contentpass.net

.net toplist crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 2225 ms crawled 2026-05-18

FR · 51.91.189.161 · AS16276 OVH SAS

Reputation 100/100

sector media news type homepage

HTML metadata

Title: Contentpass
Description: Contentpass bietet verlagsübergreifende Abonnements für ein werbe- und trackingfreies Leseerlebnis. Melden Sie sich noch heute an und genießen Sie über 700 Publikationen ohne Werbung und Tracking.
Language: de

Open Graph

title: Contentpass
description: Contentpass bietet verlagsübergreifende Abonnements für ein werbe- und trackingfreies Leseerlebnis. Melden Sie sich noch heute an und genießen Sie über 700 Publikationen ohne Werbung und Tracking.

Technology

Server: BunnyCDN-DE1-1330
CMS: Next.js

Registration

Registrar

Gandi SAS

Created

2016-07-17

Expires

2027-07-17 423 days left

Updated

2026-05-18

Name servers

ns-129-a.gandi.net
ns-150-c.gandi.net
ns-33-b.gandi.net

DNS records live

NS

ns-129-a.gandi.net
ns-150-c.gandi.net
ns-33-b.gandi.net

MX

10 aspmx.l.google.com
20 alt1.aspmx.l.google.com
20 alt2.aspmx.l.google.com
30 aspmx2.googlemail.com
30 aspmx3.googlemail.com

TXT

google-site-verification=6v76l89iROq8hn8PHqh6BmHdWViFKe5ykGJAWPje05s

Email authentication strong

SPF

v=spf1 include:_spf.google.com include:spf.flowmailer.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; sp=reject; rua=mailto:security@contentpass.de,mailto:dmarc@inbound.flowmailer.net; ruf=mailto:security@contentpass.de,mailto:dmarc@inbound.flowmailer.net; pct=100; fo=1

policy: reject (enforced) · sp=reject

DKIM

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCoCjReggYiHWUgeFvt+jl3iHNqUD3rGYFtRvYxx0+aHcbSRIhHXpAwjkpPQPLajfKJgWDIZh1cqgehf8i7Uk…

selectors probed

Certificate (current)

R13

from 2026-03-20 to 2026-06-18

Expires in 30 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.contentpass.net/de

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.contentpass.net; style-src 'self' *.contentpass.net 'unsafe-inline' *.crisp.chat; script-src 'self' *.contentpass.net 'unsafe-inline' *.crisp.chat; font-src 'self' *.contentpass.net *.contentpass.net data: *.crisp.chat; img-src 'self' *.contentpass.net *.contentpass.net data: *.crisp.chat; connect-src 'self' *.contentpass.net https://*.crisp.chat wss://*.crisp.chat *.growthbook.tools.contentpass.dev; frame-src 'self' *.contentpass.net support.contentpass.net *.crisp.chat; worker-src 'self' *.contentpass.net blob:
strict-transport-security: max-age=31536000; includeSubDomains; preload

Linked from (2)

wetter.com×3
hasepost.de×2