indexo.dev

scaletrains.com

.com crawl

First seen 2026-06-03 · Last seen 2026-06-04 · ok HTTP/1.1 200 1056 ms crawled 2026-06-03

US · 151.101.193.124 · AS54113 Fastly, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Homepage
Language
en

Technology

CMS
Gatsby
Analytics
  • Google Tag Manager
Ads
  • Google AdSense
Fonts
  • Google Fonts
Social widgets
  • YouTube Embed

Third-party hosts loaded (5)

  • fonts.googleapis.com×2
  • www.googletagmanager.com×2
  • pagead2.googlesyndication.com×1
  • static.klaviyo.com×1
  • www.youtube.com×1

Social

Contact

Email
Phone

Registration

Registrar
GoDaddy.com, LLC
Created
1997-11-10
Expires
2033-11-09 2714 days left
Updated
2023-11-10
Name servers
  • apollo.ns.cloudflare.com
  • celeste.ns.cloudflare.com

DNS records live

NS
  • apollo.ns.cloudflare.com
  • celeste.ns.cloudflare.com
MX
  • 10 aspmx.l.google.com
  • 20 alt1.aspmx.l.google.com
  • 30 alt2.aspmx.l.google.com
  • 40 aspmx2.googlemail.com
  • 50 aspmx3.googlemail.com
TXT
  • klaviyo-site-verification=hnq4B2
Verified for
  • Google

Email authentication partial

SPF
v=spf1 include:spf.mandrillapp.com include:_spf.google.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=website@scaletrains.com
policy: none (monitoring only)
DKIM
  • google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXR+svEPbwSMIlxRso9L7YFIuKtIHoa0mOWqxCZkDrH9CKyjylqfCNXuH/zZTXZPwwwkAiLhbNvWv97b6tOT…
selectors probed

Certificate (current)

R13
from 2026-04-15 to 2026-07-14
Expires in 39 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.scaletrains.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
font-src fonts.gstatic.com use.typekit.net *.googleapis.com *.gstatic.com data: *.braintreegateway.com *.googletagmanager.com *.amazonaws.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.paypal.com *.google-analytics.com *.authorize.net *.cardinalcommerce.com *.yotpo.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.gstatic.com *.googleapis.com *.braintreegateway.com *.googletagmanager.com *.amazonaws.com *.amazon.com *.amazon.co.uk *.amazon.co.j
strict-transport-security
max-age=31536000

Links to (8)

Linked from (2)