comunidadandina.org

.org crawl

First seen 2026-04-20 · Last seen 2026-05-15 · ok HTTP/1.1 200 2403 ms crawled 2026-05-13

US · 172.67.136.253 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Strapi Admin
Language: en

Technology

CDN: Cloudflare

Registration

Registrar

Network Solutions, LLC

Created

1998-04-03

Expires

2027-04-02 317 days left

Updated

2026-04-23

Name servers

lilith.ns.cloudflare.com
terin.ns.cloudflare.com

DNS records live

NS

lilith.ns.cloudflare.com
terin.ns.cloudflare.com

MX

0 comunidadandina-org.mail.protection.outlook.com

Email authentication partial

SPF

v=spf1 ip4:190.187.112.3 include:spf.protection.outlook.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:aeb50ff975aa43d79648c0cd67cdd01c@dmarc-reports.cloudflare.net,mailto:ppanez@comunidadandina.org,mailto:rarce@comunidadandina.org,mailto:coblitas@comunidadandina.org,mailto:slima@comunidadandina.org; ruf=mailto:ppanez@comunidadandina.org; fo=1; pct=100; sp=none; adkim=r; aspf=r

policy: none (monitoring only) · sp=none

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGlZ9u2Wsely5jUvnAppIsdxEULUPfP3Y5SDz5GW2piFJqeYruQ4rqYSrFnLyKBCERRH9cbrTcGL03cZnnHX…

selectors probed

Certificate (current)

from 2026-04-23 to 2026-07-22

Expires in 64 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://api.comunidadandina.org/admin

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
missing Permissions Policy

Header values

referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self';connect-src 'self' https: https://market.strapi.io https://market-assets.strapi.io https://assets.strapi.io;img-src 'self' data: blob: https://market.strapi.io https://market-assets.strapi.io https://assets.strapi.io;media-src 'self' data: blob: https://market.strapi.io https://market-assets.strapi.io https://assets.strapi.io;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains

Links to (1)

enable-javascript.com×2

Linked from (2)

cni.bo×1
cnibolivia.com×1