card4b.pt

.pt crawl

First seen 2026-05-27 · Last seen 2026-05-27 · ok HTTP/1.1 200 802 ms crawled 2026-05-30

PT · 194.39.124.6 · AS59787 Comercio e Prestacao de Servicos Informaticos, Lda

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Card4B - Systems S.A.
Language: en

Technology

Server: nginx
jQuery: 1.9.1 known XSS (<3.5)

Social widgets

YouTube Embed

Third-party hosts loaded (2)

www.youtube.com×4
ajax.googleapis.com×1

Social

DNS records live

NS

ns1.webhs.org
ns2.webhs.org
ns3.webhs.org
ns4.webhs.org

MX

0 card4b-pt.mail.protection.outlook.com

Email authentication weak

SPF

v=spf1 ip4:194.39.124.6 include:_spf.spambusters.email include:_spf43.serverhs.org ip4:185.90.59.140 ip4:185.90.59.149 include:_spf23.serverhs.org include:spf.protection.outlook.com -all

strict (-all)

DMARC

not published

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VT9ufxgvPVL86+9EcVpneMQ4LNrEOZb86obe0D4gGc7tnDBCY/Xpr3/yGZGI0YttATpApYZcgBqfi…

selectors probed

Certificate (current)

GoGetSSL RSA DV CA

from 2025-12-19 to 2027-01-20

Expires in 233 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://card4b.pt/

present

strict-transport-security
content-security-policy
x-frame-options
referrer-policy
permissions-policy

findings

missing content type protection

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(), camera=(), microphone=(), payment=(), usb=()
content-security-policy: base-uri 'self'; object-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains

Links to (11)

Linked from (1)

transdev.pt×1