indexo.dev

awac.com

.com crawl

First seen 2026-05-04 · Last seen 2026-05-10 · ok HTTP/1.1 200 1107 ms crawled 2026-05-10

US · 192.0.66.216 · AS2635 Automattic, Inc

Reputation 100/100

Classifying

HTML metadata

Title
Allied World – A FairFax Company
Language
en-US
Canonical
https://awac.com/

Technology

Server
nginx
CMS
WordPress
Cookie consent
  • Cookiebot

Third-party hosts loaded (2)

  • stats.wp.com×2
  • consent.cookiebot.com×1

Social

Contact

Email

Registration

Registrar
Network Solutions, LLC
Created
1997-04-15
Expires
2027-04-16 330 days left
Updated
2024-02-16
Name servers
  • udns1.ultradns.net
  • udns2.ultradns.net

DNS records live

NS
  • udns1.ultradns.net
  • udns2.ultradns.net
MX
  • 10 mxa-00186d01.gslb.pphosted.com
  • 10 mxb-00186d01.gslb.pphosted.com
TXT
Show 5 TXT records
  • awacwp-prod.azurewebsites.net
  • intersight=3ab5cca8406234801aabd742668f9b97fd1cdca8ad072dcfa0847115de7d618a
  • i+Q7bbR2DAcg8LVYgZap974wz9kbjB3+Sr5XK1P9ftF+wyL4FFkwAtPRAPwX2pdvFV1A+Psaphhc/t6CzGqHrg==
  • access-domain-verification=b75a2343ee9ca2a9ee6039a619223fec4c9a322671e9159cc797ea83fd8c14c8
  • e2ma-verification=8qhfb
Verified for
  • Apple
  • Atlassian
  • CloudHealth
  • DocuSign
  • GlobalSign
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:spf-00186d01.pphosted.com include:_spf.salesforce.com include:spf.protection.outlook.com include:_spf.mitracloud.com include:_spf.highradius.com include:pr.highradius.com include:e2ma.net a:c.spf.service-now.com ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

E7
from 2026-05-08 to 2026-08-06
Expires in 78 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://awac.com/

present
  • strict-transport-security
  • content-security-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' awac.taleo.net cdnjs.cloudflare.com *.wp.com consent.cookiebot.com consentcdn.cookiebot.com cdn.parsely.com; img-src 'self' data: *.wp.com; font-src data: 'self' *.wp.com; frame-ancestors 'self';
strict-transport-security
max-age=31536000;includeSubdomains;preload

Links to (3)

Linked from (2)