cityofdubuque.org

HTML metadata

Technology

Analytics

• Google Tag Manager

Third-party hosts loaded (4)

• www.googletagmanager.com×2
• app-script.monsido.com×1
• docaccess.com×1
• www.facebook.com×1

Contact

Phone

• 563-589-4100

Registration

Registrar

Network Solutions, LLC

Created

2001-01-03

Expires

2027-01-03 228 days left

Updated

2025-11-09

Name servers

• ns63.worldnic.com
• ns64.worldnic.com

DNS records live

NS

• ns63.worldnic.com
• ns64.worldnic.com

MX

• 10 mx-01-us-west-2.prod.hydra.sophos.com
• 20 mx-02-us-west-2.prod.hydra.sophos.com

TXT

• sophos-domain-verification=e2ec9638c01613362ace7bb58c83a9998a7fa8d0
• i2ik5g2jcm183da9v2r5c711gv

Verified for

• Google Workspace
• Microsoft 365

Email authentication partial

SPF

v=spf1 mx a ip4:69.71.62.18 ip4:208.78.169.130/32 ip4:208.78.169.153/32 ip4:64.33.158.240/29 ip4:207.191.204.146/29 include:_spf.psm.knowbe4.com include:spf.protection.outlook.com include:_spf.prod.hydra.sophos.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarcreport@cityofdubuque.org

policy: none (monitoring only)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIMs0CMhBaQpclT6jM2zAhrdyiNDv9Sh4Xp6V0HFTo8VtQ0LvJVBaFLwuGFMsuHIlPEVElAF6jgRMBVGUF7T…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://cityofdubuque.org/

present

• content-security-policy
• x-content-type-options

findings

• missing HSTS
• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (7)

• municipalonlinepayments.com×2
• qscend.com×2
• traveldubuque.com×2
• amlegal.com×2
• arcgis.com×2
• civicplus.com×2
• governmentjobs.com×2

Linked from (4)

• accessdubuquejobs.com×2
• minesofspain100.com×2
• colts.org×2
• dubuqueeaglepointpark.com×1