indexo.dev

drfrost.org

.org crawl

First seen 2026-05-06 · Last seen 2026-05-13 · ok HTTP/1.1 200 3078 ms crawled 2026-05-13

US · 104.26.15.138 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

sector education type homepage

HTML metadata

Title
Dr Frost Maths
Description
Online maths platform with homework, lesson resources, videos and exam questions. Used by students, teachers and schools to support learning.
Language
en

Technology

CDN
Cloudflare
Analytics
  • Cloudflare Insights
Fonts
  • Google Fonts

Third-party hosts loaded (3)

  • fonts.googleapis.com×2
  • fonts.gstatic.com×1
  • static.cloudflareinsights.com×1

Social

Registration

Registrar
GoDaddy.com, LLC
Created
2017-11-18
Expires
2026-11-18 181 days left
Updated
2026-01-02
Name servers
  • aaron.ns.cloudflare.com
  • nia.ns.cloudflare.com

DNS records live

NS
  • aaron.ns.cloudflare.com
  • nia.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
Verified for
  • Apple
  • Brevo
  • Google
  • Stripe

Email authentication partial

SPF
v=spf1 include:_spf.google.com include:mail.zendesk.com include:amazonses.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:dmarc@drfrost.org
policy: none (monitoring only)
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxg4aIYCN8TV2fmadUYUxuhegVK2r+egvFCysfkGPSWuD7mYRNPYMOjB9/RIC7aqGf8QrWMYDxT1Mtv…
selectors probed

Certificate (current)

WE1
from 2026-03-22 to 2026-06-20
Expires in 31 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.drfrost.org/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • cross-origin-opener-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • missing Permissions Policy
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
script-src 'strict-dynamic' 'nonce-71033b69fc7901290d137b8fe02fdd2a426e34c3f5b92f626fd9d4f7af6efe32';form-action 'self' https://accounts.google.com https://login.microsoftonline.com;frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com;img-src 'self' https://img.youtube.com https://i.ytimg.com;worker-src 'self' blob:;connect-src 'self' https://sonic.drfrost.org https://o4510674642862080.ingest.de.sentry.io;manifest-src 'self' drfrost.cloudflareaccess.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin

Links to (6)

Linked from (1)