staatsoper-berlin.de

HTML metadata

Technology

CDN

Amazon CloudFront

Server

Apache

Third-party hosts loaded (1)

• thumbor-cache.webfactory.de×41

Social

• facebook
• tiktok
• instagram
• youtube

Registration

Updated

2019-05-31

Name servers

• ns17.knipp.net.
• ns1.webfactory.de.
• ns2.knipp.de.
• ns3.knipp.de.

DNS records live

NS

• ns1.webfactory.de
• ns17.knipp.net
• ns2.knipp.de
• ns3.knipp.de

MX

• 10 staatsoperberlin-de02e.mail.protection.outlook.com

TXT

• ce88betbkvnqq3kt2a66lta9st

Verified for

• Brevo
• Google
• Meta
• Microsoft 365

Email authentication partial

SPF

v=spf1 mx ip4:213.61.59.227 include:spf.mail.webfactory.de include:spf.protection.outlook.com include:_spf.psm.knowbe4.com include:spf.brevo.com -all

strict (-all)

DMARC

v=DMARC1; p=none; pct=100; rua=mailto:reports-edv@Staatsoper-Berlin.de; ruf=mailto:reports-edv@Staatsoper-Berlin.de; fo=1

policy: none (monitoring only)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzV58+GbE3JCfVOQeHO+onkJ8xEPP/qkdNbfEEnJNs1EOnuNmdMidLSgiVnuqylDzt1maWE19d+m0/+…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.staatsoper-berlin.de/de/

present

• strict-transport-security
• x-content-type-options
• referrer-policy

findings

• missing Content Security Policy
• missing frame protection
• missing Permissions Policy

Links to (9)

• youtube.com×4
• eventim-inhouse.de×4
• facebook.com×4
• instagram.com×4
• issuu.com×4
• classiccard.de×4
• tiktok.com×4
• youtube-nocookie.com×4
• radiodrei.de×2

Linked from (9)

• visitberlin.de×4
• staatskapelle-berlin.de×2
• samuelhasselhorn.com×2
• polytone.de×2
• heinzundheideduerrstiftung.de×1
• kulturinsgrundgesetz.de×1
• carlespachon.com×1
• opera-connection.com×1
• oper-in-berlin.de×1