indexo.dev

graphite.io

.io crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 1774 ms crawled 2026-05-18

US · 3.131.63.76 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Meet Your AI-Powered Growth Team // Graphite
Description
We help companies with AEO, SEO, programmatic, content strategy, and growth design.
Language
en
Generator
Webflow
Canonical
https://graphite.io

Technology

CDN
Cloudflare
Server
nginx
Fonts
  • Google Fonts
Third-party hosts loaded (9)
  • cdn.prod.website-files.com×21
  • cdn.jsdelivr.net×2
  • ajax.googleapis.com×1
  • cdn-cookieyes.com×1
  • cdn.embedly.com×1
  • d3e54v103j8qbb.cloudfront.net×1
  • fonts.googleapis.com×1
  • fonts.gstatic.com×1
  • unpkg.com×1

Social

DNS records live

NS
  • bonnie.ns.cloudflare.com
  • lakas.ns.cloudflare.com
  • ns-1000.awsdns-61.net
  • ns-1072.awsdns-06.org
  • ns-1953.awsdns-52.co.uk
  • ns-434.awsdns-54.com
MX
  • 1 smtp.google.com
  • 15 ie4a7rxibx3opb6sapdqqjxxuye6lrsji3kagitv4jgvewchoxya.mx-verification.google.com
TXT
  • atlassian-domain-verification=w/W0ciaeS16KCaIuATBgPbkzrqOp1U37hzsbpZ6cYJ5t/lZaWNDWVKHRFuzfACpd
  • google-site-verification=2bChTdMrBd3jhBM9gJVl72gmSWuOzLP8-2G0daM0jZ8

Email authentication partial

SPF
v=spf1 include:40209732.spf01.hubspotemail.net ~all
softfail (~all)
DMARC
v=DMARC1; p=none
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

Amazon RSA 2048 M04
from 2025-08-18 to 2026-09-17
Expires in 120 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://graphite.io/

present
  • strict-transport-security
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • missing Content Security Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
camera=(), microphone=(), geolocation=(), payment=()
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.prod.website-files.com https://cdn.segment.com https://widget.intercom.io https://js.intercomcdn.com https://d3js.org https://code.jquery.com https://cdn.datatables.net https://cdn.jsdelivr.net https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://snap.licdn.com https://connect.facebook.net https://bat.bing.com https://x.clearbitjs.com https://cdn.taboola.com https://analytics.graphite.io https://d3e54v103j8qbb.cloudfront.net; style-src 'self' 'unsafe-inline' https://js.intercomcdn.com https://cdn.datatables.net; img-src 'self' data: https:; font-src 'self' data: https://fonts.gstatic.com https://cdn.prod.website-files.com; connect-src 'self' https://*.segment.io https://*.segment.com https://*.sentry.io https://o898524.ingest.sentry.io https://api-iam.intercom.io https://*.intercom.io wss://nexus-websocket-a.intercom.io https://www.google.com https://analytics.google.com https://re

Links to (2)

Linked from (1)