filmwerk-gt.de
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Next.js
- Analytics
-
- Cloudflare Insights
Third-party hosts loaded (1)
- static.cloudflareinsights.com×1
Registration
- Updated
- 2021-05-31
- Name servers
-
- ns5.ns35.de.
- ns6.ns35.de.
- ns7.ns35.de.
- ns8.ns35.de.
DNS records live
- NS
-
- ns5.ns35.de
- ns6.ns35.de
- ns7.ns35.de
- ns8.ns35.de
- MX
-
- 0 filmwerkgt-de02b.mail.protection.outlook.com
- Verified for
-
- Microsoft 365
Email authentication weak
- SPF
-
v=spf1 ip4:178.208.114.202 include:spf.protection.outlook.com -allstrict (-all) - DMARC
- not published
- DKIM
-
- default:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZqd5iI7wrEFBkE/syq/1ktTnscrfzOy1/O5dwEWvOX+QE+Y2VYC64YZCJHxaEnLegCxeCIzUb7kuL… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub5AOzMgKP1Hqq8Sm97EsHv4wqj05dYhUVawNLArpBwKnYOah5uLWDU3xQP3+BAU+YP0RtawgIWz1sqW7f… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuHa+dTGOfKNaRAW6GLFPJMG+a0HjTmHQJvzg5BjGBHThIGaRwA4T7YJN9ExgzihW3abCeKF/hT5PP/D0rDTuW2d…
selectors probed - default:
Certificate (current)
R12
Expires in 59 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- content-security-policy-report-only
- findings
-
- CSP uses wildcard sources
- missing frame protection
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- content-security-policy
frame-ancestors 'self' capacitor://lumos.website http://lumos.website https://lumos.website:8000; object-src 'none'; worker-src 'self' blob:; script-src 'self' https://*.lumos.website https://*.vista.co https://challenges.cloudflare.com https://static.cloudflareinsights.com https://*.paypal.com https://www.paypalobjects.com https://pay.google.com https://songbird.cardinalcommerce.com https://songbirdstag.cardinalcommerce.com https://static.client.cardinaltrusted.com https://cas.static.client.cardinaltrusted.com https://*.braintreegateway.com https://*.stripe.com https://*.adyen.com https://*.kasikornbank.com https://sec.windcave.com https://connect.facebook.net https://*.googletagmanager.com https://googleads.g.doubleclick.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.net/recaptcha/ https://*.onetrust.com https://youtube.com https://www.youtube.com https://*.visa.com https://*.mastercard.com https://delivery.cm.responsum.app https://cdn.cm.r- strict-transport-security
max-age=31536000; preload- content-security-policy-report-only
frame-ancestors 'self' capacitor://lumos.website http://lumos.website https://lumos.website:8000; object-src 'none'; worker-src 'self' blob:; script-src 'self' https://*.lumos.website https://*.vista.co https://challenges.cloudflare.com https://static.cloudflareinsights.com https://*.paypal.com https://www.paypalobjects.com https://pay.google.com https://songbird.cardinalcommerce.com https://songbirdstag.cardinalcommerce.com https://static.client.cardinaltrusted.com https://cas.static.client.cardinaltrusted.com https://*.braintreegateway.com https://*.stripe.com https://*.adyen.com https://*.kasikornbank.com https://sec.windcave.com https://connect.facebook.net https://*.googletagmanager.com https://googleads.g.doubleclick.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.net/recaptcha/ https://*.onetrust.com https://youtube.com https://www.youtube.com https://*.visa.com https://*.mastercard.com https://delivery.cm.responsum.app https://cdn.cm.r