indexo.dev

maze.co

.co toplist crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 404 ms crawled 2026-05-18

US · 18.165.140.34 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Maze | User Research and Testing Platform
Description
Maze empowers researchers to be change makers—turning research into a center of influence. Built for scale, versatility, and powered by research-grade AI.
Language
en
Generator
Gatsby 5.16.1
Canonical
https://maze.co/

Open Graph

url
https://maze.co/
title
Maze | User Research and Testing Platform
site name
Maze
description
Maze empowers researchers to be change makers—turning research into a center of influence. Built for scale, versatility, and powered by research-grade AI.

Technology

CDN
Amazon CloudFront
Server
Netlify
CMS
Joomla

Third-party hosts loaded (2)

  • www.datocms-assets.com×75
  • cdn-cookieyes.com×2

Social

Contact

Address
167-169 Great Portland Street 5th Floor, W1W 5PF, London, UK

DNS records live

NS
  • ns-1436.awsdns-51.org
  • ns-2001.awsdns-58.co.uk
  • ns-311.awsdns-38.com
  • ns-807.awsdns-36.net
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • _cf-custom-hostname.compliance=f55475fa-fbeb-4477-8b56-4ca06955779b
Verified for
  • Google

Email authentication strong

SPF
v=spf1 redirect=maze.co.hosted.spf-report.com
no all qualifier
DMARC
v=DMARC1;p=reject;fo=1;rua=mailto:b18abbe7@mxtoolbox.dmarc-report.com;ruf=mailto:b18abbe7@forensics.dmarc-report.com;pct=100
policy: reject (enforced)
DKIM
  • google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbRJouoYftg+MK/Ei4XKdydi8VHt1Uis00pr+Pl15XbvFEEAM4DlFwao5wS0WNx64F2K53xnhQbhwr6wBtSc…
selectors probed

Certificate (current)

Amazon RSA 2048 M03
from 2025-07-19 to 2026-08-18
Expires in 89 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://maze.co/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
same-origin
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval' https://*.maze.co https://cdn-cookieyes.com https://cdn.amplitude.com https://cdn.segment.com https://www.google-analytics.com https://*.googletagmanager.com https://pagead2.googlesyndication.com https://googleads.g.doubleclick.net https://www.googleadservices.com https://connect.facebook.net https://*.clickagy.com https://*.cdnjs.network https://bat.bing.com https://static.ads-twitter.com https://snap.licdn.com https://*.twitter.com https://*.zoominfo.com https://js.zi-scripts.com https://extend.vimeocdn.com https://player.vimeo.com https://*.chilipiper.com https://mazedesign.widget.insent.ai https://*.cloudfront.net *.hs-scripts.com *.hsadspixel.net *.hs-analytics.net js.hscta.net *.hubspot.com *.hubspot.net static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hubspotfeedback.com feedback.hubapi.com https://www.google.com/re
strict-transport-security
max-age=31536000

Links to (5)