indexo.dev

west-dunbarton.gov.uk

.uk crawl

First seen 2026-05-30 · Last seen 2026-05-31 · ok HTTP/1.1 200 1173 ms crawled 2026-05-31

GB · 51.140.59.233 · AS8075 Microsoft Corporation

Reputation 100/100

sector government type blog

HTML metadata

Title
Homepage | West Dunbartonshire Council
Description
Find information and services for residents, businesses and visitors, including Council Tax, bin collections, schools, leisure, and housing.
Language
en

Open Graph

url
/
title
West Dunbartonshire Council
locale
en_GB
description
Find information and services for residents, businesses and visitors, including Council Tax, bin collections, schools, leisure, and housing.

Technology

CDN
Azure Front Door
jQuery
1.10.2 known XSS (<3.5)

Third-party hosts loaded (3)

  • ajax.googleapis.com×2
  • code.jquery.com×2
  • channels.humley.com×1

DNS records live

NS
  • ns10.ja.net
  • ns11.ja.net
  • ns12.ja.net
MX
  • 10 uk.mx1.mailanyone.net
  • 20 uk.mx2.mx25.net
  • 30 uk.mx3.mailanyone.net
  • 40 uk.mx4.mx25.net
TXT
  • gbdq0ro6tafuf5ppon7lljvsli
  • obq79tufdm7d8hvlloq1d3qgio
  • MS=21752EEA39844A229337931683A2AD16FDF764C1
Verified for
  • Apple

Email authentication strong

SPF
v=spf1 ip4:194.80.19.12 ip4:194.80.19.13 ip4:194.80.19.27 ip4:194.80.19.16 ip4:37.26.95.110 ip4:195.59.63.225 include:spf.mailanyone.net include:authsmtp.com include:emaileuc.freshservice.com include:spf.protection.outlook.com include:_spf.firmstep.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:dmarc-rua@dmarc.service.gov.uk; ruf=mailto:server.alerts@west-dunbarton.gov.uk; fo=0; adkim=r; aspf=r; pct=100; sp=reject
policy: quarantine · sp=reject
DKIM
no key found at common selectors

Certificate (current)

GeoTrust TLS RSA CA G1
from 2026-05-05 to 2026-11-06
Expires in 155 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://www.west-dunbarton.gov.uk/

present
  • strict-transport-security
  • content-security-policy
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
frame-src *.arcgis.com *.google.com *.youtube-nocookie.com 'self';img-src *.azureedge.net *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.metoffice.gov.uk data: 'self';script-src *.google.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.humley.com *.jquery.com 'self' 'unsafe-eval' 'unsafe-inline';connect-src *.google-analytics.com *.googleapis.com *.humley.com 'self';style-src *.googleapis.com 'self' 'unsafe-inline';font-src *.gstatic.com 'self';child-src *.player.vimeo.com blob: player.vimeo.com;media-src 'self';default-src 'self'
strict-transport-security
max-age=2592000

Links to (1)

Linked from (2)