indexo.dev

biddefordmaine.org

.org crawl

First seen 2026-04-23 · Last seen 2026-05-16 · ok HTTP/1.1 200 4537 ms crawled 2026-05-16

US · 207.38.73.213 · AS36489 IP Pathways, LLC

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Biddeford, ME | Official Website
Language
en

Open Graph

description
Welcome to the City of Biddeford

Technology

Server
Microsoft-IIS

Third-party hosts loaded (1)

  • docaccess.com×1

Social

Contact

Phone

Registration

Registrar
Hostopia Canada Corp
Created
2000-04-06
Expires
2027-04-06 320 days left
Updated
2026-04-11
Name servers
  • ns1.aplus.net
  • ns2.aplus.net

DNS records live

NS
  • ns1.aplus.net
  • ns2.aplus.net
  • ns3.aplus.net
MX
  • 10 mx1-us1.ppe-hosted.com
  • 10 mx2-us1.ppe-hosted.com
TXT
Show 9 TXT records
  • 0298b1b4294da23ae142ef289e5eee6b
  • ppe-6594d9c4e21150b82b99ab0323254c1e385620ba
  • U1KMjYcSRi+Vp4GQ1awZ1S/BheIYFSLmOEkYnt0dZWUP0eLTa52FSoi+ii3Xw4hi1MaTsx3qSbbtfvEyDEsqtA==
  • 21jl8gtdqon5ef8mjfanqvd5j0
  • _9bui11qgmub8ex2cy3t0bbahkyapo5c
  • include:spf.protection.outlook.com include:spf.mailjet.com include:_spf-us.ppe-hosted.com -all
  • MS=20673AE5B288B9C8941DDBD4AC9BD796405C61EF
  • duo_sso_verification=yvTyL4t0U27JagGQ35sLbSh1ykqbRqqfhUUArrOjFQVj69nzAUr4hyH0JZLdH1TX
  • V95ZK9P5I06670KF4IU7RZDOAX1NY54IZQYUN066
Verified for
  • Apple
  • Microsoft 365
  • Zoom

Email authentication partial

SPF
v=spf1 mx ip4:207.38.73.129 ip4:208.90.188.0/22 ip4:207.38.72.0/21 ip4:192.196.0.0/24 include:spf.ess.barracudanetworks.com include:sendgrid.net include:spf.protection.outlook.com include:spf.mailjet.com include:_spf-us.ppe-hosted.com -all
strict (-all)
DMARC
v=DMARC1; p=none; fo=1; rua=mailto:rua+biddefordmaine.org@dmarc.barracudanetworks.com; ruf=mailto:ruf+biddefordmaine.org@dmarc.barracudanetworks.com
policy: none (monitoring only)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxCoJDvC9hSNsTIsP7lG0IXY+YfzHNuNQifylKPazsMFKmatejU7SAmKPp5ZPUddbeYL05H8inr47r…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

R12
from 2026-05-01 to 2026-07-30
Expires in 70 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://biddefordmaine.org/

present
  • content-security-policy
  • x-content-type-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://*.granicus.com https://platform.civicplus.com https://account.civicplus.com https://analytics.civicplus.com; img-src * data: blob:; worker-src * data: blob: 'unsafe-eval' 'unsafe-inline'; script-src * about: 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob:; font-src * data:; default-src *

Links to (7)

Linked from (2)