indexo.dev

vtex.com

.com toplist crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 2967 ms crawled 2026-05-18

US · 64.239.109.1 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
The AI-Native commerce suite of choice for bold CIOs and CEOs
Description
Modernize your stack and drive operational results with an AI-Native unified commerce solution.
Language
en-US
Canonical
https://www.vtex.com/en-us
Translations
  • en-us
  • es-mx
  • pt-br

Open Graph

url
https://www.vtex.com/en-us
title
The AI-Native commerce suite of choice for bold CIOs and CEOs
site name
VTEX
description
Modernize your stack and drive operational results with an AI-Native unified commerce solution.

Technology

CDN
Vercel
CMS
WordPress
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • d2xsxph8kpxj0f.cloudfront.net×5
  • www.googletagmanager.com×1

Social

Contact

Address
st CenterContact UsTrust Center·Privacy Policy·Legal·Compliance Portal© 2026

Registration

Registrar
Moniker Online Services LLC
Created
2001-11-20
Expires
2026-11-20 184 days left
Updated
2025-11-25
Name servers
  • ns-1169.awsdns-18.org
  • ns-1980.awsdns-55.co.uk
  • ns-259.awsdns-32.com
  • ns-571.awsdns-07.net

DNS records live

NS
  • ns-1169.awsdns-18.org
  • ns-1980.awsdns-55.co.uk
  • ns-259.awsdns-32.com
  • ns-571.awsdns-07.net
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 28 TXT records
  • google-site-verification=Yz1xRUA6kunCFYftrexKdncypR_QzL_1XiKiC8i20yc
  • google-site-verification=q2JSFJxW2OAHLE2vVM8IxYKfinRe_dbk9w31RAd2sD8
  • google-site-verification=xKVMX26wdpyC9q0oYtyKl3JVLoGgFmIQ0r2nGx8sUPg
  • google-site-verification=uMWurnQMQdpfMTSfY8QbW9IiDY5WyOGdFTiDVk80iJI
  • google-site-verification=i_ozhJyJCaBYovj5aK2F0fBpkHAWx9JV0xUVDsjYAQk
  • pardot601901=900bb158329599a509ab23dfc79235e3ad76e9055058bf093de26c8025f74bbf
  • apple-domain-verification=WIe0NfU9XCI44ogI
  • miro-verification=f3fbc24eef2da5c205745032f6864420c68b85cd
  • google-gws-recovery-domain-verification=47612223
  • amazonses:Vejm+mvsw0N0HUxE5u/DoMB/12dmkSuRojQ8LWjrBh0=
  • google-site-verification=h_qowQ-AzF9Np9Z0D7ksKIwEAtnTlgSKluP0bPFOORY
  • notion-domain-verification=wSAVFYaga6GtAIeab3E5awAXa8OZ4eWLjpYJCb2WhCt
  • docusign=7a0c3b15-65a6-47e2-998b-f4e349cdcdf2
  • atlassian-sending-domain-verification=be2dcbf6-a1f0-4dc1-a8c1-c580dc3392d0
  • pardot870431=a249834577fc0708f246afdb4d2936d75271e630e6c888e9e1f063fc1450f4f4
  • rm_verify=bb81eb5053
  • google-site-verification=BsH-ZJ-ZeinJS07SMT2g9l7ZzxkNmnjNmyQyVbdbNW0
  • slack-domain-verification=xbsMNbEkluWdrXzO4aeor4QHSpfBxo3CKCySffDn
  • anthropic-domain-verification-nvgdw5=1LQWgNK34G5QNuIQaaUqIwlB6
  • MS=ms42091898
  • google-site-verification=vfEitw5YWxwdJ5g-MQRH5VwMwlzT55aSYnFOqEDD-sA
  • google-site-verification=0ecPTP1I-64IlTA4lMc00D6o9VO0G3_S9wD1mcw30oI
  • google-site-verification=bBHQ5Tegy_Pr5RBEQCPB7NCOopreQffrOSyxcIUj6Hs
  • google-site-verification=zsgkVbvbD4jmSXrkIY1bfehVGV_RiD7aGJO6HwTmk84
  • "knowbe4-site-verification=1d77d144fa24a0b362bcc33cd2965b42"ZOOM_verify_PHkcnOBsdZ5aGZjlma3mPJ
  • atlassian-sending-domain-verification=8dd54cc5-b803-40dc-8168-591aa2c9e03d
  • google-site-verification=xtypzZomC9zao-cst_pfAiEn7NCrsRmprCKYzWsiSb8
  • google-site-verification=S49-_LXYeuxPuJ8x2h1VhbHLUnVEj_OHnPCX9VKvEjM

Email authentication strong

SPF
v=spf1 include:_s01099538.autospf.email include:sendgrid.net ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; rua=mailto:dmarc-report@vtex.com; pct=100; adkim=s; aspf=s;
policy: reject (enforced)
DKIM
Show 4 DKIM selectors
  • google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4ZDUQ5wXBaYlzGxZh+ZfwfyjUZkIj8y+zNe9oUVnu9e0E+QaxN/ro6B+rfcoKDOO/Lt0dDDEaMUjtDMwafW…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsR+7N8JGpaJ5LWqMpcCJ37/5boGVb4OMytTUQBxLj+oqCrkUAUQzAJS0bpvBwk0orpHzZBJR1EsAnWR/TZ…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRd3X9IPCpxZuPh5ttp4fFTQyXzc896u6OmRJPS3IpfO/Y41vyctTMZCyMmo98+4mx3ThoyXX5PCXWnRVSC5ZegD…
  • smtpapi: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…
selectors probed

Certificate (current)

R13
from 2026-04-21 to 2026-07-20
Expires in 62 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.vtex.com/en-us/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
camera=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' www.googletagmanager.com *.google-analytics.com *.googleadservices.com *.doubleclick.net js.hsforms.net js.hs-scripts.com js.hscta.net js.usemessages.com *.hubspot.com static.hsappstatic.net assets.trustworks.io gtnr.io va.vercel-scripts.com vitals.vercel-insights.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: *.cloudfront.net *.hsforms.com *.hubspot.com *.hsappstatic.net; font-src 'self' *.hsappstatic.net; media-src 'self' *.cloudfront.net; connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.hubspot.com *.hsforms.com *.hsforms.net *.hs-analytics.net *.hubapi.com static.hsappstatic.net hubspot-forms-static-embed.s3.amazonaws.com api.trustworks.io ipapi.co gtnr.io vitals.vercel-insights.com va.vercel-scripts.com; frame-src www.youtube.com *.hubspot.com *.hsforms.com *.hsforms.net *.googletagmanager.com *.doubleclick.net job-boards.greenhouse.io secure.ethicspoint.com; object-sr
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (4)

Linked from (4)