staples.pt

.pt ok HTTP/1.1 200 144 ms

First seen 2026-06-01 · Last seen 2026-06-15 · crawled 2026-06-16

US · 34.117.198.124 · AS396982 Google LLC

Reputation 94/100 dmarc monitor-only

sector tech subsector tech media type homepage

HTML metadata

Title: Checking your browser - reCAPTCHA
Language: en
Canonical: https://www.google.com/recaptcha/challengepage

Technology

Third-party hosts loaded (2)

www.google.com×2
www.gstatic.com×2

DNS records live

NS

corey.ns.cloudflare.com
sneh.ns.cloudflare.com

MX

10 staples-pt-1.fortimailcloud.com
20 staples-pt-2.fortimailcloud.com

Verified for

Atlassian
GlobalSign
Google
Microsoft 365

Email authentication partial

SPF: v=spf1 mx a ip4:213.30.18.93 include:spf.protection.outlook.com include:_spf.awd.center include:_spf.fortimailcloud.com ~all
softfail (~all)
DMARC: v=DMARC1; p=none; rua=mailto:dmarc@staples.pt; ruf=mailto:dmarc@staples.pt; fo=0:1:d:s; adkim=r; aspf=r
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

GlobalSign RSA OV SSL CA 2018

from 2026-03-06 to 2027-04-07

Expires in 290 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://staples.pt/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
permissions-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
missing Referrer Policy

Header values

x-frame-options: SAMEORIGIN
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /recaptcha/challengepage/_/RecaptchaChallengePageUi/cspreport, script-src 'report-sample' 'nonce-KemyhHLpZMnNlahIBfwzJA' 'unsafe-inline';object-src 'none';base-uri www.google.com;report-uri /recaptcha/challengepage/_/RecaptchaChallengePageUi/cspreport;worker-src 'self'
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site

Linked from (1)

associacaosalvador.com×2

Use this data via API

Everything on this page for staples.pt is available as JSON from the indexo.dev REST & MCP API.

curl "https://indexo.dev/api/v1/domains/staples.pt" \
  -H "X-API-Key: idx_..."

Read the docs & get a free key →

Add a badge to your site

Own staples.pt? Show it's tracked on indexo.dev and link visitors straight to this page.

<a href="https://indexo.dev/staples.pt" target="_blank" rel="noopener">
  <img src="https://indexo.dev/staples.pt/badge.svg" alt="indexo.dev — staples.pt">
</a>