indexo.dev

phases.io

.io crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 432 ms crawled 2026-05-30

FI · 37.27.135.61 · AS24940 Hetzner Online GmbH

Reputation 69/100 listed in spam blocklist dmarc partial coverage

Classifying

HTML metadata

Title
Phases.io | AI & Enterprise Software Development Company
Description
Phases.io is a digital agency delivering AI, Umbraco CMS & enterprise apps for global brands, governments & NGOs across the UK, USA & the Middle East.
Language
en

Open Graph

url
http://www.phases.io/
title
Phases.io – AI, Umbraco & Enterprise App Development for Global Brands
description
Phases.io is a digital agency delivering AI solutions, Umbraco CMS, and enterprise platforms for global brands, governments, and NGOs across the UK, USA & Middle East.

Technology

Server
BunnyCDN-DE1-1331
jQuery
3.0.0 known XSS (<3.5)
Analytics
  • Google Tag Manager
Cookie consent
  • Cookiebot
Third-party hosts loaded (7)
  • phases-media.b-cdn.net×64
  • ajax.aspnetcdn.com×3
  • analytics.ahrefs.com×1
  • analytics.phases.dk×1
  • consent.cookiebot.com×1
  • unpkg.com×1
  • www.googletagmanager.com×1

Social

Contact

Email
Phone
Address
Melby Enghavevej 64, 3370, Melby, DK

DNS records live

NS
  • erin.ns.cloudflare.com
  • yichun.ns.cloudflare.com
MX
  • 0 phases-io.mail.protection.outlook.com
Verified for
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; pct=20; rua=mailto:itdesk@phases.io
policy: quarantine · pct=20
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXDwGcSdInqNHiQ94+57PckhyUCD/WD3lfuY5dOaAs93mp1bWLhsQsFqCCxMMoh8TINYq+hmCaLxurFHuL…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDLnsjPxmQiKA25Ef9kifgUFJjRq+XHnlhC78vrGMtYdUFo0u9gxpdNRgqDSt6/lKb4TZtXY/yeXCca/3uuENilhl…
selectors probed

Certificate (current)

E7
from 2026-05-24 to 2026-08-22
Expires in 82 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.phases.io/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://unpkg.com *.unpkg.com *.umbraco.com *.cdn-cookieyes.com *.tawk.to *.cookiebot.com *.phases.io *.phases.dk *.bitkit.dk *.googletagmanager.com *.google.com *.gstatic.com *.aspnetcdn.com *.jsdelivr.net *.jquery.com *.addtoany.com *.cloudflare.com *.cloudflareinsights.com *.ahrefs.com *.matomo.phases.io matomo.phases.io; style-src 'self' 'unsafe-inline' *.googleapis.com *.typekit.net *.umbraco.com *.tawk.to *.cookiebot.com *.jsdelivr.net; connect-src 'self' *.umbraco.com *.phases.dk *.tawk.to *.cookiebot.com *.googletagmanager.com wss://vsb.tawk.to wss://tawk.to wss://*.tawk.to *.doubleclick.net *.google.com *.play.google.com *.google-analytics.com *.jquery.com *.bitkit.dk *.matomo.phases.io matomo.phases.io analytics.ahrefs.com *.b-cdn.net; font-src 'self' data: *.gstatic.com *.typekit.net *.umbraco.com *.tawk.to *.google.com; frame-src 'self' *.google.com *.umbraco.com *.cookiebot.com *.tawk.to *.youtube.com www.
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (2)

Linked from (1)