cefosap.pt

HTML metadata

Technology

Server

nginx

jQuery

1.9.1 known XSS (<3.5)

Stack

PHP

DNS records live

NS

• dnsh01.artelecom.pt
• dnsh02.artelecom.pt
• dnsh03.artelecom.pt

MX

• 0 cefosap-pt.mail.protection.outlook.com

TXT

• ado3ucc7j70t5nsp5na8e168eh

Verified for

• Google
• Microsoft 365

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none; sp=none;

policy: none (monitoring only) · sp=none

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCYnKz/42twB9yZVXvFihxQ2AmOGK3MpWBdyEwKLL6wpnDQfibAP/Xt3a394VyDPN/v192S9N2OBdsNz8tlNC…
• selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqZoFUtQ7AqHviUuI77mD0hdA57ooRvurwJjZL5JbdPX38LMXD1B1deM4YPDUM/Y3hK3yHDrLdWDUgm9JDJY…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://cefosap.pt/

present

• strict-transport-security
• x-frame-options

findings

• missing Content Security Policy
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (8)

• ugt.pt×1
• presidencia.pt×1
• portugal2030.pt×1
• portugal2020.pt×1
• pessoas2030.gov.pt×1
• iefp.pt×1
• europa.eu×1
• anqep.gov.pt×1

Linked from (1)

• humansoft.pt×1