indexo.dev

webgate.io

.io crawl

First seen 2026-04-20 · Last seen 2026-05-14 · ok HTTP/1.1 200 427 ms crawled 2026-05-14

DE · 142.132.246.159 · AS24940 Hetzner Online GmbH

Reputation 100/100

Classifying

HTML metadata

Title
Webgate - The Tool for Dailies and Post-Production
Description
Your software for video collaboration, reviews, screeners. Securely organize, present and distribute your media files.
Canonical
https://webgate.io/en
Translations
  • cs
  • de
  • es
  • fr
  • it
  • pl
  • pt

Open Graph

url
https://webgate.io/en
title
Webgate - The Tool for Dailies and Post-Production
site name
Webgate
description
Your software for video collaboration, reviews, screeners. Securely organize, present and distribute your media files.

Technology

Server
nginx

Contact

Email
Phone

DNS records live

NS
  • helium.ns.hetzner.de
  • hydrogen.ns.hetzner.com
  • oxygen.ns.hetzner.com
MX
  • 10 mxa.eu.mailgun.org
  • 10 mxb.eu.mailgun.org
TXT
  • google-site-verification=8fBRjNNE5W2_no_tqh6GBLpRNw0SsSHROY4e0ZMmrAs
  • google-site-verification=wdnl_jerfJ9jUXCjOEpFnnrJ8ucGrmfD73CNRRlEyHo

Email authentication strong

SPF
v=spf1 include:mailgun.org ~all
softfail (~all)
DMARC
v=DMARC1; p=reject
policy: reject (enforced)
DKIM
  • s1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDaaqq2wcUz4MncZTRezE8cuhMagalXL2jn1u4+ZUG971+EN2/1GWMfuBibN6YxXtbVjTnkNhUoveOpsZ4tMOrjY7ydgWN…
selectors probed

Certificate (current)

E8
from 2026-04-09 to 2026-07-08
Expires in 50 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://webgate.io/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
Header values
referrer-policy
strict-origin-when-cross-origin
permissions-policy
ch-dpr=(self "https://webgate.io"), ch-ect=(self "https://webgate.io"), ch-downlink=(self "https://webgate.io"), ch-rtt=(self "https://webgate.io")
x-content-type-options
nosniff
content-security-policy
connect-src 'self' 'unsafe-inline' *.webgate.io api.rollbar.com webgate.io wss: blob: data: webgate-downloader:; default-src 'self' 'unsafe-inline' *.webgate.io webgate.io wss: blob: data: webgate-downloader:; font-src 'self' 'unsafe-inline' fonts.gstatic.com webgate.io; frame-src 'self' *.webgate.io player.vimeo.com webgate-downloader:; img-src 'self' data: matomo.webgate.io webgate.io; media-src 'self' *.webgate.io webgate.io blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' s3.amazonaws.com matomo.webgate.io www.gstatic.com webgate.io blob: data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com s3.amazonaws.com webgate.io; frame-ancestors 'self' webgate.io *.webgate.io
strict-transport-security
max-age=63072000; includeSubDomains

Linked from (2)