graviscapital.com

.com crawl

First seen 2026-05-08 · Last seen 2026-05-15 · ok HTTP/1.1 200 4211 ms crawled 2026-05-15

US · 104.21.38.214 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title

Gravis | Home

Description

Experts in infrastructure and real estate. We invest for the long-term and believe the most reliable returns are linked to assets critical to the economy.

Language

Canonical

https://www.graviscapital.com

Feeds

RSS Feed RSS

Open Graph

url: https://www.graviscapital.com
title: Home
locale: en_GB
see also: https://twitter.com/graviscapital
site name: Gravis
description: Experts in infrastructure and real estate. We invest for the long-term and believe the most reliable returns are linked to assets critical to the economy.

Technology

CDN: Vercel
CMS: Next.js

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Contact

Email

contact.us@graviscapital.com

Registration

Registrar

Key-Systems GmbH

Created

2016-10-06

Expires

2027-10-06 503 days left

Updated

2025-11-29

Name servers

summer.ns.cloudflare.com
titan.ns.cloudflare.com

DNS records live

NS

summer.ns.cloudflare.com
titan.ns.cloudflare.com

MX

10 eu-smtp-inbound-1.mimecast.com
20 eu-smtp-inbound-2.mimecast.com

TXT

qrg7bj9ql37n91r1tv9qieduvc

Email authentication partial

SPF: v=spf1 ip4:79.173.146.226 include:servers.mcsv.net include:eu._netblocks.mimecast.com include:_spf.salesforce.com include:spmailtechnol.com include:spf.protection.outlook.com include:26850193.spf10.hubspotemail.net ~all
softfail (~all)
DMARC: v=DMARC1; p=none; sp=none; rua=mailto:watchdog4@watchdog.kevlarr.io; adkim=r; aspf=r;
policy: none (monitoring only) · sp=none
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-05-01 to 2026-07-30

Expires in 70 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.graviscapital.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: default-src 'self' cdn.graviscapital.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudflare.com *.hubspotfeedback.com feedback.hubapi.com js.adsrvr.org *.hs-scripts.com *.hsforms.com *.hsforms.net *.hsleadflows.net *.hscollectedforms.net cdn2.hubspot.net *.hubspot.net *.hs-banner.com *.usemessages.com static.hsappstatic.net *.hubspot.com js.hscta.net *.hsadspixel.net *.hs-analytics.net www.googletagmanager.com www.youtube.com player.vimeo.com maps.googleapis.com consent.cookiebot.com consentcdn.cookiebot.com *.flashtalking *.flipsnack.com www.google.com www.gstatic.com *.enterprise52.com enterprise52.com; style-src 'self' 'unsafe-inline' cdn2.hubspot.net fonts.googleapis.com *.flipsnack.com; img-src 'self' data: *.hsforms.com *.hsforms.net *.hubspot.net *.hubspot.com no-cache.hubspot.com imgsct.cookiebot.com js.hscta.net cdn.graviscapital.com maps.googleapis.com maps.gstatic.com i.vimeocdn.com googletagmanager.com www.googletagmanager.com *.podbean.com *.flashtalking.com *.f
strict-transport-security: max-age=63072000

Links to (3)

Linked from (1)

zeti.co.uk×1