indexo.dev

sgc.gov.co

.co crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 316 ms crawled 2026-05-19

US · 13.33.235.29 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
SGC
Language
en

Technology

CDN
Amazon CloudFront
Server
AmazonS3
CMS
Gatsby
Fonts
  • Google Fonts

Third-party hosts loaded (3)

  • fonts.googleapis.com×3
  • fonts.gstatic.com×1
  • unpkg.com×1

DNS records live

NS
  • ns-1489.awsdns-58.org
  • ns-1705.awsdns-21.co.uk
  • ns-61.awsdns-07.com
  • ns-772.awsdns-32.net
MX
Show 6 MX records
  • 10 aspmx.l.google.com
  • 20 alt2.aspmx.l.google.com
  • 30 aspmx2.googlemail.com
  • 30 aspmx3.googlemail.com
  • 30 aspmx4.googlemail.com
  • 30 aspmx5.googlemail.com
TXT
  • MS=3C0A4BD84A49D64610CD95313DE5990DA86F1FEB

Email authentication strong

SPF
v=spf1 ip4:190.65.108.163 ip4:52.87.254.18 ip4:54.225.37.60 ip4:190.121.155.193/26 include:_spf.google.com include:servers.mcsv.net -all
strict (-all)
DMARC
v=DMARC1; p=reject; sp=none; adkim=s; aspf=s; rua=mailto:8wura0d2p6@rua.powerdmarc.com; ruf=mailto:8wura0d2p6@ruf.powerdmarc.com; pct=100; fo=1;
policy: reject (enforced) · sp=none
DKIM
Show 4 DKIM selectors
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpiOA0IsP4DqbDaOpHZ7kqGs1hQnAJ2DdKQ8PdxkHSYnM55GRsDe1zlOvEolNKq0lMFr+7OGIJzbka…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp88LmefApKHN51dPk5j7RWMzH/K5aa3gXZnIX8aD7cS5by3kBlItxoxZN9Z78DZd5U+hGZw2MSmsOPovew…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfnGovQtRfSzJODscBWpBcLLtd+KT+ahYYxWgIPs+GRqvLPWu+5VymZ/rebPXuFVuVld+jJW9VUGdoonqL…
selectors probed

Certificate (current)

Verokey Verified Business G2
from 2025-09-11 to 2026-10-13
Expires in 145 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://sgc.gov.co/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
Header values
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(self)
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.sgc.gov.co https://*.sgc.gov.co https://*.s3.amazonaws.com https://unpkg.com https://cdn.jsdelivr.net https://js.arcgis.com https://*.arcgis.com https://*.esri.com https://*.googletagmanager.com; style-src 'self' 'unsafe-inline' https://www.sgc.gov.co https://*.sgc.gov.co https://*.s3.amazonaws.com https://unpkg.com https://cdn.jsdelivr.net https://js.arcgis.com https://*.arcgis.com https://*.esri.com https://fonts.googleapis.com; img-src 'self' data: blob: https://www.sgc.gov.co https://*.sgc.gov.co Amazon S3 - Cloud Object Storage - AWS https://s3.amazonaws.com https://*.s3.amazonaws.com https://*.tile.openstreetmap.org https://*.arcgis.com https://server.arcgisonline.com https://www.google.com.co https://*.esri.com; font-src 'self' data: https://www.sgc.gov.co https://*.sgc.gov.co https://*.s3.amazonaws.com https://js.arcgis.com https://*.arcgis.com https://fonts.gstatic.com https://*.esri.com; connect
strict-transport-security
max-age=31536000; includeSubDomains; preload

Linked from (2)