indexo.dev

bacalhoa.pt

.pt crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 1131 ms crawled 2026-05-30

PT · 94.46.181.72 · AS24768 Almouroltec Servicos De Informatica E Internet Lda

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Bacalhoa
Description
We make wine as we drink it: for friends and between friends, on a daily basis or on special occasions. The project implemented in the various farms under the theme "Art, Wine and Passion" aims to surprise the expectations of the most demanding.

Open Graph

title
Homepage

Technology

Server
Microsoft-IIS
Fonts
  • Google Fonts

Third-party hosts loaded (4)

  • scontent-lis1-1.cdninstagram.com×4
  • unpkg.com×2
  • fonts.googleapis.com×1
  • www.facebook.com×1

Social

Contact

Email
Phone

DNS records live

NS
  • ns1.expertmedia.pt
  • ns2.expertmedia.pt
MX
  • 0 bacalhoa-pt.mail.protection.outlook.com
Verified for
  • GlobalSign
  • Microsoft 365

Email authentication weak

SPF
v=spf1 ip4:89.26.246.0/27 ip4:94.46.165.162 ip4:94.46.174.23 a mx include:spf.protection.outlook.com -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-04-22 to 2026-07-21
Expires in 50 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://bacalhoa.pt/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=self
x-content-type-options
nosniff
content-security-policy
script-src 'self' https://connect.facebook.net https://unpkg.com https://www.google-analytics.com https://maps.google.com https://maps.googleapis.com https://ajax.googleapis.com *.onetrust.com *.googletagmanager.com img-src: googletagmanager.com 'unsafe-inline' 'unsafe-eval'; worker-src 'self' blob: ;
strict-transport-security
max-age=2592000

Links to (9)