churchilldownsincorporated.com

HTML metadata

Title

Churchill Downs Incorporated | The Kentucky Derby is just the beginning...

Description

Creating Extraordinary Experiences Racing | Wagering Services and Solutions | Gaming 1450 Runnings of theKentucky Derby # 1 Most profitable horse race wagering platform 29 Industry-leading regional casinos and HRM/racing properties 800 + Community nonprofits supported annually Your browser does not support HTML5 video. The Kentucky Derby is just the beginning… It all started with an inaugural […]

Language

en-US

Canonical

https://www.churchilldownsincorporated.com/

Feeds

The Kentucky Derby is just the beginning... | Churchill Downs Incorporated » Home Comments Feed RSS

Open Graph

url: https://www.churchilldownsincorporated.com/
title: Churchill Downs Incorporated | The Kentucky Derby is just the beginning...
locale: en_US
site name: The Kentucky Derby is just the beginning... | Churchill Downs Incorporated
description: Creating Extraordinary Experiences Racing | Wagering Services and Solutions | Gaming 1450 Runnings of theKentucky Derby # 1 Most profitable horse race wagering platform 29 Industry-leading regional casinos and HRM/racing properties 800 + Community nonprofits supported annually Your browser does not support HTML5 video. The Kentucky Derby is just the beginning… It all started with an inaugural […]

Technology

CDN: Cloudflare
CMS: WordPress

Analytics

Google Tag Manager

Cookie consent

OneTrust

Fonts

Google Fonts

Third-party hosts loaded (4)

www.googletagmanager.com×2
cdn.cookielaw.org×1
fonts.googleapis.com×1
fonts.gstatic.com×1

Social

Registration

Registrar

GoDaddy.com, LLC

Created

2001-03-14

Expires

2028-03-14 663 days left

Updated

2022-09-09

Name servers

ns-1217.awsdns-24.org
ns-1941.awsdns-50.co.uk
ns-39.awsdns-04.com
ns-871.awsdns-44.net

DNS records live

NS

ns-1217.awsdns-24.org
ns-1941.awsdns-50.co.uk
ns-39.awsdns-04.com
ns-871.awsdns-44.net

Verified for

Apple
Google

Email authentication no MX

SPF: v=spf1 include:spf.protection.outlook.com include:spf-00397a01.pphosted.com -all
strict (-all)
DMARC: v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com;ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com
policy: reject (enforced)
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-04-18 to 2026-07-17

Expires in 58 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.churchilldownsincorporated.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=(*)
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: ; script-src 'self' https://acsbapp.com https://www.gstatic.com https://www.googletagmanager.com https://www.google.com https://cdn.cookielaw.org https://cookie-cdn.cookiepro.com privacyportal.onetrust.com geolocation.onetrust.com 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' data: https://fonts.googleapis.com cdn.cookielaw.org cookie-cdn.cookiepro.com privacyportal.onetrust.com geolocation.onetrust.com ; img-src 'self' data: https://s.w.org https://ps.w.org https://secure.gravatar.com https://www.paypalobjects.com https://www.paypal.com cdn.cookielaw.org cookie-cdn.cookiepro.com privacyportal.onetrust.com geolocation.onetrust.com ; connect-src 'self' https://www.churchilldownsincorporated.com https://acsbapp.com https://cdn.acsbapp.com https://www.google-analytics.com https://yoast.com https://cdn.cookielaw.org https://cookie-cdn.cookiepro.com privacyportal.onetrust.com geolocation.onetrust.com https
strict-transport-security: "max-age=31536000" env=HTTPS