UltraDNS (Vercara)Managed DNS
Nameservers
4 UltraDNS NS
edns2.ultradns.biz / .com / .net / .org
CAA Records
None Published
IPv6 (AAAA)
None native — only via Akamai CNAME chain
Wildcard
Yes → 11.9.0.1 (sinkhole catch-all)
Est. Activation
~2010–2012 Medium
CF Opportunity: 1-click DNSSEC, CAA mgmt, native IPv6, fastest DNS globally
AkamaiCDN (Helios Platform)
Category
Content Delivery Network
Coverage
www, owners, build, test, es, zh, cpo
Via edgekey.net / edgesuite.net CNAME
Platform
Helios — custom CMS built on Akamai
Shared w/ infinitiusa.com
Caching
Active page-caching via x-helios-akamai-content-class
Gaps
dealers, service, careers, parts, store — NOT on Akamai CDN
Header Leaks
x-helios-cdn-vendor, akamai-grn, server-timing exposed
Est. Activation
~2015–2017 Medium
CF Opportunity: Unified CDN across ALL subdomains, header stripping, faster TTFB
AkamaiWAF
Category
Web Application Firewall
XSS Test
HTTP 403 — Blocked
SQLi Test
HTTP 403 — Blocked
Path Traversal
HTTP 403 — Blocked
Coverage
Akamai-fronted sites only
dealers, service, dev, qa = NO WAF
Missing Headers
CSP, Referrer-Policy, Permissions-Policy
Est. Activation
~2015–2017 Medium
CF Opportunity: Managed WAF rulesets, ALL-subdomain coverage, Managed Headers
AkamaiBot Manager
Cookies
_abck (behavioral fingerprint)
bm_sz (session tracking)
Also on CF
parts.nissanusa.com
cf-mitigated: challenge (Cloudflare Bot Mgmt)
Gaps
dealers, service — NO bot protection
High-value scraping targets
Est. Activation
~2018–2020 Medium
CF Opportunity: CF Bot Mgmt already active on parts — extend to all subdomains
None DetectedAPI Security / Gateway
API Gateway
None detected
GraphQL
graphql.nissanusa.com exposed in SSL cert SANs
CSP Header
Missing on www (present on parts via CF)
Permissions-Policy
Missing on www (present on parts via CF)
Geo Leak
Akamai Edgescape headers leak visitor lat/long/ZIP in responses
CF Opportunity: API Shield for GraphQL, Transform Rules, API Gateway