cityofwinters.org

HTML metadata

Technology

Third-party hosts loaded (1)

• docaccess.com×1

Social

• facebook
• twitter
• instagram
• youtube

Contact

Phone

• 5307954910

Registration

Registrar

Network Solutions, LLC

Created

2000-04-06

Expires

2028-04-06 687 days left

Updated

2023-02-10

Name servers

• ns1.bdm.microsoftonline.com
• ns2.bdm.microsoftonline.com
• ns3.bdm.microsoftonline.com
• ns4.bdm.microsoftonline.com

DNS records live

NS

• ns1.bdm.microsoftonline.com
• ns2.bdm.microsoftonline.com
• ns3.bdm.microsoftonline.com
• ns4.bdm.microsoftonline.com

MX

• 0 cityofwinters-org.mail.protection.outlook.com

TXT

• mscid=I7jNuSsEL3bisXkMPhdnQsJZ+yVPK66EiDpkaWGE3/vb34X0RsFAITj9cvgXGq2enpJOT1PZzt4df8etZIqIuQ==

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; pct=100; rua=mailto:dmarc@cityofwinters.org

policy: reject (enforced)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDtE8ANrERUhi+Wh9J9ayNpYuiqDtGBWmiCZMNZGj/y7Y4JAzJa5A9ZelTul/xU8n4zSk6AknPit15uetosbY…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://cityofwinters.org/

present

• content-security-policy
• x-content-type-options

findings

• missing HSTS
• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (8)

• civicplus.com×2
• facebook.com×2
• governmentjobs.com×2
• hdlgov.com×2
• instagram.com×2
• paymentus.com×2
• twitter.com×2
• youtube.com×2

Linked from (2)

• discoverwinters.com×2
• visityolo.com×2