brights.io

.io crawl

First seen 2026-04-28 · Last seen 2026-05-18 · ok HTTP/1.1 200 1530 ms crawled 2026-05-05

US · 188.114.97.3 · AS13335 Cloudflare, Inc.

Reputation 95/100 weak security headers

sector tech type homepage

HTML metadata

Title

Tech partner for SaaS, web, and mobile development | Brights

Description

Brights is a software development agency creating scalable SaaS, web, and mobile platforms, MVPs, and AI-powered solutions for startups and enterprises.

Language

en-US

Canonical

https://brights.io/

Translations

Open Graph

url: https://brights.io/
logo: https://brights.io/images/schema-logo.png
title: Tech partner for SaaS, web, and mobile development | Brights
description: Brights is a software development agency creating scalable SaaS, web, and mobile platforms, MVPs, and AI-powered solutions for startups and enterprises.

Technology

CDN: Cloudflare

Analytics

Amplitude

Third-party hosts loaded (5)

a.storyblok.com×45
cdn.amplitude.com×2
images.dmca.com×2
analytics.ahrefs.com×1
js.hs-scripts.com×1

Social

Contact

Address: 86 Hoza street, office 410, 00-682, Warsaw, Poland

DNS records live

NS

ali.ns.cloudflare.com
simon.ns.cloudflare.com

MX

Show 7 MX records

1 aspmx.l.google.com
10 aspmx2.googlemail.com
10 aspmx3.googlemail.com
10 mxa.eu.mailgun.org
10 mxb.eu.mailgun.org
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

v=spf1 include:_spf.google.com include:spf.mandrillapp.com include:mailgun.org ~all

Verified for

Anthropic
Google
Microsoft 365

Certificate (current)

WE1

from 2026-04-05 to 2026-07-04

Expires in 44 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://brights.io/

present

content-security-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: default-src 'self'; base-uri 'self'; object-src 'none'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com https://region1.google-analytics.com https://static.hotjar.com https://assets.apollo.io https://s3-us-west-2.amazonaws.com https://cdn.amplitude.com https://analytics.ahrefs.com https://images.dmca.com https://js.hs-scripts.com https://js.hs-banner.com https://js.hs-analytics.net https://js.hscollectedforms.net https://googleads.g.doubleclick.net https://pagead2.googlesyndication.com https://snap.licdn.com https://script.hotjar.com https://static.cloudflareinsights.com https://static.brights.io https://challenges.cloudflare.com https://app.storyblok.com https://b-code.liadm.com http://js.hs-scripts.com; style-src 'self' 'unsafe-inline' https://static.brights.io https://fonts.googleapis.com; img-src 'self' data: https://static.hotjar.com https://assets.apollo.io https://s3-us-west-2.amazonaws.co

Links to (7)

Linked from (1)

leave-russia.org×2