risus-vallis.at

.at crawl

First seen 2026-05-14 · Last seen 2026-05-19 · ok HTTP/1.1 200 10580 ms crawled 2026-05-19

DE · 81.28.228.152 · AS29014 ScaleUp Technologies GmbH & Co. KG

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title

Chalet Risus Vallis – Exklusives Chalet-Erlebnis im Lachtal

Language

de-DE

Generator

WordPress 6.9.4

Canonical

https://www.risus-vallis.at/

Translations

de
de-de
en
en-gb

Feeds

Technology

Server: Apache
CMS: WordPress

Fonts

Google Fonts

Third-party hosts loaded (3)

fonts.googleapis.com×2
www.webplanner.de×2
gmpg.org×1

Contact

Email

DNS records live

NS

ns1.variomedia.de
ns2.variomedia.de

MX

10 msr.in.tmes.trendmicro.eu

TXT

Show 4 TXT records

MS=ms17735987
google-site-verification=vuEn2jp6SNL485pYoMBcrgIfmpg3fi71GNs0Q573wa4
trend-micro-v1-domain-verification.4d8502102ca12c833fb5d72b03f0fdcf=e8bb47b8-9b8a-4e55-bce7-e3d8621e32aa
tmes=43a427a216b14ed7978bea16feddfbf1

Email authentication partial

SPF: v=spf1 ip4:18.185.115.0/25 ip4:18.185.115.128/26 ip4:34.253.238.128/26 ip4:34.253.238.192/26 ip4:217.86.191.141 ip4:91.25.137.178 include:spf.protection.outlook.com include:spf.tmes.trendmicro.eu include:spf.jerschabek-gmbh.de -all
strict (-all)
DMARC: v=DMARC1; p=none; rua=mailto:msr@dmarcrua.tmes.trendmicro.eu; ruf=mailto:admin@msr-electronic.de; adkim=r; aspf=r
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

R12

from 2026-03-21 to 2026-06-19

Expires in 30 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.risus-vallis.at/

present

strict-transport-security
content-security-policy
x-frame-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https:; img-src 'self' data: https:; font-src 'self' data:; media-src 'self'; frame-src 'self' https://*.webplanner.de; connect-src 'self' https://cdn.plyr.io https://cdn.linkedin.oribi.io;
strict-transport-security: max-age=63072000; includeSubDomains; preload

Linked from (1)

brands-projects.de×1