golm.at

HTML metadata

Technology

Server

nginx

CMS

Gatsby

PHP

8.3.10 security-only

Stack

PHP

Cookie consent

• Usercentrics

Third-party hosts loaded (3)

• app.usercentrics.eu×2
• api.usercentrics.eu×1
• fahrplan.vmobil.at×1

Social

• facebook
• instagram
• youtube

Contact

Email

• info@gsl-tourismus.at

Phone

• +43555670183167

Address

Austria

DNS records live

NS

• ns1.vdns.at
• ns2.vdns.at
• ns3.vdns.at

MX

• 10 relay.vkw.at
• 20 relay1.vkw.at
• 30 relay2.vkw.at
• 40 relay4.vkw-2.at

Verified for

• Google
• Microsoft 365

Email authentication weak

SPF

v=spf1 include:_spf.illwerkevkw.at a:spf.edis.at ~all

softfail (~all)

DMARC

not published

DKIM

no key found at common selectors

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.golm.at/en

present

• strict-transport-security
• content-security-policy
• x-content-type-options
• referrer-policy
• permissions-policy

findings

• CSP uses wildcard sources
• missing frame protection

Links to (7)

• facebook.com×1
• google.com×1
• gsl-tourismus.at×1
• illwerkevkw.at×1
• instagram.com×1
• vmobil.at×1
• youtube.com×1

Linked from (2)

• montafon.at×1
• sommer-bergbahnen.at×1