indexo.dev

voiio.app

.app crawl

First seen 2026-04-22 · Last seen 2026-05-12 · ok HTTP/1.1 200 1173 ms crawled 2026-05-15

US · 76.223.11.49 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Anmelden | voiio – №1 in Work-Life-Balance
Language
de

Open Graph

url
https://voiio.app/accounts/login/
locale
de
site name
voiio – №1 in Work-Life-Balance

Technology

Server
Heroku
CMS
Gatsby

Third-party hosts loaded (1)

  • voiio-platform-production.s3.amazonaws.com×1

Contact

Phone

DNS records live

NS
  • dns1.registrar-servers.com
  • dns2.registrar-servers.com
MX
  • 1 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 4 TXT records
  • zoom-domain-verification=ZOOM_verify_4d5549b567e34d9da5ca7cb3b219f8fa
  • brevo-code:dd4ba0d30b6c84e95acf5c91f98a5ede
  • google-site-verification=XRuJd_XcDc2kBNFb-A7H8qGN-7mTpuRvccTpLSKCPIw
  • google-site-verification=fLnHFDhHYDIkPtgX2-5CCBfvXuXqIlZNTJdOWFBVRX8

Email authentication strong

SPF
v=spf1 include:_spf.google.com include:eu-west-1.ses.outbound-mail.voiio.app ip4:172.246.5.94 include:brevo.outbound-mail.voiio.app ~all
softfail (~all)
DMARC
v=DMARC1;p=reject;pct=100;adkim=r;aspf=r;rua=mailto:dmarc@6njmce3t.uriports.com,mailto:dmarc@mailinblue.com!10m; ruf=mailto:dmarc@6njmce3t.uriports.com,mailto:dmarc@mailinblue.com!10m; rf=afrf; fo=1:d:s
policy: reject (enforced)
DKIM
  • mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed

Certificate (current)

E8
from 2026-04-20 to 2026-07-19
Expires in 61 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://voiio.app/accounts/login/?next=/

present
  • strict-transport-security
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • cross-origin-opener-policy
findings
  • missing Content Security Policy
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
cross-origin-opener-policy
same-origin
content-security-policy-report-only
default-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self' *.hsforms.com; frame-ancestors 'self'; connect-src 'self' data: wss://*.pusher.com *.userback.io *.pusher.com wss://*.whereby.com sentry.io *.sentry.io *.merge.dev *.algolia.net *.algolianet.com *.algolia.io *.google.com *.google.de *.google.fr *.google.pl *.google.dz *.google.es *.google.hr *.hotjar.com *.hotjar.io wss://*.hotjar.com voiio-platform-production.s3.amazonaws.com d4lcijkrsdlcw.cloudfront.net cdn.dasonlinefitnessstudio.de api.mapbox.com *.posthog.com c.ba.contentsquare.net in-automate.brevo.com *.hsforms.net *.hsforms.com *.hubspot.com *.hubdeadletterforms.net *.hscollectedforms.net *.hubapi.com; font-src 'self' data: fonts.gstatic.com *.userback.io *.hotjar.com; frame-src 'self' data: *.google.com *.google.de *.google.fr *.google.pl *.google.dz *.google.es *.google.hr *.whereby.com whereby.com *.merge.dev *.youtube-nocookie.com voiio-platform-production.s3.amazonaws.com voiio-content.s3.eu-west-1.a

Links to (1)

Linked from (1)