salvadorcaetano.pt

HTML metadata

Technology

CDN

Akamai

CMS

WordPress

jQuery

3.4.1 known XSS (<3.5)

Analytics

• Google Tag Manager

Fonts

• Google Fonts

Third-party hosts loaded (3)

• fonts.googleapis.com×2
• www.googletagmanager.com×2
• www.google.com×1

Social

• linkedin
• facebook
• youtube
• instagram
• tiktok

DNS records dead

NS

• dns3.cloudns.net
• dns4.cloudns.net
• dns7.cloudns.net
• dns8.cloudns.net

MX

• 0 salvadorcaetano-pt.mail.protection.outlook.com

TXT

• jTHWq+pV0Z4AndEYjdZzAUQfATf8n1UvjjdZuhKtTHmIANHXB1U33XRcARtBtvAzX7qdrBCivNJwhHz0s2BfMg==
• knowbe4-site-verification=aae8ab873ee4e57201cc7ce98da2a1b9

Verified for

• Google
• Microsoft 365
• OneTrust
• Zoho

Email authentication no MX

SPF

v=spf1 ip4:195.23.106.26/32 ip4:195.23.106.20/32 ip4:195.23.106.20/32 ip4:195.23.106.27/32 include:spf.protection.outlook.com include:one.zoho.eu include:one.zoho.com include:eu.transmail.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; adkim=s; aspf=s; fo=1; rua=mailto:dmarc@rigorcg.pt; ruf=mailto:dmarc@rigorcg.pt; sp=none; ri=86400

policy: reject (enforced) · sp=none

DKIM

no key found at common selectors

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://salvadorcaetano.pt/en/

present

• strict-transport-security
• content-security-policy
• x-frame-options

findings

• CSP allows unsafe inline scripts/styles
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (7)

• caetanogo.pt×1
• empregosalvadorcaetano.pt×1
• facebook.com×1
• instagram.com×1
• linkedin.com×1
• tiktok.com×1
• youtube.com×1

Linked from (4)

• ccilc.pt×1
• caetano.pt×1
• xpeng-auto.pt×1
• xpeng-auto.es×1