indexo.dev

pentera.io

.io crawl

First seen 2026-04-18 · Last seen 2026-05-18 · ok HTTP/1.1 200 1382 ms crawled 2026-05-12

US · 141.193.213.21 · AS209242 Cloudflare London, LLC

Reputation 100/100

sector tech type app saas

HTML metadata

Title
Exposure Validation Platform | AI-Driven Testing
Description
The Pentera Platform executes AI-driven adversarial testing in production to validate exploitability, prioritize remediation, and reduce exposure.
Language
en-US
Canonical
https://pentera.io/

Open Graph

url
https://pentera.io/
title
Exposure Validation Platform | AI-Driven Testing
locale
en_US
site name
Pentera
description
The Pentera Platform executes AI-driven adversarial testing in production to validate exploitability, prioritize remediation, and reduce exposure.

Technology

CDN
Cloudflare
CMS
WordPress
Fonts
  • Google Fonts
Social widgets
  • YouTube Embed
Third-party hosts loaded (7)
  • www.youtube.com×8
  • cdn.jsdelivr.net×6
  • fonts.googleapis.com×2
  • js.hsforms.net×2
  • js.qualified.com×2
  • penteraiostg.wpenginepowered.com×2
  • gmpg.org×1

Social

DNS records live

NS
  • ns-1300.awsdns-34.org
  • ns-1913.awsdns-47.co.uk
  • ns-268.awsdns-33.com
  • ns-898.awsdns-48.net
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 18 TXT records
  • figma-domain-verification=88e800135afe976e02d773be96393221457742625e4909e3293861f2fb360e12-1759914719
  • gbd7nakln3j7peo135tpgoo619
  • google-site-verification=7j44YdLpVq10AmlMPN4zwMv2RwWdN6dt5rIJ_lys7vY
  • mixpanel-domain-verify=b1fe990b-8bc4-496a-9cbf-223563efcf7c
  • mongodb-site-verification=727NYlyDmKb8Pd4be6bkZ71a0ucHvXxL
  • notion-domain-verification=RgyI4ppF2EyOkkzgwXZX4Snne7EuIPVRWco0UcLzerb
  • openai-domain-verification=dv-d7x5thQuZeqzKL3ekd0kBgMP
  • slack-domain-verification=6oevX8F4GV2TCeFTusgEPJQzX4eipwjnsMAGv3MC
  • zapier-domain-verification-challenge=65ffec6d-ea34-4548-8ecd-a3f47caf57a5
  • zoho-verification=zb51527363.zmverify.zoho.com
  • BC3BA05D70
  • MS=ms33167143
  • adobe-idp-site-verification=45362b7b88fe0eaf16bf91ef060fbdab2f9e59ecfd0b41faabf0af9137fcd01b
  • anthropic-domain-verification-t0pzbn=dTPkN71s7Mkco9GqmGDczmC4W
  • apple-domain-verification=G4kb6eF6JMAzyG3m
  • atlassian-domain-verification=1Wj/u4lGPHvKcpNtPxzrMy9b4U36pkQBFLYivBzV4esmzCgNbDqw5JAld8X5nJjf
  • cursor-domain-verification-5t2edw=FX9RNQI4MljeAFjPstG3tBUC3
  • docusign=78b04d04-eb66-4e45-9718-491e8bf7ad31

Email authentication strong

SPF
v=spf1 include:_spf.google.com include:mail.zendesk.com include:_spf.salesforce.com include:4700023.spf03.hubspotemail.net -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:dmarc_agg@vali.email,mailto:it@pentera.io
policy: quarantine
DKIM
Show 4 DKIM selectors
  • default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/zyXPF997Zg0NeNVDt3VR1oOZFyB9xzhKHyJD/zNkdzrE/2OuGjV6MJv1Ov9arbwdKklMA+w8mRQp…
  • google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4YpVqCX9imH3laPk37BpLKZF0SR2ONgJjm40xrlDw0AHd2IyCu2E7mdo6XnDri7AaivN3CIZc46Mfpvh8h9…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MPh6XWsLkJ5U9PiMMkY03k+BoktElFbbA1HU4dl4R1hlNsbIomfKxWynbHz3gvfKa8+5b1XDLi5JvXg2S…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHSvzollf/wIj7h58AUOTuEUX8MFIntFHg1h2hh/W5rFoDDPvs+mx+AgjcYtklfjxsWJo9lYDKQgPgHbLa…
selectors probed

Certificate (current)

WE1
from 2026-03-23 to 2026-06-21
Expires in 32 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://pentera.io/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
origin
x-frame-options
DENY
permissions-policy
geolocation=0,midi=0,notifications=0.;push=0,sync-xhr=0,microphone=0,camera=0,magnetometer=0,gyroscope=0,speaker=(self),fullscreen=(self),payment=0
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com https://js.qualified.com https:; img-src 'self' https: data:; connect-src 'self' https: wss://ws4.qualified.com wss://*.qualified.com wss://*.hotjar.com; frame-src 'self' https: https://documentcloud.adobe.com; media-src 'self' https://js.qualified.com; worker-src 'self' blob:; report-to csp; report-uri https://pentera.io/wp-json/security/v1/csp-reports
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (4)

Linked from (5)