maat.pt

HTML metadata

Title

MAAT: Museu de Arte, Arquitetura e Tecnologia | MAAT

Description

O MAAT é onde a criatividade, curiosidade e inspiração se encontram. Descubra as melhores exposições de arte contemporânea num dos ex-líbris da arquitetura de Lisboa. Venha visitar-nos!

Language

pt-pt

Generator

Drupal 10 (https://www.drupal.org)

Canonical

https://maat.pt/pt

Translations

en
pt

Open Graph

title: Homepage | MAAT
site name: MAAT

Technology

Server: nginx
CMS: Drupal

Analytics

Google Tag Manager

Cookie consent

OneTrust

Third-party hosts loaded (4)

cdn.cookielaw.org×2
unpkg.com×2
www.googletagmanager.com×1
www.recaptcha.net×1

Social

Contact

Phone

+351 210 028 130

DNS records live

NS

dns1.host-redirect.com
dns2.host-redirect.com
dns3.host-redirect.com

Verified for

Google

Email authentication no MX

SPF: not published
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

Thawte TLS RSA CA G1

from 2025-07-21 to 2026-07-29

Expires in 57 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://maat.pt/pt

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection
missing Permissions Policy

Header values

referrer-policy: origin-when-cross-origin
x-frame-options: ALLOW-FROM *.reduniq.pt, *.paypal.com, *.klarna.com, *.edp.pt, *.edp.pt/*, *.edp.com, *.edp.com:*, *.edp.com/*, *.edpr.com, *.bol.pt, *.bol.pt/*, *.microsoft.com, *.microsoftonline.com, *.windows.net, *.office.com, *.gstatic.com, *.google.com, *.appspot.com, *.vimeo.com, *.cookielaw.org, *.recaptcha.net, *.bandcamp.com, *.soundcloud.com, opendata.online.e-redes.pt, *.sites.edp.com, *.siteimprove.com, *.siteimprove.net, *.workplace.com, *.intras.edp.com, *.microsoftstream.com, tv.edpon.livextend.cloud, *.youtube.com, *.youtube-nocookie.com, *.eurolandir.com, *.mailjet.com, *.media-server.com, *.wufoo.com, edp.teto.pt, *.spotify.com, ir2.flife.de, ir.tools.investis.com, sdk.companywebcast.com, ir.tools.investis.com, *.edpon.livextend.cloud, *.powerbi.com, *.suratica.es, teams.microsoft.com/_?tenantId=bf86fbdb-f8c2-440e-923c-05a60dc2bc9b, ssl.google-analytics.com
x-content-type-options: nosniff
content-security-policy: frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com *.doubleclick.net *.reduniq.pt *.paypal.com *.klarna.com *.microsoft.com *.microsoftonline.com *.windows.net *.office.com *.bol.pt *.bol.pt/* *.vimeo.com *.cookielaw.org *.recaptcha.net bandcamp.com *.soundcloud.com *.google.com *.sites.edp.com *.siteimprove.net *.siteimprove.com *.workplace.com *.intras.edp.com *.microsoftstream.com *.edp.pt *.edp.com *.edpr.com *.dig.corp.edp.com *.youtube.com *.youtube-nocookie.com *.eurolandir.com *.mailjet.com *.media-server.com *.wufoo.com edp.teto.pt *.spotify.com ir2.flife.de ir.tools.investis.com sdk.companywebcast.com ir.tools.investis.com *.edpon.livextend.cloud *.powerbi.com *.suratica.es; script-src 'self' 'unsafe-eval' 'unsafe-inline' analytics.tiktok.com snap.licdn.com *.googleadservices.com *.reduniq.pt *.paypal.com *.klarna.com *.bol.pt/* maat.pt/* *.gstatic.com *.google.com *.google.pt *.googletagmanager.com *.google-analytics.com *.googleusercontent.com *
strict-transport-security: max-age=31536000; includeSubDomains; preload