stashcat.com

.com crawl

First seen 2026-04-13 · Last seen 2026-05-06 · ok HTTP/1.1 200 435 ms crawled 2026-05-06

DE · 185.243.135.234 · AS15817 Mittwald CM Service GmbH & Co. KG

Reputation 97/100 dmarc monitor-only

Classifying

HTML metadata

Title

stashcat: stashcat

Language

de-de

Canonical

https://stashcat.com/

Translations

de-de
en-gb

Technology

Server: Apache

Third-party hosts loaded (1)

code.etracker.com×1

Registration

Registrar

IONOS SE

Created

2014-10-14

Expires

2026-10-14 147 days left

Updated

2025-10-15

Name servers

ns1099.ui-dns.biz
ns1099.ui-dns.com
ns1099.ui-dns.de
ns1099.ui-dns.org

DNS records live

NS

ns1099.ui-dns.biz
ns1099.ui-dns.com
ns1099.ui-dns.de
ns1099.ui-dns.org

MX

10 mail.stashcat.com

TXT

figma-domain-verification=739487ac3c878f89d2fa54f435688397c5c2b609ee655b04476f3b60d93e089d-1736412993
v=verifydomain MS=6223934

Email authentication strong

SPF: v=spf1 a mx a:schul.cloud a:stashcat.com a:mail.stashcat.com a:mx01.stashcat.com ip4:217.110.176.50 ip4:185.187.64.150 ip4:91.230.173.3 include:partnerspf.rmmservice.com include:spf.mailjet.com ~all
softfail (~all)
DMARC: v=DMARC1; p=none; ruf=mailto:dmarc@stashcat.com; fo=1;
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

R13

from 2026-03-10 to 2026-06-08

Expires in 20 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://stashcat.com/

present

strict-transport-security
content-security-policy
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://api.signalize.com/ https://code.etracker.com/ https://dmndfrcstng.com/ https://www.etracker.de/; style-src 'unsafe-inline' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://www.etracker.de https://dmndfrcstng.com/ https://eu-api.friendlycaptcha.eu/api/ https://api.friendlycaptcha.com/api/; font-src 'self' data:; frame-src 'self' https://www.youtube-nocookie.com https://irs.tools.investis.com https://xms.deutsche-boerse.com/api/v1/chartmodule https://xms.deutsche-boerse.com/chartmod/refreshData; img-src 'self' data:; manifest-src 'self'; media-src 'self'; worker-src blob:; frame-ancestors 'self' https://*.etracker.com
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (2)

edyou.eu×2
secunet.com×2