indexo.dev

mega.io

.io crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 426 ms crawled 2026-05-18

LU · 66.203.124.37 · AS203055 Datacenter Luxembourg S.A.

Reputation 100/100

Classifying

HTML metadata

Title
MEGA: Protect your Online Privacy
Description
MEGA offers 20 GB free encrypted cloud storage, secure file upload, download and sharing, private chat and meetings, plus VPN and password manager.
Language
en-NZ
Canonical
https://mega.io
Translations
  • ar
  • de-de
  • en-nz
  • es-es
  • fr-fr
  • id-id
  • it-it
  • ja
  • ko-kr
  • nl-nl
  • pl-pl
  • pt-pt
  • ro-ro
  • ru-ru
  • th
  • tr-tr
  • vi
  • zh-cn
  • zh-tw

Open Graph

url
https://mega.io/
title
MEGA: Protect your Online Privacy
locale
en_US
site name
MEGA
description
MEGA offers 20 GB free encrypted cloud storage, secure file upload, download and sharing, private chat and meetings, plus VPN and password manager.

Technology

Server
nginx
CMS
WordPress

Social

DNS records live

NS
  • nslu1.mega.co.nz
  • nslu2.mega.co.nz
  • nsnl1.mega.co.nz
  • nsnl2.mega.co.nz
MX
  • 10 mail.mega.co.nz
TXT
Show 5 TXT records
  • figma-domain-verification=b522f07d669ca751949e95ec202d2e3f95321c0099644686c8a8b5b2782e7d6a-1768864945
  • google-site-verification=7LubaMe8LwjSP61DABj065xM1RhFT7xBuLcvrqE5Dd0
  • google-site-verification=JQ6dANtoKE5Fg2Nh00-ZEnC_upOs0W1e8ufKmR7hMYE
  • anthropic-domain-verification-v2yerz=12oiSds5yMrYvrswOJptg2mMg
  • google-site-verification=2h4XcIxuYHBK9QrpgZu4UGS8cLBeJgj_WRzdZWamRLw

Email authentication strong

SPF
v=spf1 include:mega.co.nz -all
strict (-all)
DMARC
v=DMARC1; p=reject; adkim=s; aspf=s; ri=86400
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-04-20 to 2026-07-19
Expires in 61 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://mega.io/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
default-src 'self' data: blob: *.mega.co.nz *.mega.nz *.mega.io http://*.mega.nz http://*.mega.io; script-src 'self' *.mega.co.nz *.mega.nz *.mega.io https://*.googletagmanager.com https://analytics.google.com data: blob: https://www.redditstatic.com https://connect.facebook.net https://staticxx.facebook.com; connect-src *.mega.co.nz *.mega.nz *.mega.io http://*.mega.nz http://*.mega.io https://*.google-analytics.com https://analytics.google.com https://*.analytics.google.com https://*.googletagmanager.com https://www.reddit.com https://www.redditstatic.com https://stats.g.doubleclick.net https://connect.facebook.net https://graph.facebook.com https://www.facebook.com https://m.facebook.com https://pixel.facebook.com https://pixel-config.reddit.com; style-src 'self' 'unsafe-inline' *.mega.co.nz *.mega.nz *.mega.io data: blob:; frame-src 'self' *.megapay.nz mega: *.megaad.nz https://mega.nz/ https://mega.io/; img-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob: mega.nz https://ww
strict-transport-security
max-age=31536000

Links to (6)

Linked from (4)