clearstreet.io

HTML metadata

Title: Clear Street — Speed, Transparency and Scale for Sophisticated Investors.™
Description: Speed, Transparency and Scale for Sophisticated Investors.™

Open Graph

url: http://localhost:3000/
title: Clear Street — Speed, Transparency and Scale for Sophisticated Investors.™
site name: Clear Street — Speed, Transparency and Scale for Sophisticated Investors.™
description: Speed, Transparency and Scale for Sophisticated Investors.™

Technology

CDN: Vercel
CMS: Nuxt

Social

Contact

Phone

(646) 845-0036

Address

St Floor 45 New York, NY 10007

DNS records live

NS

curt.ns.cloudflare.com
sandy.ns.cloudflare.com

MX

1 us-smtp-inbound-1.mimecast.com
5 us-smtp-inbound-2.mimecast.com

TXT

Show 40 TXT records

google-site-verification=NAwaR22jdSmGpcwHimowLPvYpP9cqwq22RWD12lXhZM
onetrust-domain-verification=dc2cd93a43d24949994e7c024a598c5d
e0ec453e28e061cc58ac43f91dc2f3f0
slack-domain-verification=SizO5bZV3puHqsc7AVZZGIcHaOj7esxQXutsJi9V
DirectFedAuthUrl=https://clearstreet.okta.com/app/clearstreet_logicmonitor_1/exkqbh94xtzLNurrB697/sso/saml
facebook-domain-verification=8lrho6x4zj5lrgkg3z61b3kkl46wlo
cloudflare_dashboard_sso=a104af5cd14bc6feff6a71a839067ca4
_y4j0995ff0qq5gen6ymugvbohynn1sc
whimsical=0a46668c682cdd29fcf3eea3364b968eda7e3e6a
pylon-domain-verification-gnvq7n=ys1T0VkWRFHoHqclq6iG3zc4c
ZOOM_verify_df5pvdHqRvUpywteQGqiFN
jamf-site-verification=NFAWn2XLUROGUMLoH-V-KQ
apple-domain-verification=trDd71CP9lvV0zRp
396um6nnc2clcua3km3fgqksga
dropbox-domain-verification=stz1uxrvlmxg
hubspot-domain-verification=NzNlNTE4ZjktNGZmYi00ZTQ1LWFmYmQtNTQ4YjM0ZTdiZDVm
docusign=586bb9e2-3771-4367-8313-2fc6d5a67562
TAILSCALE-VUruJpo2UKNgr9p3YC73
pardot948032=057b73543a007424f67f0e24a45e6261aa50c0fbc6942c009c0247962adb8c6a
hubspot-developer-verification=MzYxYTA0NGYtNWYzNC00MGJlLWEwNGItZjUwNGNiYTA0Mzkx
figma-domain-verification=4ea5e13f8047f282e16e7a8053cd71cf180bc8a02d863f3e05c6605fae83821b-1745504653
asv=60333724c14a355993e639026ba5407c
sending_domain948032=7388afbc9f997eae5e7d502464fbf00fed934ec5a1cfd9d7aef830f3c693f07c
h1-domain-verification=u2gzeUiGdDw7EeaMLwY8f2gS7QKxNQeMBUvf5r5dAFq1B31c
miro-verification=d4fac076b35d3ae7dc02562c8d18dbcc94731da6
docker-verification=6dbcc4fa-b89d-4e2c-b801-06349843ef39
netdata-verification=ac826942-8607-4f85-89f2-687ebd721e1e
mscid=OJ38dcLzJVpUx5sgN6xb1DydiqgNuq9FfYpOwHEd525dqDeMaueP7xCAJeJYen/k5aTvbPjiBzvz5D0Zcopjrg==
notion_verify_kTXLux~:!vh#q-z#gZNw=.zk!D@8VHAV=n6k^Y4h89Y@QokkQFKAA!,a9r)m,dA1Gy_P3)
google-site-verification=WBQwxl7IWkdQ-U2te-6QjeXUIccMjZQccZHwzN9w9C8
zapier-domain-verification-challenge=3d88d7c9-0ff4-42eb-8e96-aeb9cc83f066
atlassian-domain-verification=70yJPk3P6uJJ3/k8ehK7UkoOm5QY6rHFIERJVUVKIo6uw183kgoW273KVJnlHwKO
proxy-ssl.webflow.com
Whimsical=b0b9bdb59793f9a1b5dd7b91cbc15b85c8997ff2
0ed1fe018a7cd3613458da44c1ae00e5043dcfacbf
openai-domain-verification=dv-c25nBlcBRJPpqtNjUCPhrHmT
mongodb-site-verification=jtT3827YCs7dvM9wwRSN7ApKFDEfhp4w
js0aolqa3127sahtl11g8jaelh
anthropic-domain-verification-00y0fp=X1mJtdlqKzDdPat73LlCdMqI2
brevo-code:a4e935b1469e30bfef3fc9cd150ac9c9

Email authentication strong

SPF

v=spf1 include:us._netblocks.mimecast.com include:_spf.google.com include:amazonses.com include:_spf.bluematrix.com include:_spf.salesforce.com include:49689956.spf02.hubspotemail.net ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:9d364e34f6a446bfb1cbcb25cafc349c@dmarc-reports.cloudflare.net,mailto:66f2157c4cd2349@rep.dmarcanalyzer.com; ruf=mailto:66f2157c4cd2349@for.dmarcanalyzer.com; fo=1;

policy: reject (enforced)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf2d30QscRrFw+t+zRwlbywUyZJEJLQVAuJ66ny2RGF6d6vmdDqKUbqtc3tY6hHR14NsZsUrosMXKw…
mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

R12

from 2026-04-28 to 2026-07-27

Expires in 69 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.clearstreet.io/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
permissions-policy: camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=()
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; font-src 'self' data:; form-action 'self'; frame-ancestors 'self' https://*.spotify.com; img-src 'self' data: blob: data: *.sanity.io vercel.com userway.org *.userway.org imgsct.cookiebot.com https:; object-src 'none'; script-src-attr 'none'; style-src 'self' vercel.live 'unsafe-inline' userway.org *.userway.org cdnjs.cloudflare.com tags.srv.stackadapt.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://vercel.live https://apis.google.com https://www.google.com/recaptcha/api.js https://www.gstatic.com centerpointsecurities.com https://centerpointsecurities.com *.withburo.com stats.withburo.com userway.org *.userway.org js.hs-scripts.com *.hs-scripts.com https://www.googletagmanager.com https://www.googletagmanager.com/gtm.js https://www.google-analytics.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://analytics.madebyburo.com https://www.redditstatic.com/ads/pixel.js https://tags.srv.stackadapt.com https://connect.facebook.net https:/
strict-transport-security: max-age=15552000; includeSubDomains;
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: same-origin

Links to (6)

Linked from (2)

centerpointsecurities.com×2
dastrader.com×2