fabfilter.com

.com crawl

First seen 2026-04-20 · Last seen 2026-05-18 · ok HTTP/1.1 200 2480 ms crawled 2026-05-14

NL · 87.233.203.192 · AS15703 TrueFullstaq B.V.

Reputation 100/100

Classifying

HTML metadata

Title: FabFilter - Quality Audio Plug-Ins for Mixing, Mastering and Recording - VST VST3 AU CLAP AAX AudioSuite
Description: Quality Audio Plug-Ins for Mixing, Mastering and Recording - VST VST3 AU CLAP AAX AudioSuite.
Language: en-US

Technology

Server: nginx
CMS: Gatsby

Social

Contact

Email

info@fabfilter.com

Registration

Registrar

Hosting Concepts B.V. d/b/a Registrar.eu

Created

2001-10-12

Expires

2026-10-12 145 days left

Updated

2025-10-12

Name servers

auth01.dns.trueserver.nl
auth02.dns.trueserver.nl
auth03.dns.trueserver.nl

DNS records live

NS

auth01.dns.trueserver.nl
auth02.dns.trueserver.nl
auth03.dns.trueserver.nl

MX

10 mail.fabfilter.com

Email authentication strong

SPF

v=spf1 a mx a:mail.fabfilter.com a:mailtest.fabfilter.com a:web02.fabfilter.com ip4:87.233.89.99 ip4:87.233.203.192 ip6:2001:9a8:1bc:0:87:233:89:99 ip4:194.165.34.0/24 include:spf-basic.fogbugz.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:pcbfla3m@ag.dmarcian.com; ruf=mailto:pcbfla3m@fr.dmarcian.com; aspf=r; adkim=r; rf=afrf;

policy: quarantine

DKIM

mail: v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oxM8V8yIjnTOUtsW2RaVZgFNwW9iJYU2Oifhou1tfrZZfVYcbPzoIu3ZxCsuxvo0eZb…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybnZ2iDZDfkRfAcxvXdND3h0P7+GcKEdZY9rqkQM3vwF/ElwOz7yvSfZsS52p4OedUx/9/E7viuJ6bhHqH…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQv5nX/3pHX8MiArN6W4bj3b9agZPv+3KXtLTMR92l/6kQyj81yRYHCsVO2ZKzuY1LDH0HNgqQYvvdN9GjV3BFlP…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA OV R36

from 2026-03-26 to 2026-10-11

Expires in 144 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.fabfilter.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: DENY, DENY
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), xr-spatial-tracking=(self)
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.fabfilter.com; connect-src 'self' *.fabfilter.com data:; font-src 'self' *.fabfilter.com; frame-src 'self' youtube.com www.youtube.com *.soundcloud.com open.spotify.com; img-src 'self' *.fabfilter.com *.ddev.site *.local.site:8443 data:; manifest-src 'self'; object-src 'self' *.fabfilter.com blob:; script-src 'self' 'unsafe-inline' *.fabfilter.com *.swetrix.org swetrix.org cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' *.fabfilter.com; media-src 'self' *.fabfilter.com; form-action 'self' *.fabfilter.com; worker-src 'self'; upgrade-insecure-requests
strict-transport-security: max-age=10; includeSubDomains, max-age=31536000; includeSubDomains