left
Updated
2025-09-16
Name servers
  • ns1-02.azure-dns.com
  • ns2-02.azure-dns.net
  • ns3-02.azure-dns.org
  • ns4-02.azure-dns.info

DNS records live

NS
  • ns1-02.azure-dns.com
  • ns2-02.azure-dns.net
  • ns3-02.azure-dns.org
  • ns4-02.azure-dns.info
TXT
  • 962a6ba18b844919a40e6cdfb27bcddb
  • 7bwl1kglrr62sfx4lpx2cscm45m5nhp7
  • 0pm06z634ywr6lgjz583jqkrs86d49jg
Verified for
  • Google

Email authentication no MX

SPF
v=spf1 include:r4bqmj1n9y.spf.mailauth.ironscales.com -all
strict (-all)
DMARC
v=DMARC1; p=reject; adkim=s; aspf=s; rua=mailto:tozbvxx0t7@rua.mailauth.ironscales.com; ruf=mailto:tozbvxx0t7@ruf.mailauth.ironscales.com; pct=100; fo=1;
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2026-04-14 to 2026-10-30
Expires in 162 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.ecovadis-survey.com/app/#/login

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
no-referrer
x-frame-options
DENY
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.pendo.io *.maze.co; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' *.google-analytics.com *.googletagmanager.com ajax.googleapis.com *.uservoice.com *.tableau.com *.tableauusercontent.com *.stripe.com *.datatables.net https://*.ecovadis-survey.com/ *.hotjar.com *.storage.googleapis.com *.pendo.io *.maze.co *.site24x7rum.com;style-src 'report-sample' 'self' 'unsafe-inline' https://*.ecovadis-survey.com blob: fonts.googleapis.com *.datatables.net *.jsdelivr.net *.storage.googleapis.com *.pendo.io *.maze.co; frame-src 'self' *.googletagmanager.com *.online.tableau.com *.stripe.com https://pendo-eu-extensions.storage.googleapis.com/ *.hotjar.com/ *.pendo.io *.maze.co https://portal.productboard.com/ https://recognition.ecovadis.com/ https://*.ecovadis-survey.com/;connect-src 'self' *.online.tableau.com *.ecovadis-survey.com *.ecovadis-itlab.com *.google-analytics.com com sentr
strict-transport-security
max-age=31536000; includeSubDomains

Linked from (1)