indexo.dev

cityoffrederick.com

.com crawl

First seen 2026-04-13 · Last seen 2026-05-13 · ok HTTP/1.1 200 1239 ms crawled 2026-05-06

US · 208.90.188.168 · AS36489 IP Pathways, LLC

Reputation 97/100 dmarc monitor-only

Classifying

HTML metadata

Title
The City of Frederick, MD - Official Website | Official Website
Language
en

Technology

Server
Microsoft-IIS
Social widgets
  • YouTube Embed

Third-party hosts loaded (4)

  • docaccess.com×1
  • translate.google.com×1
  • webchat-ui.citibot.net×1
  • www.youtube.com×1

Social

Contact

Phone

Registration

Registrar
Network Solutions, LLC
Created
1997-09-28
Expires
2030-09-27 1591 days left
Updated
2025-07-29
Name servers
  • ns10.dnsmadeeasy.com
  • ns11.dnsmadeeasy.com
  • ns12.dnsmadeeasy.com
  • ns13.dnsmadeeasy.com
  • ns14.dnsmadeeasy.com
  • ns15.dnsmadeeasy.com

DNS records live

NS
  • ns10.dnsmadeeasy.com
  • ns11.dnsmadeeasy.com
  • ns12.dnsmadeeasy.com
  • ns13.dnsmadeeasy.com
  • ns14.dnsmadeeasy.com
  • ns15.dnsmadeeasy.com
MX
  • 10 mx-01-us-east-2.prod.hydra.sophos.com
  • 20 mx-02-us-east-2.prod.hydra.sophos.com
TXT
Show 4 TXT records
  • sGDoek6u2JvtW++QNX7ZVQh8Fdg6OsefyMdDXP1K7In8le8pzOmMok2p165XECufDPLyHvvBO+TbpC3SoYxNmg==
  • rhn43enubuki373d5hs1kjmel4
  • sophos-domain-verification=bb13d57978336bb3a386a36349567b2bfc65cf98
  • MS=ms83414865

Email authentication strong

SPF
v=spf1 mx a include:_spf.psm.knowbe4.com include:spf.constantcontact.com include:spf.cashedge.com include:spf.protection.outlook.com a:vpn.cityoffrederick.com -all
strict (-all)
DMARC
v=DMARC1;p=none;pct=100;aspf=r;adkim=r;
policy: none (monitoring only)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9InCSviOhvvf0H7DD3LaTqHQB9NCluUxT3zQzJH+AiMX0FbTg3jqWCNOfKCf/fdGxsKAm2js4S9d/Is5mi+…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxptVmfUR4frSeHMvfHfvgC/kCjwQSo7G0uDk4QYpn/2JVCPYdyMK+1nXKJL4VvSl5ycFAvOixgc1FL…
selectors probed

Certificate (current)

R12
from 2026-04-30 to 2026-07-29
Expires in 71 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://cityoffrederick.com/

present
  • content-security-policy
  • x-content-type-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://*.granicus.com https://platform.civicplus.com https://account.civicplus.com https://analytics.civicplus.com; img-src * data: blob:; worker-src * data: blob: 'unsafe-eval' 'unsafe-inline'; script-src * about: 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob:; font-src * data:; default-src *

Links to (5)

Linked from (2)