avvillas.com.co
HTML metadata
Technology
- Stack
- Java
Third-party hosts loaded (4)
- cdn.jsdelivr.net×8
- cdnjs.cloudflare.com×3
- tags.tiqcdn.com×2
- raw.githubusercontent.com×1
Social
Contact
DNS records live
- NS
-
- ns1.telmexla.net.co
- ns7.telmexla.net.co
- MX
-
- 10 smtp.avvillas.com.co
- TXT
-
_gb4zu69kri6fyzn0jr6g8yp300kak59
Email authentication strong
- SPF
-
v=spf1 ip4:200.14.232.174 ip4:200.14.232.30 include:spf.protection.outlook.com -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; fo=1:d:s; ri=86400; rua=mailto:banco-av-villas@rua.agari.com,mailto:dmarc@rkabf7pz.uriports.com,mailto:f41d84f4cd@rua.easydmarc.com;ruf=mailto:banco-av-villas@ruf.agari.com,mailto:dmarc@rkabf7pz.uriports.com,mailto:f41d84f4cd@ruf.easydmarc.compolicy: reject (enforced) - DKIM
- no key found at common selectors
Certificate (current)
DigiCert EV RSA CA G2
Expires in 237 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()- x-content-type-options
nosniff- content-security-policy
default-src 'self' https: ; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' ; style-src 'self' https: 'unsafe-inline' ; object-src 'none'; base-uri 'self' https: 'unsafe-inline' ; connect-src 'self' wss: https: ; font-src 'self' https: data: https://fonts.gstatic.com; frame-src 'self' https: ; img-src 'self' https: data:; manifest-src 'self' https: ; media-src 'self'; worker-src 'self';, frame-ancestors 'self' https://piloto.avvillas.com.co https://www.avvillas.com.co;- strict-transport-security
max-age=31536000; includeSubDomains