cfpsa.pt
cfpsa.pt
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress
- jQuery
- 1.10.2 known XSS (<3.5)
- Stack
- PHP
- Fonts
-
- Font Awesome
Third-party hosts loaded (5)
- cdn.jsdelivr.net×2
- stackpath.bootstrapcdn.com×2
- www.google.com×2
- cdnjs.cloudflare.com×1
- use.fontawesome.com×1
Social
Contact
- Phone
DNS records live
- NS
-
- priscilla.ns.cloudflare.com
- renan.ns.cloudflare.com
- MX
-
- 10 mail.cfpsa.pt
Email authentication strong
- SPF
-
v=spf1 ip4:148.69.220.178 ip4:51.178.131.61 ip4:94.23.76.145 include:servers.mcsv.net a:einvoice.yetspace.com -allstrict (-all) - DMARC
-
v=DMARC1; p=quarantine; adkim=r; aspf=r; rua=mailto:27ad88554c10428c8e1dfc060d52bb10@dmarc-reports.cloudflare.netpolicy: quarantine - DKIM
-
- default:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4dC4yB+r+jmK/K3F++6Z6iKtU8nsP8mlyJ9HV/rH1TWL//K/NvOKq7mDrr882Ht8XtEg7MQBy0OZR… - mail:
v=DKIM1; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZULXbnCT09uf0RYtzUlfCPt90BFffwHSQ929R7crWE0fqk1SR3orsNEinR5DqC5LOVljn5yKKCGfUdy…
selectors probed - default:
Certificate (current)
R13
Expires in 37 days
HTTP security headers
- present
-
- content-security-policy
- x-frame-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- content-security-policy
default-src 'self' *.gstatic.com *.googleusercontent.com data: 'unsafe-inline' 'unsafe-eval' *.googleapis.com cdnjs.cloudflare.com *.bootstrapcdn.com cdn.jsdelivr.net *.google.com *.fontawesome.com *.google-analytics.com *.googletagmanager.com *.humansoft.pt *.cfpsa.pt