indexo.dev

scalis.ai

.ai crawl

First seen 2026-05-31 · Last seen 2026-06-01 · ok HTTP/1.1 200 956 ms crawled 2026-06-01

US · 16.59.249.233 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
SCALIS | Hiring Shouldn't Suck
Description
The world's first fully-integrated ATS & job board. Connect qualified candidates with relevant companies through our innovative platform.
Language
en
Canonical
https://scalis.ai

Open Graph

title
SCALIS | Hiring Shouldn't Suck
site name
SCALIS
description
The world's first fully-integrated ATS & job board. Connect qualified candidates with relevant companies through our innovative platform.

Technology

CMS
Next.js
Analytics
  • Google Tag Manager
Ads
  • Google AdSense
Social widgets
  • Vimeo Embed
Third-party hosts loaded (9)
  • scalis-assets.s3.us-east-2.amazonaws.com×26
  • kit.fontawesome.com×3
  • embeds.beehiiv.com×2
  • www.googletagmanager.com×2
  • apis.google.com×1
  • js-na1.hs-scripts.com×1
  • ka-f.fontawesome.com×1
  • pagead2.googlesyndication.com×1
  • player.vimeo.com×1

Social

Contact

Email

DNS records live

NS
  • ns-1118.awsdns-11.org
  • ns-1573.awsdns-04.co.uk
  • ns-295.awsdns-36.com
  • ns-715.awsdns-25.net
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
Verified for
  • Google

Email authentication partial

SPF
v=spf1 include:_spf.google.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none; sp=none; pct=100; rua=mailto:bradon@scalis.ai;
policy: none (monitoring only) · sp=none
DKIM
no key found at common selectors

Certificate (current)

Amazon RSA 2048 M04
from 2025-07-10 to 2026-08-09
Expires in 68 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://scalis.ai/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' 'self' http://localhost:1730 ably-realtime.com *.ably-realtime.com ably.io *.ably.io adtrafficquality.google *.adtrafficquality.google akamaihd.net *.akamaihd.net amazonaws.com *.amazonaws.com ampproject.org *.ampproject.org appcast.io *.appcast.io api.knock.app *.api.knock.app beehiiv.com *.beehiiv.com browser-intake-datadoghq.com *.browser-intake-datadoghq.com cdnjs.cloudflare.com *.cdnjs.cloudflare.com cloudconvert.com *.cloudconvert.com crunchbase.com *.crunchbase.com crunchbase.com *.crunchbase.com doubleclick.net *.doubleclick.net embeddable.com *.embeddable.com fontawesome.com *.fontawesome.com githubusercontent.com *.githubusercontent.com google-analytics.com *.google-analytics.com google.com *.google.com googleapis.com *.googleapis.com googlesyndication.com *.googlesyndication.com googletagmanager.com *.googletagmanager.com gstatic.com *.gstatic.com hellosign.com *.hellosign.com cdn.hellosign.com *.cdn.hellosign.com honey.io *.honey.io
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (3)

Linked from (1)