cityofdestin.com
cityofdestin.com
HTML metadata
Technology
- Server
- Microsoft-IIS
- Analytics
-
- Google Tag Manager
- Social widgets
-
- YouTube Embed
Third-party hosts loaded (5)
- www.youtube.com×2
- destinchatbot-public.azurewebsites.net×1
- docaccess.com×1
- static.elfsight.com×1
- www.googletagmanager.com×1
Social
Contact
- Phone
Registration
- Registrar
- Network Solutions, LLC
- Created
- 1999-04-07
- Expires
- 2034-04-07 2878 days left
- Updated
- 2024-04-07
- Name servers
-
- ns61.worldnic.com
- ns62.worldnic.com
DNS records live
- NS
-
- ns61.worldnic.com
- ns62.worldnic.com
- MX
-
- 0 cityofdestin-com.mail.protection.outlook.com
- TXT
-
autodesk-domain-verification=d7MmggT5eYqOZARxNJNX
- Verified for
-
- Apple
Email authentication partial
- SPF
-
v=spf1 ip4:66.210.216.210 include:spf.protection.outlook.com include:amazonses.com include:_spf.psm.knowbe4.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none; PCT=100; fo=1; rua=mailto:dmarc@cityofdestin.compolicy: none (monitoring only) - DKIM
-
- selector2:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDA2iNnN71rEc95YmlbzdN1giwcwEH+eAx7mHAMaBgLBuSm9tYJF8OnQMe53HPGJNVhzT6E7hknY94ZS4aVPi…
selectors probed - selector2:
Certificate (current)
R12
Expires in 67 days
HTTP security headers
- present
-
- content-security-policy
- x-content-type-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
frame-ancestors 'self' https://*.granicus.com https://platform.civicplus.com https://account.civicplus.com https://analytics.civicplus.com; img-src * data: blob:; worker-src * data: blob: 'unsafe-eval' 'unsafe-inline'; script-src * about: 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob:; font-src * data:; default-src *