indexo.dev

hdrinc.com

.com crawl

First seen 2026-04-13 · Last seen 2026-05-19 · ok HTTP/1.1 200 1638 ms crawled 2026-05-06

US · 23.185.0.2 · AS54113 Fastly, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
HDR
Description
HDR is a 100% employee-owned, global professional services firm specializing in architecture, engineering, environmental and construction services.
Language
en
Generator
Drupal 10 (https://www.drupal.org)
Canonical
https://www.hdrinc.com/
Translations
  • de
  • en
  • en-au
  • en-ca

Open Graph

url
https://www.hdrinc.com/
title
HDR
site name
HDR
description
HDR is a 100% employee-owned, global professional services firm specializing in architecture, engineering, environmental and construction services.

Technology

Server
nginx
CMS
Drupal
Analytics
  • Google Tag Manager

Third-party hosts loaded (4)

  • cdnjs.cloudflare.com×3
  • cdn.jsdelivr.net×2
  • cloud.typography.com×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
CSC Corporate Domains, Inc.
Created
1994-12-30
Expires
2028-09-26 860 days left
Updated
2023-04-10
Name servers
  • ns1.hdrinc.com
  • ns2.hdrinc.com
  • ns3.hdrinc.com
  • ns4.hdrinc.com

DNS records live

NS
  • ns1.hdrinc.com
  • ns2.hdrinc.com
  • ns3.hdrinc.com
  • ns4.hdrinc.com
MX
  • 10 hdrinc-com.mail.protection.outlook.com
TXT
Show 19 TXT records
  • iptmjnhhi3fkk1poi3ufjvmtph
  • form1mcskmkpmto50fka0qat59
  • apple-domain-verification=e0Gp2dxJRQG9s7eX
  • box-domain-verification=84ec6bbc0eb45cb190229eee54b59db179686f9f5b8ad37f77740710a22d2cf7
  • TywdeQufkBi/jhCUTFtuhZQjm0eaKylGIvp0wLcIQptdHfSeizoYIYqAzbZpsE8H7/xJ4yzDFgqL2WU+1nQAFA==
  • docusign=565b811d-cf37-48c2-b702-ba7c6dda26b2
  • adobe-idp-site-verification=188d04f4-0a9c-4335-980d-ef44d030ba48
  • ciscocidomainverfication=183d774f37ddd4e754ab81b5941780f2022c541777373e9027320ad94f9d5505
  • hcp-domain-verification=7e19d50518b3cfdc5e768b08138bd17dce37e340d672bee511057bff5431ac9e
  • atlassian-domain-verification=qu9uLyLkyc4U1zsT5WfefiaRxP6zJ2lHCel2j5IQ3bTBW6TMVLy2AiKu15XkUviU
  • duo_sso_verification=1jvBp9LVrp5oLaTt96QLUTgvSyosH5BhbAG3Qq0ZNUcHwWHWHlsXI3wHYcnuZQN8
  • logmein-verification-code=a9690a6e-ebdf-4bad-a91b-982974ff3063
  • ZOOM_verify_Ru3AkahHRNkQZj7xhSS0j6
  • docusign=9b6e2839-1e79-4e06-a5c3-8fe5e6c2b602
  • google-site-verification=jlSMtSd645s5cuOb_vYJ4NqyFBp6zdlBIAySKXP2QIM
  • onx=252e04e3-5d1c-4576-a596-1d33227c2771
  • cisco-ci-domain-verification=2fc54cb127f33d23107d8f836b1cb3c812f40e7ff13c26f31e003d950242fd06
  • facebook-domain-verification=pg8z6l42blozcmg4llk70z2q15ft3g
  • docker-verification=7c4b1aac-66e2-40c1-b075-2e2587dba694

Email authentication strong

SPF
v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email include:rp.oracleemaildelivery.com ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; rua=mailto:dmarc_agg@vali.email,mailto:ad.sharedtest@hdrinc.com
policy: reject (enforced)
DKIM
Show 6 DKIM selectors
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwOmiTcJ8wAa6m/e/nYZT9QjoHxDuFfi8azLWG0VjDljnfJTig5BWk7rmpuZde1njrHkEb29mJY2kh…
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCl/rAybwukGlWKN5gDAL8h01POtWjJv+iwph2FinNvIjSInIXWC+XelEVSP7MNy3sC9Z5iRRb6aD1f3s8/cL…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNTHMyIECWdLNmqv+QRbMrVvGtC10zmb/ANGt1OcIqyCRNpO2NisPc1KTMaQugE2mKNCCj3RGer8f3…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlCwZydCUhloPjwCHJp3vU8TqI71ccuEcol5Pz/hAFk7jQ+J5oHEVB3o63mFlV7nku1Gu4+b8FycRSGSOZ…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBN2KOrjtQG2bTZAZ+eaKAiwXhvc1dWGU9Ro+hjSoxE2jwXbQio9gNTXf+eN3Q/+6NWZWGQQ/YQCbKJzUC+irrNX…
selectors probed

Certificate (current)

R12
from 2026-05-03 to 2026-08-01
Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.hdrinc.com/

present
  • strict-transport-security
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-resource-policy
findings
  • missing Content Security Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), screen-wake-lock=(), usb=()
x-content-type-options
nosniff
strict-transport-security
max-age=31622400; includeSubDomains; preload
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self' www.google-analytics.com www.youtube.com cdn.cookielaw.org *.onetrust.com *.gstatic.com *.google.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com cdn.jsdelivr.net cdn.cookielaw.org img03.en25.com *.youtube.com *.google.com *.gstatic.com *.google-analytics.com embed.vev.page *.vev.design *.googleapis.com discover.hdrinc.com *.cloudflare.com unpkg.com; style-src 'self' 'unsafe-inline' cloud.typography.com cdn.jsdelivr.net *.googleapis.com www.hdrinc.com unpkg.com *.cloudflare.com; img-src 'self' data: *; media-src film.vev.design cdn.vev.design; frame-src 'self' *.google.com *.youtube.com *.vimeo.com discover.hdrinc.com *.doubleclick.net player.blubrry.com e.issuu.com caupneif01 *.youtube-nocookie.com *.googletagmanager.com *.cloudflare.com; child-src 'self' *.google.com *.youtube.com; font-src 'self' data: cloud.typography.com cdn.vev.design *.gstatic.com www.hdrinc.com cdn.scite.ai use.typekit.net fonts.vev.design; connect-src 'self' *.goog

Links to (5)

Linked from (25)