scalable.capital
HTML metadata
Technology
- Server
- nginx
- Cookie consent
-
- Usercentrics
Third-party hosts loaded (8)
- de.scalable.capital×28
- assets.scalable.capital×7
- at.scalable.capital×2
- es.scalable.capital×2
- fr.scalable.capital×2
- it.scalable.capital×2
- nl.scalable.capital×2
- privacy-proxy.usercentrics.eu×1
Social
Registration
- Registrar
- Amazon Registrar, Inc.
- Created
- 2015-05-06
- Expires
- 2027-05-06 351 days left
- Updated
- 2026-04-29
- Name servers
-
- ns-1053.awsdns-03.org
- ns-780.awsdns-33.net
- ns-400.awsdns-50.com
- ns-1776.awsdns-30.co.uk
DNS records live
- NS
-
- ns-1053.awsdns-03.org
- ns-1776.awsdns-30.co.uk
- ns-400.awsdns-50.com
- ns-780.awsdns-33.net
- MX
-
- 1 aspmx.l.google.com
- 10 aspmx2.googlemail.com
- 10 aspmx3.googlemail.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- TXT
-
Show 12 TXT records
docusign=44252243-e5f4-40dc-a3ee-c64fa819194ffacebook-domain-verification=ywr2ecneal8qjo5uyavp42dugwdkqkgoogle-site-verification=0OBH3-IBr-J0KQCGa8MUA8D5cTdq2kVIzngLo4t3xI4google-site-verification=ZQ4elexszpiuaILy1ia8jR6yb5i3cOUnM5luGLoST_Qjamf-site-verification=xVpK_Ji4Ps3omG25jDi5Swopenai-domain-verification=dv-BKhGGe0dkmVLoCpHf60kWFQ5y7qmmsygrw535tprfn2g70qjxd2jf5ck4kwmk5kshf3kqbqqdfjr1bqgkzhx05ddMS=57CAA9641DC160FE26D2A9AE5B545FCE1A2AA831MS=ms28830165_634c0kmpcnmwvz89zf9otgaat8aavzjapple-domain-verification=Bpvo7WRNN8xhJBNq
Email authentication strong
- SPF
-
v=spf1 ip4:35.156.19.83 ip4:18.198.160.133 ip4:52.29.142.222 include:amazonses.com include:_spf.google.com include:spf.qualityclick.com include:spf.protection.outlook.com -allstrict (-all) - DMARC
-
v=DMARC1; p=quarantine; rua=mailto:sesmonitoring@scalable.capitalpolicy: quarantine - DKIM
-
- google:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVBEiPvUiZzJ6uaEdTVjOwe0977KFD9DPb8ojip8XdfC7LQhKB4aJq00lShwoX913hTut3vPqEOaZtKnDmhz… - k1:
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
selectors probed - google:
Certificate (current)
Amazon RSA 2048 M04
Expires in 177 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- cross-origin-opener-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Permissions Policy
Header values
- referrer-policy
same-origin- x-content-type-options
nosniff- content-security-policy
default-src 'self';font-src 'self';form-action 'self' https://*.scalable.capital;script-src-attr 'unsafe-inline';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://bat.bing.com https://static.ads-twitter.com https://pa.videobeat.net https://amplify.outbrain.com https://cdn.jsdelivr.net https://www.google-analytics.com https://*.cookiebot.com https://*.force.com https://snap.licdn.com https://secure.quantserve.com https://rules.quantcount.com https://www.googleoptimize.com https://*.salesforceliveagent.com https://scalablecap.my.salesforce.com https://scalablecap.my.salesforce-sites.com https://*.scalable.capital https://app.usercentrics.eu https://privacy-proxy.usercentrics.eu https://*.adjust.com;style-src https://scalablecap.secure.force.com https://service.force.com https://scalablecap.my.salesforce-sites.com 'self' 'unsafe-inline';img-src 'self' data: https://*.scalable.capital https://bat.bing.com https://pa.videobeat.net https://px.ads.linke- strict-transport-security
max-age=63072000; includeSubDomains- cross-origin-opener-policy
same-origin- cross-origin-resource-policy
same-site