fogodechao.com

HTML metadata

Title: Fogo de Chão | Authentic Brazilian Steakhouse Restaurant
Description: Experience the Culinary Art of Churrasco at Fogo de Chão, perfected since 1979. Dine in, order to-go, or let us cater your next celebration.
Language: en-US
Canonical: https://fogodechao.com/

Open Graph

url: https://fogodechao.com/
title: Fogo de Chão Brazilian Steakhouse
locale: en_US
site name: Fogo de Chão - US
description: Experience the Culinary Art of Churrasco at Fogo de Chão, perfected since 1979. Dine in, order to-go, or let us cater your next celebration.

Technology

CDN: Amazon CloudFront
Server: Apache
CMS: WordPress

Analytics

Google Analytics
Google Tag Manager

Cookie consent

OneTrust

Fonts

Font Awesome
Google Fonts

Third-party hosts loaded (11)

cdnjs.cloudflare.com×5
use.fontawesome.com×4
fonts.googleapis.com×3
js.adsrvr.org×3
nexus.ensighten.com×3
maps.googleapis.com×2
www.google-analytics.com×2
www.googletagmanager.com×2
cdn.cookielaw.org×1
dev.visualwebsiteoptimizer.com×1
fonts.gstatic.com×1

Social

Registration

Registrar

CSC Corporate Domains, Inc.

Created

1998-12-24

Expires

2027-12-24 583 days left

Updated

2025-12-20

Name servers

kip.ns.cloudflare.com
nora.ns.cloudflare.com

DNS records live

NS

kip.ns.cloudflare.com
nora.ns.cloudflare.com

MX

0 fogodechao-com.mail.protection.outlook.com

TXT

Show 6 TXT records

otpc2sufm3ai49v5frijcka1nr
wMHsIJ4u7Dq79JyOpboZZkEu3eVv0yTiWzp5mNPnoz7mHPFIsmYWbs4rkyJRjUY/Jy+9Rb/Iy6V8TS627JHExQ==
7sar5hlndh2mcts5v56abr6mh1
MS=ms29912188
facebook-domain-verification=rs314qkjqvo8zq0nvwz8t52xk87y2o
google-site-verification=ZLnN6N0W4O12gR0o7zzrkJs7386duiZH2LQnWuKo1rM

Email authentication strong

SPF

v=spf1 mx include:spf.protection.outlook.com include:spfa.cpmails.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc@fogodechao.com;

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHAnSASfq02/wc8mED7sy0mJ87vEL4kC0EkrgrYzejIS7rgoHOSqkyROkGM34U3Pv4iYUoJ7t+nreL…

selectors probed

Certificate (current)

Amazon RSA 2048 M02

from 2025-08-27 to 2026-09-26

Expires in 129 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://fogodechao.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: fullscreen=(*), geolocation=(*), microphone=(*), camera=(*), payment=(*), usb=(*)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io cdn.pushcrew.com; script-src 'self' data: blob: * 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes' *.visualwebsiteoptimizer.com app.vwo.com cdn.pushcrew.com https://www.youtube.com https://youtube.com https://googleads.g.doubleclick.net https://ajax.googleapis.com https://code.jquery.com https://cdn.cookielaw.org https://www.google.com/recaptcha https://maps.googleapis.com https://www.gstatic.com/recaptcha https://static.doubleclick.net https://www.gstatic.com https://www.googletagmanager.com https://js.adsrvr.org https://cdnjs.cloudflare.com https://nexus.ensighten.com https://*.tidio.co https://*.jivosite.com https://browser.sentry-cdn.com https://*.cloudfront.net; style-src 'self' * 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com https://www.youtube.com https://youtube.com https://*.fontawesome.com https://ajax.googleapis.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://f
strict-transport-security: max-age=31536000; includeSubDomains; preload