indexo.dev

membership.io

.io crawl

First seen 2026-04-15 · Last seen 2026-05-16 · ok HTTP/1.1 200 2762 ms crawled 2026-05-10

US · 216.150.1.1 · AS16509 Amazon.com, Inc.

Reputation 100/100

sector tech type homepage

HTML metadata

Title
Membership.io | The best online platform for your membership business
Description
Start, run, and grow your membership on the dedicated platform for your content and community — built by membership owners for memberships.
Language
en

Open Graph

title
Membership.io | The best online platform for your membership business
description
Start, run, and grow your membership on the dedicated platform for your content and community — built by membership owners for memberships.

Technology

CDN
Vercel
CMS
Nuxt
Analytics
  • Google Tag Manager
Fonts
  • Adobe Fonts

Third-party hosts loaded (6)

  • use.typekit.net×2
  • cdn.firstpromoter.com×1
  • js.chargebee.com×1
  • js.hs-scripts.com×1
  • p.typekit.net×1
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • bob.ns.cloudflare.com
  • pam.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 4 TXT records
  • zoom-domain-verification=ZOOM_verify_b1202f584f7346f1b8fd762ae213ef80
  • facebook-domain-verification=pkrqu590iikur8yeony18tcd82zhk7
  • google-site-verification=6f7nly5c_d8qBRH0g5tdnNOB0Nnnzf8gmaG8T9AC3rg
  • google-site-verification=SFgbwr7_kYQAJQOJIM3tGgE5IjfnsZwadebnnMIOC60

Email authentication strong

SPF
v=spf1 include:_spf.google.com include:23365482.spf52.hubspotemail.net -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; pct=30; rua=mailto:dmarc@searchie.io; ruf=mailto:dmarc@searchie.io; fo=1;
policy: quarantine · pct=30
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-05-01 to 2026-07-30
Expires in 71 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://membership.io/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(), microphone=(), camera=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.membership.io https://*.google-analytics.com https://*.googletagmanager.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:; script-src-elem 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' https:; img-src 'self' data: https: blob:; font-src 'self' data: https:; connect-src 'self' https: wss:; frame-src 'self' https:; object-src 'none'; base-uri 'self'
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (6)

Linked from (7)