indexo.dev

eswater.co.uk

.uk crawl

First seen 2026-05-15 · Last seen 2026-05-20 · ok HTTP/1.1 200 2502 ms crawled 2026-05-20

SE · 217.114.94.2 · AS30811 Optimizely AB

Reputation 100/100

Classifying

HTML metadata

Title
Essex & Suffolk Water | Supplying Water Services in the South East of England
Description
Essex and Suffolk Water
Language
en

Open Graph

url
https://www.eswater.co.uk
title
Essex and Suffolk Water
site name
Essex and Suffolk Water
description
Essex and Suffolk Water

Technology

CDN
Cloudflare
jQuery
3.5.0
Analytics
  • Google Analytics
  • Google Tag Manager
Fonts
  • Google Fonts
Third-party hosts loaded (17)
  • cdn.jsdelivr.net×3
  • cdnjs.cloudflare.com×2
  • fonts.googleapis.com×2
  • www.google.com×2
  • www.googletagmanager.com×2
  • ajax.googleapis.com×1
  • apis.google.com×1
  • auth.lrcontent.com×1
  • cdn.decibelinsight.net×1
  • collection.decibelinsight.net×1
  • fast.wistia.com×1
  • fast.wistia.net×1
  • maps.googleapis.com×1
  • pay.google.com×1
  • webservices.data-8.co.uk×1
  • www.google-analytics.com×1
  • www.gstatic.com×1

Social

DNS records live

NS
  • ns0.bt.net
  • ns1.bt.net
  • ns2.bt.net
MX
  • 10 eu-smtp-inbound-1.mimecast.com
  • 10 eu-smtp-inbound-2.mimecast.com
Verified for
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 ip4:168.245.70.97 include:eu._netblocks.mimecast.com include:_spf.emailcampaigns.net -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:23b0b735c7e0398@rep.dmarcanalyzer.com; ruf=mailto:23b0b735c7e0398@for.dmarcanalyzer.com; fo=1;
policy: quarantine
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-03-24 to 2026-06-22
Expires in 32 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.eswater.co.uk/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
child-src 'self'; connect-src 'self' *.analytics.google.com *.aptrinsic.com *.cookiebot.com *.decibel.com *.decibelinsight.net *.facebook.com *.flippingbook.com *.google-analytics.com *.google.co.uk *.google.com *.googleapis.com *.hotjar.com *.interactive-img.com *.kampyle.com *.litix.io *.medallia.eu *.mouseflow.com *.pure.cloud *.reciteme.com *.veritonicmetrics.com/ *.wistia.com *.wistia.net api.srv247app.com ask.hotjar.io browser.sentry-cdn.com cdn.jsdelivr.net chats.landbot.io collection.decibelinsight.net https://atr-eu.veritonicmetrics.com/ https://cdn.veritonic.com/ https://content.hotjar.io https://dc.services.visualstudio.com https://google.com/pay https://kappa-nwl-webapp1-prod.azurewebsites.net https://metrics.hotjar.io/ https://stats.g.doubleclick.net https://vc.hotjar.io https://webservices.data-8.co.uk https://www.googletagmanager.com ib.adnxs.com interactive-img.com js.monitor.azure.com kappa-esw-webapp1-prod.azurewebsites.net messages.landbot.io sitepixel.blis.com stats
strict-transport-security
max-age=31536000; includeSubDomains

Links to (9)

Linked from (1)