indexo.dev

sterlingcapital.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-04 · ok HTTP/1.1 200 1661 ms crawled 2026-05-07

US · 184.106.55.132 · AS32244 Liquid Web, L.L.C

Reputation 100/100

Classifying

HTML metadata

Title
Sterling Capital Management
Language
en
Canonical
https://sterlingcapital.com/

Technology

Server
Apache
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts
Third-party hosts loaded (13)
  • cdn.datatables.net×6
  • cdnjs.cloudflare.com×6
  • fonts.googleapis.com×2
  • stackpath.bootstrapcdn.com×2
  • www.googletagmanager.com×2
  • attbeacon.vettafi.com×1
  • beacon.etfflows.com×1
  • cdn-cookieyes.com×1
  • cdn.jsdelivr.net×1
  • code.jquery.com×1
  • fonts.gstatic.com×1
  • kit.fontawesome.com×1
  • unpkg.com×1

Registration

Registrar
CSC Corporate Domains, Inc.
Created
1997-07-12
Expires
2026-07-11 52 days left
Updated
2025-07-07
Name servers
  • udns1.cscdns.net
  • udns2.cscdns.uk

DNS records live

NS
  • udns1.cscdns.net
  • udns2.cscdns.uk
MX
  • 0 sterlingcapital-com.mail.protection.outlook.com
TXT
Show 8 TXT records
  • pardot1096693=26603752c7a1a25b1b029684046feb0ef43412057ced7a6737bd75de9ced0703
  • pardot1096693=3dd69e3fb5e8cd4d2bcaa34caa5b798e80dfd60d0351fff465c65b015f7282f1
  • pardot1096693=73d641fb46e98ecad1708dc775b14dfbbcc1b33b1ac7ee233fa39b32a4e45996
  • sending_domain1096693=a7fd192fb51a47466a1f9eb3f2827b7cd8b121a5448c9deda9e486b6e4bc97c2
  • cisco-ci-domain-verification=20f1e8ac7a741f834314ceba1061ae017f1d97d859a29424542148e257a98084
  • _570nnbgi1rnsy0ko1w1ov7q2ctdccu0
  • _k9k3k4kzaamba11oow173g5r25yo2i4
  • openai-domain-verification=dv-OzvOEWT1uSED6nH30LzfNGsH

Email authentication strong

SPF
v=spf1 include:_spf.sterlingcapital_com._d.easydmarc.pro -all
strict (-all)
DMARC
v=DMARC1;p=reject;rua=mailto:351403c644@rua.easydmarc.us,mailto:dmarc@sterlingcapital.com;ruf=mailto:351403c644@ruf.easydmarc.us,mailto:dmarc@sterlingcapital.com;fo=1;
policy: reject (enforced)
DKIM
Show 4 DKIM selectors
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA4/e2KeeBYjox+Qi/wmtyOjPyrWT8aorxUz2i3gBoAqghPpFaCRrf3BUzw43GDcy276Vuybc96Set…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoofSNBnhIDcBrO7jQQEmSeT2yaxUI4RXGpJVldN2RNxT0eTwuwiV6CE04lHXIKb7nNs0H1YCeaBjSU…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BXDdOz6Hdd8ieYLXJ32Fo0AUkgCUcpu8M54zn3OAjGdwaPIq48Gq23Le0T8mBBwpFHt/6SLdJ2kZqtost…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4QQtVZbhi+TWg5xediC1Z+XSJZmXWxeiM96sKoD5ALGcgpH30ZAb0heyo3gbmH8p76wqMrdnDw5LoEf1TQe3ij5…
selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36
from 2026-01-27 to 2027-02-27
Expires in 283 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://sterlingcapital.com/

present
  • strict-transport-security
  • content-security-policy
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; base-uri 'self'; frame-ancestors 'self'; object-src 'none'; upgrade-insecure-requests; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://kit.fontawesome.com https://code.jquery.com https://cdn.jsdelivr.net https://stackpath.bootstrapcdn.com https://cdnjs.cloudflare.com https://unpkg.com https://cdn.datatables.net https://cdn-cookieyes.com https://attbeacon.vettafi.com https://go.sterlingcapital.com https://beacon.etfflows.com https://extend.vimeocdn.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://gitcdn.github.io https://pi.pardot.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.rawgit.com https://stackpath.bootstrapcdn.com https://cdnjs.cloudflare.com https://unpkg.com https://cdn.datatables.net https://cdn.jsdelivr.net https://ajax.googleapis.com https://gitcdn.github.io; img-src 'self' dat
strict-transport-security
max-age=31536000; preload
content-security-policy-report-only
default-src 'self'; base-uri 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://kit.fontawesome.com https://code.jquery.com https://cdn.jsdelivr.net https://stackpath.bootstrapcdn.com https://cdnjs.cloudflare.com https://unpkg.com https://cdn.datatables.net https://cdn-cookieyes.com https://attbeacon.vettafi.com https://go.sterlingcapital.com https://beacon.etfflows.com https://extend.vimeocdn.com https://www.google.com https://www.gstatic.com https://code.highcharts.com https://gitcdn.github.io https://pi.pardot.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.rawgit.com https://stackpath.bootstrapcdn.com https://cdnjs.cloudflare.com https://unpkg.com https://cdn.datatables.net https://cdn.jsdelivr.net https://ajax.googleapis.com https://gitcdn.github.io; img-src 'self' data: blob: https://www.google

Linked from (1)