notion.com

.com toplist crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 2243 ms crawled 2026-05-18

US · 208.103.161.2 · AS33191 Notion Labs, Inc.

Reputation 100/100

Classifying

HTML metadata

Title

The AI workspace that works for you. | Notion

Description

Build Custom Agents, search across all your apps, and automate busywork. The AI workspace where teams get more done, faster.

Language

en-us

Canonical

https://www.notion.com/

Translations

ar
de
en
en-gb
es
es-es
fr
he
id
ja
ko
pt
th
vi
zh
zh-tw

Open Graph

url: https://www.notion.com/
title: The AI workspace that works for you. | Notion
locale: en-US
site name: Notion
description: Build Custom Agents, search across all your apps, and automate busywork. The AI workspace where teams get more done, faster.

Technology

CDN: Cloudflare
CMS: Joomla

Third-party hosts loaded (2)

images.ctfassets.net×20
videos.ctfassets.net×2

Social

Registration

Registrar

Amazon Registrar, Inc.

Created

1997-10-06

Expires

2033-10-05 2695 days left

Updated

2026-05-16

Name servers

dana.ns.cloudflare.com
woz.ns.cloudflare.com

DNS records live

NS

dana.ns.cloudflare.com
woz.ns.cloudflare.com

MX

0 smtp.secureserver.net
10 mailstore1.secureserver.net

TXT

Show 7 TXT records

google-site-verification=tqASjjztbEJ9II6pE7ZItRP5iVmkhNU-iF2_xbHRndc
postman-domain-verification=a713ed7f186c1901e299d55957b0e1bdfaf8f7d5aff31fbc6d49765defe5e190ab5c217a736b4ad45c553409b5b9d519977eb68ba3db733891949c1d456fdb71
proxy-ssl.webflow.com
v=MCPv1; k=ed25519; p=wv6IKlrIuEu00zHS//f5iBxZtZGb+UYuqaRlrg3CEY4=
_k0agcdke41snjx7ss80rut5biowk800
google-site-verification=-rrcdVtUe-ikX5m1TXuYPXNJCC16vUgxXzZgB5138C8
google-site-verification=nZoLSfH2fUzqMya0O0pqBwWkD8cnu8qBpmp66wBGHD8

Email authentication strong

SPF: v=spf1 include:mktomail.com ~all
softfail (~all)
DMARC: v=DMARC1; p=reject
policy: reject (enforced)
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-05-16 to 2026-08-14

Expires in 86 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.notion.com/

present

strict-transport-security
content-security-policy
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://cdn.amplitude.com https://api.amplitude.com https://dev-embed.notion.co https://embed.notion.co https://static.zdassets.com https://api.smooch.io https://solve-widget.forethought.ai https://decagon.ai https://sierra.chat https://http-inputs-notion.splunkcloud.com https://*.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://ucv.bynder.com https://js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com https://accounts.google.com https://vimeo.com https://player.vimeo.com https://youtube.com https://www.youtube.com https://app.cal.com https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://cdn.metadata.io https://platformapi.metadata.io https://api-gw.metadata.io https://cdn.cr-relay.com https://d2hrivdxn8ekm8.c
strict-transport-security: max-age=31536000; includeSubDomains; preload