nerleiwebinar.pt
HTML metadata
Technology
- Server
- Apache
- CMS
- Joomla
- jQuery
- 1.10.2 known XSS (<3.5)
- Stack
- PHP
- Fonts
-
- Google Fonts
Third-party hosts loaded (2)
- cdn.jsdelivr.net×5
- fonts.googleapis.com×1
DNS records live
- NS
-
- ns1.nerlei.pt
- ns2.nerlei.pt
- MX
-
- 10 mx1.cleanmx.pt
- 20 mx2.cleanmx.pt
Email authentication strong
- SPF
-
v=spf1 ip4:94.46.170.218 ip4:94.46.30.91 +a +mx +ip4:130.185.87.60 +include:_spf.cleanmx.pt -allstrict (-all) - DMARC
-
v=DMARC1;p=reject;sp=none;adkim=s;aspf=s;pct=100;fo=0;rf=afrf;ri=86400policy: reject (enforced) · sp=none - DKIM
-
- default:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxY1KnYfmv7j7BDSpO83NyzTnipHY7Kxb/C37UdbmV6Rq3qcyedzuJUYKzrNaDEwIN0DlCcXcMjwdov…
selectors probed - default:
Certificate (current)
R13
Expires in 67 days
HTTP security headers
- present
-
- content-security-policy
- x-frame-options
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- content-security-policy
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.humansoft.pt *.googleapis.com *.gstatic.com *.googleusercontent.com cdnjs.cloudflare.com *.bootstrapcdn.com cdn.jsdelivr.net *.fontawesome.com *.google-analytics.com *.google.com *.fontawesome.com *.google-analytics.com *.googletagmanager.com *.humansoft.pt