purple.io

.io crawl

First seen 2026-05-10 · Last seen 2026-05-10 · ok HTTP/1.1 200 884 ms crawled 2026-05-16

US · 76.76.21.21 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: 퍼플아이오 / Purple IO 🐄
Description: 퍼플아이오 / Purple IO 홈페이지입니다.
Language: ko

Open Graph

url: https://purple.io/
title: 퍼플아이오 / Purple IO 🐄
description: 퍼플아이오 / Purple IO 홈페이지입니다.

Technology

CDN: Vercel
CMS: Next.js

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (2)

fonts.gstatic.com×2
www.googletagmanager.com×1

DNS records live

NS

ns-1314.awsdns-36.org
ns-1926.awsdns-48.co.uk
ns-435.awsdns-54.com
ns-730.awsdns-27.net

MX

10 kr1-aspmx1.worksmobile.com
20 kr1-aspmx2.worksmobile.com

TXT

google-site-verification=CkMUqL7CB4lRTcdPuzCk2sU9M0S3TagjuVTcdi0MME8
atlassian-domain-verification=hNUwGaR/bgdiN3eIfswGdYg8sQaI8sgYXtMJxSlBdDtOvdHui/1GY7MMZhCaaAkl

Email authentication weak

SPF: v=spf1 include:spf.worksmobile.com ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

R12

from 2026-05-03 to 2026-08-01

Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://purple.io/

present

strict-transport-security
content-security-policy
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: img-src https: 'self' data: blob:; font-src https: 'self' data:; style-src https: 'unsafe-inline'; default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; connect-src https: 'self' wss:
strict-transport-security: max-age=63072000

Linked from (1)

ndatasystems.com×1