cruzverde.pt

HTML metadata

Technology

Server

Apache

jQuery

2.1.3 known XSS (<3.5)

Stack

Laravel

Analytics

• Google Tag Manager

Fonts

• Google Fonts

Third-party hosts loaded (3)

• fonts.googleapis.com×2
• www.googletagmanager.com×2
• maps.googleapis.com×1

Social

• facebook
• instagram

Contact

Phone

• +351253512803

DNS records live

NS

• ns1.meganameservers.eu
• ns2.meganameservers.eu
• ns3.meganameservers.eu

MX

• 5 mail.cruzverde.pt

Verified for

• Brevo

Email authentication partial

SPF

v=spf1 ip4:88.157.220.42 +a +mx include:spf.antispamcloud.com include:spf.sendinblue.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; sp=none; rua=mailto:dmarc@mailinblue.com!10m; ruf=mailto:dmarc@mailinblue.com!10m; rf=afrf; pct=100; ri=86400

policy: none (monitoring only) · sp=none

DKIM

• default: v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVIb/DTQ6cL367W4V0E5dNy5P9pCiTiyAgFDKMoqhot7s48cLYK7Xlu6TGU912lyoooPkj3yg0Pqrfh3…
• mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://cruzverde.pt/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (3)

• spotmarket.pt×1
• instagram.com×1
• facebook.com×1

Linked from (1)

• spotmarket.pt×1