epicompany.eu

HTML metadata

Title

EPI Company | Home

Description

EPI is a payment scheme, built by European payment industry leaders, to create Wero, a unified pan-European payment solution leveraging SCT Inst.

Language

en

Canonical

https://epicompany.eu

Translations

en

Open Graph

title: EPI Company | Home
description: EPI is a payment scheme, built by European payment industry leaders, to create Wero, a unified pan-European payment solution leveraging SCT Inst.

Technology

Server: nginx
CMS: Nuxt

Analytics

Google Tag Manager

Third-party hosts loaded (2)

js-eu1.hs-scripts.com×1
www.googletagmanager.com×1

Social

Contact

Phone

0755811726

DNS records live

NS

ns.coredns.org
ns1.server.eu
ns2.server.eu

MX

1 epicompany-eu.mail.protection.outlook.com

TXT

Show 11 TXT records

mongodb-site-verification=8Y6vuUPvUHCPy9eJFyFolscB6yyQt3Ny
docusign=7c5b8ab4-4d0e-4858-9dec-245b6db80649
google-old=RjwHtZX5iphOHNXAjPFOyDRDW21F1QzFdkDIftiVbto
OSSRH-91945
google-site-verification=Pc_8JpmV0NvzxRVz9QH-5sHqySfF2VozZNo9bXkk4wA
apple-domain-verification=LfUNpjmIVtzkSoGt
miro-verification=5050a592f81a589a17ff7f12e633472330699813
slack-domain-verification=WZC7nHH6AZrWwFPO4oUzbP7YdBZWN8xkmYVseucF
brevo-code:906025252142263b5ff555a9d14beac0
MS=ms72606862
atlassian-domain-verification=AIi5DWrJxs/SrApniU3k7aA1kK4/pEy2XYngKmYgfZeaVaCxWgjB95Z0ddOLYG5I

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:spf.EU.exclaimer.net include:spf.brevo.com include:143291714.spf08.hubspotemail.net include:143291714.spf08.hubspotemail.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc@epicompany.eu; ruf=mailto:dmarc@epicompany.eu; fo=1

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1M4TVgnBfpIuIilAMcMf1WXtaPUfiPdCTVMtGnVd4YXCVZV8q2F+vruMDoIeqK0NX9d0dGprxW//A…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

E7

from 2026-03-20 to 2026-06-18

Expires in 29 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://epicompany.eu/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection
weak content type protection

Header values

referrer-policy: no-referrer
x-frame-options: SAMEORIGIN, SAMEORIGIN
permissions-policy: camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=()
x-content-type-options: nosniff, nosniff
content-security-policy: base-uri 'none'; font-src 'self' https: data:; form-action 'self' https://*.epicompany.eu https://*.epi-company.acceptance.51north.dev; frame-ancestors 'self' https://*.epicompany.eu https://*.epi-company.acceptance.51north.dev https://*.matomo.cloud; img-src 'self' data: https: blob: https://*.epicompany.eu https://*.epi-company.acceptance.51north.dev; object-src 'none'; script-src-attr 'none'; style-src 'self' 'unsafe-inline' https://*.epicompany.eu https://*.epi-company.acceptance.51north.dev; script-src 'self' https: 'nonce-3G2ZTPY8Am1EkGJMbZgd6MMf' https://www.googletagmanager.com https://cdn.matomo.cloud https://consent.cookiebot.com https://consentcdn.cookiebot.com 'sha256-gPjlli1HEdLlR0AZTY971/wQVOdSkl9mEinLnxrPpJw=' https://static.zdassets.com https://ekr.zdassets.com; upgrade-insecure-requests; default-src https:; connect-src https: data: wss: ws:;
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: same-origin