yumbo.gov.co
yumbo.gov.co
HTML metadata
Technology
- Server
- nginx
- jQuery
- 3.1.0 known XSS (<3.5)
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (4)
- www.googletagmanager.com×2
- img.youtube.com×1
- translate.google.com×1
- www.google.com×1
Social
Contact
DNS records live
- NS
-
- dns1.stratecsa.co
- dns2.stratecsa.co
- MX
-
- 0 mail.yumbo.gov.co
- TXT
-
1c4ef50abdbf8289f32b5e00ca76b6MS=D1C6A94531FBFEA091E9BD6031F05FB3980F7DB6
Email authentication partial
- SPF
-
v=spf1 +a +mx +ip4:190.14.241.169 +ip4:190.14.241.170 +ip4:190.109.9.22 -allstrict (-all) - DMARC
-
v=DMARC1;p=none;sp=none;adkim=r;aspf=r;pct=100;fo=0;rf=afrf;ri=86400policy: none (monitoring only) · sp=none - DKIM
-
- default:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKe/PfE5NlA2j0sDCfdrD4AAW0+k7AgWKnXICMwDU8g/p7m9wICV3bocAXglrBWa+ZrndBEggDJMrh…
selectors probed - default:
Certificate (current)
Sectigo Public Server Authentication CA DV R36
Expires in 128 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin- x-frame-options
SAMEORIGIN- permissions-policy
geolocation=(), midi=(), sync-xhr=(self 'https://www.municipiodeguatape.gov.co' 'https://tramites.alcaldiadeipiales.gov.co' 'https://www.acacias.gov.co' 'https://santander.gov.co' 'https://tramites.alcaldiadesanantero.gov.co' 'https://tramitesenlineazipaquira.gov.co' 'https://sede.alcaldiadesanrafael.gov.co' 'https://tramites.pasto.gov.co' 'https://gfiles-zipaquira.gov.co' 'https://pasaportes.cordoba.gov.co' 'https://pasaportes.risaralda.gov.co' 'https://pasaportescaqueta.gov.co' 'https://sede.idsn.gov.co' 'https://www.barrancabermeja.gov.co' 'https://www.cordoba.gov.co' 'https://www.tramites-inza.gov.co' 'https://www.pereira.gov.co' 'https://tramites.popayan.gov.co' 'https://pasaportesatlantico.gov.co' 'https://pasaportes.cordoba.gov.co' 'https://creg.gov.co' 'https://tramites-tocancipa.gov.co' 'https://www.apartado-antioquia.gov.co' 'https://www.tramites-angostura.gov.co' 'https://www.alcaldiadepiedecuesta.gov.co' 'https://www.candelaria-valle.gov.co' 'https://www.sanpedrodelosmilagr- x-content-type-options
nosniff- content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: javascript: https://api.onesignal.com/ https://d1sag09wwfbul8.cloudfront.net/ https://tracker.metricool.com/ https://cdn.onesignal.com/ https://gso.kommo.com/ https://widgets.sociablekit.com/ https://googleads.g.doubleclick.net/ https://www.instagram.com/ https://www.twitter.com/ https://x.com/ https://syndication.twitter.com/ https://coomeva.com.co/ https://cdn.userway.org/ https://alcaldiatulua.agenti.com.co/agenti_lite_alcaldiatulua/js/jquery-3.7.1.min.js https://alcaldiatulua.agenti.com.co/agenti_lite_alcaldiatulua/js/scripts.js alcaldiatulua.agenti.com.co https://cdn.siftscience.com alcaldiapereira.agenti.com.co https://checkout.wompi.co/widget.js wolkvox-cobrowsing-agent-fd5zvw7swa-ue.a.run.app widget02.wolkvox.com d335luupugsy2.cloudfront.net wolkvox-cobrowsing-agent-fd5zvw7swa-ue.a.run.app https://platform.bluemessaging.net app.sitp.gov.co *.firebaseio.com *.aldeamo.com *.bootstrapcdn.com *.cloudflare.com https://chat1-cls27- strict-transport-security
max-age=31536000; includeSubDomains; preload