allfunds.com
allfunds.com
HTML metadata
Technology
- CDN
- Amazon CloudFront
- Server
- aHR0cHM6Ly95b3V0dS5iZS9BX2ZDdjc2YzR1UT95b3VzaG91bGRudD1jb21laGVyZWFsb25l
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (2)
- purecatamphetamine.github.io×1
- www.googletagmanager.com×1
Contact
- Address
- Calle de los Padres Dominicos 7, 28050, Madrid, Madrid, ES
Registration
- Registrar
- Arsys Internet, S.L. dba NICLINE.COM
- Created
- 2000-03-06
- Expires
- 2027-03-06 290 days left
- Updated
- 2026-02-26
- Name servers
-
- a1-223.akam.net
- a11-65.akam.net
- a22-64.akam.net
- a4-66.akam.net
- a6-67.akam.net
- a7-67.akam.net
DNS records live
- NS
-
- a1-223.akam.net
- a11-65.akam.net
- a22-64.akam.net
- a4-66.akam.net
- a6-67.akam.net
- a7-67.akam.net
- MX
-
- 10 mxa-00918501.gslb.pphosted.com
- 10 mxb-00918501.gslb.pphosted.com
- TXT
-
Show 9 TXT records
pexip-ms-tenant-domain-verification=8c1189cc-c7bd-482d-a4b6-0cadee6a3305_pj6qwnsxt0tcs5y6ayrca6lh9l8birwtmes=949a5dd62cb2ff76ddd35c3a768d497ezwkv8twryrtd73mv4n579gc9lgq3ltg6753fpctlr96ymsfd876yzpszv2zlh68c8lv5c9ywq8hv78x77vnfwy8hrs9gk5zmxs8d37x1f4w030qs9cxbdffg9rf7xllc_1rqxiqymhi2lja7jounskk523edw36e_et87oxd97jb8l49h7ru7ijkd4jrc52n
- Verified for
-
- Microsoft 365
- MongoDB
Email authentication partial
- SPF
-
v=spf1 include:spf.protection.outlook.com include:_spf.retarus.com include:_spf.pool2.transactional-mail-a.com include:spf-00918501.pphosted.com ip4:45.148.32.8 ip4:45.148.32.9 -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:reportsdmarc@allfunds.com,mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:reportsdmarc@allfunds.com,mailto:dmarc_ruf@emaildefense.proofpoint.com; fo=1policy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpaCkKiRGPU4gIa8a0JEsd0//GpZNR9hVP5c9l8GRr9/x/xJOP/WDJGm+RjOQdPgpu4q4XssxVs4Kz… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyG394rpQRg/Uq/aFc0DAxYhTJd3rM+hc+vzzVM4yF8qmz4vTInit9pp29xaGDeJCaoTxJF0MdvHH4Z…
selectors probed - selector1:
Certificate (current)
DigiCert Global G3 TLS ECC SHA384 2020 CA1
Expires in 114 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
Header values
- referrer-policy
same-origin- permissions-policy
geolocation=(self), microphone=(), camera=(), payment=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'nonce-JnZ5xAmEzP9ucHNLmfG4qg==' 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com https://*.gstatic.com https://www.google.com https://www.google-analytics.com https://googletagmanager.com https://*.googletagmanager.com https://apis.google.com https://storage.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://stats.g.doubleclick.net https://www.google.com/recaptcha/api.js https://*.recaptcha.net https://recaptcha.net https://linkedin.com https://*.linkedin.com https://snap.licdn.com https://*.amplitude.com https://amplitude.com https://akamaihd.net https://*.akamaihd.net https://akstat.io https://*.akstat.io https://clarity.ms https://*.clarity.ms https://cloudfunctions.net https://*.cloudfunctions.net https://europe-west1-afb-connect.cloudfunctions.net/registerUserContact https://cms-front.s3.eu-west-1.amazonaws.com https://cdn.jsdelivr.net/npm/css-vars-ponyfill@2 https://cdn.plyr.io/3.6.8/plyr.p- strict-transport-security
max-age=63072000; includeSubdomains; preload