indexo.dev

futurefund.com

.com crawl

First seen 2026-04-19 · Last seen 2026-05-13 · ok HTTP/1.1 200 6081 ms crawled 2026-05-13

US · 34.149.4.210 · AS396982 Google LLC

Reputation 100/100

Classifying

HTML metadata

Title
The Exclusively K-12 Fundraising Platform | FutureFund
Description
A free fundraising platform for schools. Raise money more efficiently for your PTA, school, booster club, or Ed Fund.
Language
en
Feeds

Technology

Fonts
  • Google Fonts

Third-party hosts loaded (4)

  • cdn.jsdelivr.net×12
  • ga.jspm.io×7
  • fonts.googleapis.com×2
  • fonts.gstatic.com×1

Social

Contact

Address
rd as youCopyright © 2026

Registration

Registrar
Squarespace Domains II LLC
Created
2001-04-03
Expires
2027-04-03 317 days left
Updated
2026-03-19
Name servers
  • ns-cloud-d1.googledomains.com
  • ns-cloud-d2.googledomains.com
  • ns-cloud-d3.googledomains.com
  • ns-cloud-d4.googledomains.com

DNS records live

NS
  • ns-cloud-d1.googledomains.com
  • ns-cloud-d2.googledomains.com
  • ns-cloud-d3.googledomains.com
  • ns-cloud-d4.googledomains.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • hubspot-developer-verification=NmM1MmNhOTctNGFlOS00Yzg5LWJhNjgtYWYxZTgxYTczNzUx
  • F9BA03F8C6
  • MS=0DBE1F8C257F7158251D2D539BA5809E0419270D
Verified for
  • Apple
  • Meta
  • Pinterest
  • Slack
  • Stripe

Email authentication strong

SPF
v=spf1 include:_spf.google.com include:sparkpostmail.com include:mail.zendesk.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:dmarc-reports@futurefund.com
policy: quarantine
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAposYojJNxuNvfry0XxkDi5ea9Hs2X6U+VWA1NFs5wIzuFlCKW8MPd4jxUFx+65BDUXOi24IePHy9fB…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

R13
from 2026-04-25 to 2026-07-24
Expires in 64 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.futurefund.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; base-uri 'none'; font-src 'self' data: fonts.gstatic.com; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https://www.googletagmanager.com 'nonce-+5VSJN4Dv/kdAILrQ5mnKg=='; style-src 'self' 'unsafe-inline' cdn2.futurefund.com fonts.googleapis.com *.omappapi.com; img-src 'self' https: data: *.futurefund.com storage.googleapis.com www.googletagmanager.com bat.bing.com www.google.com www.facebook.com t.acq.io tr-rc.lfeeder.com; connect-src 'self' *.futurefund.com www.googletagmanager.com www.google-analytics.com signup.futurefund.com analytics.google.com www.google.com www.facebook.com *.clarity.ms ct.pinterest.com stats.g.doubleclick.net *.omappapi.com ga.jspm.io; frame-src 'self' *.futurefund.com www.googletagmanager.com td.doubleclick.net ct.pinterest.com www.youtube.com *.js.stripe.com hooks.stripe.com js.stripe.com; report-uri /csp-violation-report
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (4)

Linked from (1)