megacad.de

HTML metadata

Technology

Server

nginx

PHP

8.3.31 security-only

jQuery

3.3.1 known XSS (<3.5)

Third-party hosts loaded (2)

• js-eu1.hs-scripts.com×1
• js-eu1.hsforms.net×1

Contact

Phone

• +49 40 507973-0

Registration

Updated

2019-02-26

Name servers

• ns152.linevast.de.
• ns153.linevast.de.

DNS records live

NS

• ns152.linevast.de
• ns153.linevast.de

MX

• 0 megacad-de.mail.protection.outlook.com

Verified for

• 1Password
• Atlassian
• Microsoft 365

Email authentication partial

SPF

v=spf1 +a +mx +a:managed.12366.linevast.de include:spf.protection.outlook.com include:144188898.spf10.hubspotemail.net include:spf.nl2go.com a:mail.megacad.de -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

• default: v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuLhfn3kjE2+CXN12tNE7F7eOnpvt8zF7V1XfDoNpaVGUoTBd1feJ7V3rcxs9Oy8csHpkErWOysEFhpLHSB0j5w5mTR…
• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVnHqK8noNfU/7vqqGi3bI/TEwDzsLa0gYgykKfLmaspdnUPW9+nnmhIRGDagHFRVBx32ZNsREUeKR…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://megacad.de/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Linked from (1)

• megacad-schweiz.ch×1