azoresairlines.pt
HTML metadata
Technology
- CMS
- Drupal
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (2)
- i.icomoon.io×1
- www.googletagmanager.com×1
Social
DNS records live
- NS
-
- ns1.ptempresas.pt
- ns10.ptempresas.pt
- ns2.ptempresas.pt
- Verified for
-
- Apple
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
Sectigo Public Server Authentication CA OV R36
Expires in 129 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP uses wildcard sources
- weak content type protection
- missing Permissions Policy
Header values
- referrer-policy
strict-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff, nosniff- content-security-policy
default-src 'self'; connect-src 'self' https://*.sata.pt https://*.proscloud.com https://o210366.ingest.sentry.io https://www.google.com https://*.google-analytics.com https://analytics.google.com https://*.analytics.google.com https://stats.g.doubleclick.net https://fonts.googleapis.com https://fonts.gstatic.com https://*.paypal.com https://*.azoresairlines.pt https://azo-cdn.azureedge.net https://tracking.monsido.com https://*.inside-graph.com wss://*.inside-graph.com https://*.googlesyndication.com https://*.quantcast.com https://*.inmobi.com https://www.facebook.com/tr/; font-src 'self' https://i.icomoon.io https://fonts.gstatic.com data: https://fonts.googleapis.com https://fonts.gstatic.com https://azo-cdn.azureedge.net; form-action 'self' https://*.proscloud.com https://*.paypal.com https://*.iata.org https://payments.sata.pt https://*.azoresairlines.pt https://*.sata.pt https://www.facebook.com/tr/; frame-src 'self' https://heyzine.com https://www.youtube.com https://www.google- strict-transport-security
max-age=31536000; includeSubDomains