golmar.es

.es crawl

First seen 2026-04-14 · Last seen 2026-05-18 · ok HTTP/1.1 200 5775 ms crawled 2026-05-08

NL · 149.210.184.238 · AS20857 Signet B.V.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Golmar sistemas de comunicación | Golmar
Description: Golmar, Spanish video door phone manufacturer, +70 years. Security: CCTV, access control, intrusion, fire, PA system, home automation & hospital.
Language: en
Canonical: https://golmar.es/home-en

Open Graph

url: http://golmar.es/home-en
title: Golmar sistemas de comunicación | Golmar
locale: en_GB
website: http://golmar.es
site name: Golmar

Technology

Server: nginx

Fonts

Adobe Fonts
Google Fonts

Third-party hosts loaded (7)

fonts.googleapis.com×3
unpkg.com×3
ajax.googleapis.com×1
cdnjs.cloudflare.com×1
fonts.gstatic.com×1
forms.sbc28.com×1
use.typekit.net×1

Social

Contact

Phone

+34 934 800 696

DNS records live

NS

ns.dinahosting.com
ns2.dinahosting.com
ns3.dinahosting.com
ns4.dinahosting.com

MX

10 golmar-es.mail.protection.outlook.com

TXT

zFGELINrodXAMyrgPSNlQTrQV19QaVsPs0pQ8rbt+NLk36AV+nLcLkDrDS0DmPa+Lek/VpokXY562UGNoMjLuQ==
smartfense-domain-verification=s3MwWiHoJDTUaINA8cMc8O2DMFNu9I_-JrfhxEFHfCKU6y4n

Email authentication partial

SPF

v=spf1 a mx ip4:194.224.156.98 ip4:31.171.200.113 include:spf.protection.outlook.com -All

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:golmarti@golmar.es; fo=1

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvWBI8SrjDMMt2H3l4xNlQyhHc1hnpQtsElSCjfQSu0pb/jGW/la2KGW/MNZvv5bX8lhFxtLLFjksTYNBQtm…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0E1uDB0oJk9pFgNlxBj80kdgXIshpHX2B+IEKPgjdBO1Svy042MpvHKwgLnNo22NMLkXFPgESVSph…

selectors probed

Certificate (current)

R13

from 2026-04-17 to 2026-07-16

Expires in 57 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://golmar.es/home-en

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; object-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload