mantrachain.io

HTML metadata

Title

EVM-Compatible Layer 1 Blockchain for Real World Assets | MANTRA

Description

MANTRA offers a permissionless chain for the tokenization and trading of real world assets (RWAs) in accordance with regulatory requirements.

Language

en

Translations

ar
en
es
id
ja
ko
pt
ru
th
tr
vi

Open Graph

title: EVM-Compatible Layer 1 Blockchain for Real World Assets | MANTRA
description: MANTRA offers a permissionless chain for the tokenization and trading of real world assets (RWAs) in accordance with regulatory requirements.

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Ads

Xandr

Third-party hosts loaded (6)

cdn.prod.website-files.com×128
cdn.jsdelivr.net×6
cdn.weglot.com×1
d3e54v103j8qbb.cloudfront.net×1
ib.adnxs.com×1
www.googletagmanager.com×1

Social

DNS records live

NS

nelci.ns.cloudflare.com
rob.ns.cloudflare.com

MX

100 aspmx.l.google.com
200 alt1.aspmx.l.google.com
200 alt2.aspmx.l.google.com
500 alt3.aspmx.l.google.com
500 alt4.aspmx.l.google.com

TXT

keybase-site-verification=33494sksWVsHx6h80gcZpB_RVakN_ihkloC8aq2wa70
klaviyo-site-verification=QNKZKX
wiz-domain-verification=e65f9d4a43d4491f3a11c72dd05286ee374214b20542744f1c3146ff54abfd0d

Verified for

1Password
Anthropic
Apple
Atlassian
Google
Microsoft 365
Slack

Email authentication strong

SPF

v=spf1 include:_spf.google.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:01b7ec1379604fb6b667c7b857b5855e@dmarc-reports.cloudflare.net;

policy: reject (enforced)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSzrFR2+g5gvHsrVAhHGperG3qMcy+dw1gETob8FH8A4agVVYA+pclbcXG70Wb4NqZTuvQRnW8qSE/…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2X/OyXDbFEk7i/Q2FgiUFuFPH+LvmYA0/XjaP7aGEF234w0tRIqEY8VApPzCaOPX8DdyGnqLRAmYrnd9BM…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/z8xPGi5xYM3YsI8Mkn4xvIoeN7F5JNVJGRJXAYDjzSMnuEPKLWuUMTznTeNdx2yxEW29XQhfYrgXRBVrq…

selectors probed

Certificate (current)

WE1

from 2026-05-04 to 2026-08-02

Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://mantrachain.io/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.website-files.com https://*.google-analytics.com https://cdn.jsdelivr.net https://www.google.com https://www.googletagmanager.com https://s.yimg.com https://static.ads-twitter.com https://acdn.adnxs.com https://*.weglot.com https://*.cloudfront.net https://static.cloudflareinsights.com https://*.gstatic.com https://*.doubleclick.net https://unpkg.com https://challenges.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.website-files.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://*.weglot.com; img-src 'self' https: data:; media-src 'self' https://*.website-files.com; font-src 'self' https://*.website-files.com https://fonts.gstatic.com data:; connect-src 'self' https://*.google-analytics.com https://*.google.com https://*.weglot.com https://*.website-files.com https://cdn.jsdelivr.net https://s.yimg.com https://ib.adnxs.com https://*.webflow.com https://challenges.cloudflare.com; fra
strict-transport-security: max-age=31536000; includeSubDomains