narrative.io

HTML metadata

Title: Drive growth with AI-Enabled Data Collaboration
Description: The world’s most powerful data collaboration platform, interoperable across all platforms and industries.
Language: en

Open Graph

url: https://www.narrative.io/
title: Drive growth with AI-Enabled Data Collaboration
description: The world’s most powerful data collaboration platform, interoperable across all platforms and industries.

Technology

CDN: Cloudflare
CMS: Nuxt

Analytics

Cloudflare Insights

Third-party hosts loaded (1)

static.cloudflareinsights.com×1

DNS records live

NS

ns-1467.awsdns-55.org
ns-1916.awsdns-47.co.uk
ns-380.awsdns-47.com
ns-654.awsdns-17.net

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

cloudflare_dashboard_sso=725d4928cf8c5aa06b01f7e55995f1de
tiktok-developers-site-verification=6Czxdk9AIDxAu9ePegy6wa1y0ag98tQP

Verified for

Ahrefs
Apple
Google

Email authentication strong

SPF

v=spf1 include:_spf.google.com include:servers.mcsv.net include:amazonses.com include:5430756.spf02.hubspotemail.net include:spf.mandrillapp.com include:sendgrid.net ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; pct=100; rua=mailto:re+ybdb30dqofd@dmarc.postmarkapp.com; sp=none; aspf=r;

policy: reject (enforced) · sp=none

DKIM

Show 5 DKIM selectors

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbsccJMkmGFlRLrpop8f1YAGdL3PPyfj6fJ58Wj6q2Vez5c2kfIB/9jMhx5xIX0VUmbQOV7dAYynSEkByqCE…
k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8YIw3KqwNvkVuKwJT1q+52eiSdma2Sve3D4A98eLBa34skV/7JBp1LakJSu/oGhZsko/a7WXucdOxpIC5s…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCjKrX50GIvfDGwwR1tORsHenhUnmEijvjbdS1rkJv751a7UX7H+H/1YoyxU7LtZ8AQl48sGp9Z/PE3BkgFw6eLOH…
smtpapi: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…

selectors probed

Certificate (current)

Amazon RSA 2048 M01

from 2025-11-20 to 2026-12-19

Expires in 212 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.narrative.io/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
permissions-policy: geolocation=(), camera=(), microphone=()
x-content-type-options: nosniff
content-security-policy: base-uri 'self'; default-src 'self' https://narrative.io https://*.narrative.io https://*.cloudflareinsights.com wss://*.narrative.io wss://*.narrativetitan.workers.dev; style-src 'self' https://narrative.io https://*.narrative.io 'unsafe-inline'; style-src-elem 'self' https://narrative.io https://*.narrative.io 'unsafe-inline'; img-src 'self' https://narrative.io https://*.narrative.io https://*.ftcdn.net data:; script-src-elem 'self' https://narrative.io https://*.narrative.io https://*.cloudflareinsights.com 'unsafe-inline'; font-src 'self' https://narrative.io https://*.narrative.io; connect-src 'self' https://narrative.io https://*.narrative.io https://api.hsforms.com ws://*.narrative.io ws://*.narrativetitan.workers.dev; frame-src https://*.arcade.software https://www.youtube.com https://www.youtube-nocookie.com; form-action self; upgrade-insecure-requests; frame-ancestors 'none'; object-src 'none'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: same-origin