penneo.com
penneo.com
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress 6.9.4
- jQuery
- 3.7.1
Third-party hosts loaded (1)
- ajax.googleapis.com×2
Social
Contact
- Address
- Gærtorvet 1-5, 1799, København V, Capital Region of Denmark, DK
Registration
- Registrar
- Gandi SAS
- Created
- 2013-01-02
- Expires
- 2027-01-02 210 days left
- Updated
- 2025-11-28
- Name servers
-
- ns-1213.awsdns-23.org
- ns-1968.awsdns-54.co.uk
- ns-261.awsdns-32.com
- ns-601.awsdns-11.net
DNS records live
- NS
-
- ns-1213.awsdns-23.org
- ns-1968.awsdns-54.co.uk
- ns-261.awsdns-32.com
- ns-601.awsdns-11.net
- MX
-
- 10 aspmx.l.google.com
- 20 alt1.aspmx.l.google.com
- 20 alt2.aspmx.l.google.com
- 30 aspmx2.googlemail.com
- 30 aspmx3.googlemail.com
- TXT
-
Show 5 TXT records
spf2.0/pra include:amazonses.com include:_spf.google.com include:stspg-customer.com include:aspmx.pardot.com include:_spf.salesforce.com -allstatus-page-domain-verification=dmbclcmbbplj5JJv88Fh3TzpTkw8q7ymWK+B3Mf3hqtvgeI8xaqjr2w=OSSRH-95522gkzwlt669n62b7gssf4r184c25wrdh70
- Verified for
-
- Atlassian
- Remote
Email authentication strong
- SPF
-
v=spf1 include:amazonses.com include:_spf.google.com include:stspg-customer.com include:aspmx.pardot.com include:_spf.salesforce.com -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:dmarc@penneo.com; adkim=s; aspf=r; pct=100; sp=rejectpolicy: reject (enforced) · sp=reject - DKIM
-
- google:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6p7pPyta8XPKfOkfpa2C/O3+yQwIFPTBqbQahAUq2bwDfb97t05VV1nVfocu/1Be6PvlTsZ2sDtiTT… - k1:
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo… - smtpapi:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…
selectors probed - google:
Certificate (current)
R13
Expires in 81 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- cross-origin-opener-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https: https://ajax.googleapis.com https://kit.fontawesome.com https://dev.visualwebsiteoptimizer.com https://penneo.chilipiper.com https://www.googletagmanager.com https://unpkg.com https://*.cookieinformation.com https://policy.app.cookieinformation.com https://cdn.cookieinformation.com https://www.googleadservices.com https://*.doubleclick.net https://snap.licdn.com https://cdn.segment.com https://go.marketing.penneo.com https://*.clarity.ms https://connect.facebook.net https://bat.bing.com https://scripts.clarity.ms https://pi.pardot.com https://*.claydar.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://ka-f.fontawesome.com https://cdn.cookieinformation.com https://www.googletagmanager.com; img-src 'self' data: blob: https: https://penneo.com https://*.visualwebsiteoptimizer.com https://ct.capterra.com; font-src 'self' data: https://fonts.gstatic.com https://ka-p.fontawesome.com http- strict-transport-security
max-age=31536000; includeSubDomains; preload- cross-origin-opener-policy
same-origin-allow-popups, same-origin-allow-popups- cross-origin-resource-policy
same-site