indexo.dev

firstup.io

.io crawl

First seen 2026-05-01 · Last seen 2026-05-15 · ok HTTP/1.1 200 564 ms crawled 2026-05-08

US · 216.150.1.1 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Firstup: The Intelligent Communication Platform
Description
Reach every employee, engage every audience, and prove the impact of your communication with Firstup’s all-in-one platform.
Language
en
Canonical
https://firstup.io/

Open Graph

url
https://firstup.io/
title
Firstup: The Intelligent Communication Platform
description
Reach every employee, engage every audience, and prove the impact of your communication with Firstup’s all-in-one platform.

Technology

CDN
Vercel
CMS
WordPress
Analytics
  • Google Tag Manager

Third-party hosts loaded (3)

  • cdn.sanity.io×57
  • www.bugherd.com×1
  • www.googletagmanager.com×1

Social

Contact

Address
123 Mission Street, 25th Floor, 94105, San Francisco, CA, US

DNS records live

NS
  • kristin.ns.cloudflare.com
  • leland.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 24 TXT records
  • adobe-idp-site-verification=02936550ea2a0324401fe4fb5fc37931caf3077e0436ba999fee0f56884685aa
  • Probely=98bb06b4-1a20-4c10-ad97-f3cbe7e88300
  • docusign=6857ccd1-cd63-4736-ad69-88beb720b31a
  • reachdesk-verification=b6YTM2NjEiQpVzY65oC4Jzh0P4Y4eTuaXi98FnIcVAttnYvtNNX8gOrLSv7Qwych
  • pendo-domain-verification=9mMUtVVGpsHwd_nAuqNUuBGKLVY
  • google-site-verification=Nxq1ZCOyWEBseVObSIA5s3xJu5zS1xTXN2CsTGptdwo
  • 8364b44e-a45f-48fa-a0ec-5b9b2a87380c
  • 48B2870163
  • anthropic-domain-verification-ahvr5m=z3FsUagdJcH40okWYw3uKE5g3
  • dropbox-domain-verification=eelpqws6k9wl
  • zapier-domain-verification-challenge=d02afe33-ba14-4347-b4f1-8ff099a4154b
  • easydmarc-verification:a580eb67-0dc9-4cc0-b444-cfaf84b4b29c
  • canva-site-verification=v3-qNS7O8N7QLgW6WMbJDg
  • openai-domain-verification=dv-FXEye4HbBkWBHGjO0FMMzEhZ
  • paloaltonetworks-site-verification=c6a82ab92d1fed5e81f5515eb2ee8a2f2cac8f02b23f9ee989a63a7d6872945e
  • bitrise-verification=6301854412edd285-iFdKCBu-8k5Zreachdesk-verification=b6YTM2NjEiQpVzY65oC4Jzh0P4Y4eTuaXi98FnIcVAttnYvtNNX8gOrLSv7Qwych
  • google-site-verification=IZYmZcYGrcnzlHeQpIPCHBv0W_V4NsQX1mzuDMsiBe0
  • _uvr5wo4x7rssjosgqc92rvjhttnb9c4
  • atlassian-domain-verification=I7RvXj6Zvks6tkxmFHBiHYjrVUdBQcz7mha//H3BUIiWqFl4Ic19XkkRVPaNbLnb
  • drift-domain-verification=118b337f997ce4d4fb6d4b96a11d3a0dc8bcfc97643c15d8fd6aac4eb5cb6e2a
  • pendo-domain-verification=5ed9cc95-d40a-449d-94f3-6f5c9c6586b3
  • jamf-site-verification=7R6rjiLwOMBln__wdam31Q
  • _cbc-idp-site-verification-35c7ac=5d8c6734e0b88f18124171e872f2412ea38945b2d2803cd7fc02888ca3590992
  • cloudhealth=72a48f7f-83c6-4dc4-9624-36fc86095b55

Email authentication strong

SPF
v=spf1 include:_spf.firstup_io._d.easydmarc.pro -all
strict (-all)
DMARC
v=DMARC1;p=reject;pct=100;rua=mailto:e27086e342@rua.easydmarc.us,mailto:dmarc@firstup.io;ruf=mailto:e27086e342@ruf.easydmarc.us,mailto:dmarc@firstup.io;ri=86400;fo=0;
policy: reject (enforced)
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPAXEkMU1rattd8ij6BWZ66k2IL+R4EAcatjWxTFpwVa2hcGp7eqP90dUlsFAewHzfrFi+28r5FWou…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8vJ6fT9UOJjowHcwlzlDiIjDOY5uJnatkXUcABqL660Alre2iu5Dcl99XERRJ3PI0KJa9W9j4dwqscalG…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDM4qYnwIJSfGN79Lce2HYG7i90m9VUa6G9oJXeosofkoTucmBscPVSBCqFiDWvpS9gahpq10VaozKaRDjJRWyA5W…
selectors probed

Certificate (current)

R13
from 2026-03-18 to 2026-06-16
Expires in 28 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://firstup.io/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
camera=(), microphone=*, geolocation=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.wistia.com https://*.wistia.net https://*.vimeo.com https://*.vimeocdn.com https://*.youtube.com https://*.youtube-nocookie.com https://*.googlevideo.com https://cdn.sanity.io https://consentcdn.cookiebot.com https://*.bugherd.com ws.pusherapp.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.wistia.com https://*.wistia.net https://src.litix.io https://*.vimeo.com https://*.youtube.com https://www.youtube.com https://*.googletagmanager.com https://tagmanager.google.com https://browser.sentry-cdn.com https://*.firstup.io https://*.bugherd.com https://js.storylane.io https://ssl.google-analytics.com https://code.jquery.com https://ws.pusherapp.com https://consent.cookiebot.com https://*.pusher.com https://*.marketo.com https://dx.mountain.com https://www.redditstatic.com https://www.clickcease.com https://*.stackadapt.com https://cdn.jsdelivr.net https://snap.licdn.com https://qvdt3feo.com https://px.mountain.com https://*.doubleclick.net
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (1)

Linked from (2)