baerenbad-alm.at

HTML metadata

Technology

Server

nginx

jQuery

1.12.4 known XSS (<3.5)

Stack

PHP

Analytics

• Google Tag Manager

Contact

Email

• andrea@baerenbad-alm.at
• office@wt-hoellwarth.at
• info@zillertal.at
• office@easybooking.at
• office@kaiserweb.at
• info@easyloop.net
• office@wt-hoellwarth.atwww.wt-hoellwarth.aterste
• info@zillertal.atwww.zillertal.atzadego
• office@easybooking.atwww.easybooking.eugemeinde
• office@kaiserweb.atwww.kaiserweb.atdatenverwendung

Phone

• +436642327009
• 0800802555
• 0528563131
• +43%2052886226233
• +43528887187

DNS records live

NS

• ns1.antagus.de
• ns2.antagus.de

MX

• 0 baerenbadalm-at02c.mail.protection.outlook.com

Verified for

• Microsoft 365

Email authentication weak

SPF

v=spf1 include:spf.protection.outlook.com -all

strict (-all)

DMARC

not published

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqNC0IYA8e7KFCMHzknxuRpmtPhzxpNyQ4yrrhsYEnplAduJ5D8IYzpG6TC6JMPC9p9YS2O+N/OqDi…
• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1e3aT5P2HrHLeqJg2svzesW+ZwnfDxR8mtP7gamykLeB1olOFQjrxZPBnRFp3LWYG4JbhznNQa3pk3…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://baerenbad-alm.at/startseite.html

present

• x-frame-options
• x-content-type-options
• referrer-policy

findings

• missing HSTS
• missing Content Security Policy
• missing Permissions Policy

Links to (12)

• best-of-zillertal.at×1
• easybooking.eu×1
• easyloop.at×1
• easyloop.com×1
• generative-engine-optimization.at×1
• hotjar.com×1
• internetagentur-tirol.at×1
• kaiserweb.at×1
• language-translations.com×1
• tirol.gv.at×1
• wt-hoellwarth.at×1
• zillertal.at×1

Linked from (1)

• easylook.at×1