indexo.dev

almhof.at

.at crawl

First seen 2026-05-16 · Last seen 2026-05-21 · ok HTTP/1.1 200 6109 ms crawled 2026-05-21

DE · 138.201.164.163 · AS24940 Hetzner Online GmbH

Reputation 94/100 dmarc monitor-only

sector travel type homepage

HTML metadata

Title
Hotel Almhof Schneider – 5***** Superior ski-in/ski-out Hotel
Description
Find all information about the Hotel Almhof Schneider in Lech. Book your perfect family winter holidays at the 5***** Superior ski-inn/ski out Hotel.
Language
de
Generator
WPML ver:4.8.5 stt:1,3;
Canonical
https://www.almhof.at/
Translations
  • de
  • en

Open Graph

url
https://www.almhof.at/
title
Hotel Almhof Schneider – 5***** Superior ski-in/ski-out Hotel
locale
de_DE
site name
Hotel Almhof Schneider
description
Find all information about the Hotel Almhof Schneider in Lech. Book your perfect family winter holidays at the 5***** Superior ski-inn/ski out Hotel.

Technology

Server
nginx
CMS
WordPress 4.8.5 outdated (current 6.8)
Stack
PHP

DNS records live

NS
  • ns1.nameservice.at
  • ns2.nameservice.at
MX
  • 5 almhof-at.mail.protection.outlook.com
Verified for
  • Google
  • Microsoft 365

Email authentication partial

SPF
v=spf1 mx include:spf.protection.outlook.com include:_spf.createsend.com -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM0/RyUN8ctxBOvUwIFey815AJa4G+IlBDF6icCEroGNKBSroSpIe6d+/ohJ4WT0cnMK/kPNpye6LjpAj/…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0/pMCWcZpIWbUOgn2atofIAUC9+nn34tOgC4otjrNWgfKYiiPbUB1RpRPilizxXK9NIm3Z9BEFgCK4HZFxQ05Ys…
selectors probed

Certificate (current)

R12
from 2026-04-18 to 2026-07-17
Expires in 57 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://www.almhof.at/

present
  • content-security-policy
  • x-frame-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
DENY
content-security-policy
default-src 'self' http://*.bugherd.com https://*.bugherd.com https://bugherd-attachments.s3.amazonaws.com wss://ws.pusherapp.com; font-src 'self' data: http://themes.googleusercontent.com https://themes.googleusercontent.com http://fonts.googleapis.com https://fonts.googleapis.com http://fonts.gstatic.com https://fonts.gstatic.com http://*.bugherd.com https://*.bugherd.com; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com https://fonts.googleapis.com http://hello.myfonts.net https://hello.myfonts.net; child-src 'self' http://www.youtube.com https://www.youtube.com http://*.vimeo.com https://*.vimeo.com http://almhof.tourism.career https://almhof.tourism.career; img-src 'self' data: *; media-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com https://www.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.google.com https://*.google.com http://maps.gstatic.com https://maps.gstatic.com http://*.bugherd.com

Links to (4)

Linked from (1)