constantin-casting.de

.de crawl

First seen 2026-04-16 · Last seen 2026-05-11 · ok HTTP/1.1 200 7935 ms crawled 2026-05-11

US · 3.164.68.66 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Constantin Casting
Description: Für unsere TV-Formate suchen wir deutschlandweit Komparsen, Laiendarsteller und Schauspieler. Bewirb Dich jetzt für ein kostenloses Einzelcasting bei uns!
Language: de

Open Graph

url: https://www.constantin-casting.de
title: Constantin Casting
locale: de_DE
site name: Constantin Casting
description: Für unsere TV-Formate suchen wir deutschlandweit Komparsen, Laiendarsteller und Schauspieler. Bewirb Dich jetzt für ein kostenloses Einzelcasting bei uns!

Technology

Server: Heroku

Social

Contact

Email

kontakt@constantin-casting.de

Phone

+49 221 9999 2160

Registration

Updated

2026-01-11

Name servers

ns-1179.awsdns-19.org.
ns-1563.awsdns-03.co.uk.
ns-307.awsdns-38.com.
ns-664.awsdns-19.net.

DNS records live

NS

ns-1179.awsdns-19.org
ns-1563.awsdns-03.co.uk
ns-307.awsdns-38.com
ns-664.awsdns-19.net

MX

0 smtp.secureserver.net
10 mailstore1.secureserver.net

Email authentication partial

SPF

v=spf1 include:amazonses.com include:email.freshdesk.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc-reports@denkungsart-gmbh.de

policy: none (monitoring only)

DKIM

s1: v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm62v/6MSAH5LVzJNYuGmAdNGHUrkbZkrnU9vZEVi79ovifAAXwL09Pra8xTcJgmlqMdu5nKoECXjzVcQ…
s2: v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWHVyUVronjBlR4NHXdHqMY4B1/VBjSYub+EG4++8GmJVAz28DDGczaVIaxZcoy4eE7kWI51Jo7xeL3D…

selectors probed

Certificate (current)

Amazon RSA 2048 M04

from 2025-10-14 to 2026-11-13

Expires in 177 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.constantin-casting.de/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; default-src 'none'; child-src blob:; font-src data: https://assets.constantin-casting.de https://fonts.gstatic.com; img-src 'self' data: blob: android-webview-video-poster: android-webview: https://constantin-casting.s3.eu-west-1.amazonaws.com https://constantin-casting-public.s3.eu-west-1.amazonaws.com https://assets.constantin-casting.de https://d7aavk190ai9a.cloudfront.net https://static.constantin-casting.de https://maps.gstatic.com https://maps.googleapis.com https://img.youtube.com https://i.vimeocdn.com https://d33v4339jhl8k0.cloudfront.net; media-src mediastream: https://static.constantin-casting.de https://constantin-casting.s3.eu-west-1.amazonaws.com https://constantin-casting-public.s3.eu-west-1.amazonaws.com https://static.filmmakers.eu https://static.castupload.com; object-src 'none'; form-action 'self' https://*.facebook.com https://login.microsoftonline.com; script-src 'self' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://assets.c
strict-transport-security: max-age=63072000; includeSubDomains