indexo.dev

vena.io

.io crawl

First seen 2026-04-20 · Last seen 2026-05-14 · ok HTTP/1.1 200 934 ms crawled 2026-05-14

IE · 54.73.163.211 · AS16509 Amazon.com, Inc.

Reputation 100/100

sector tech type homepage

HTML metadata

Title
Vena Solutions
Description
Accurate budgets, plans & forecasts you can trust. Vena transforms Microsoft Excel into your ultimate financial planning and analysis software.
Language
en

Technology

Server
nginx

DNS records live

NS
  • ns-1078.awsdns-06.org
  • ns-1851.awsdns-39.co.uk
  • ns-400.awsdns-50.com
  • ns-690.awsdns-22.net
MX
  • 10 ca-smtp-inbound-1.mimecast.com
  • 10 ca-smtp-inbound-2.mimecast.com
TXT
Show 5 TXT records
  • OSSRH-85830
  • Target: 0ed1fe018a08b9a7b11f184b3db2d592b5cc73addc
  • google-site-verification=vi0ojmj703-o7Ppx3uBSPBbMDEhvk0LGbvL8bU6V_3E
  • taqk889tf4f7p7ciou2as1e6c4
  • MS=ms32664879

Email authentication strong

SPF
v=spf1 include:ca._netblocks.mimecast.com -all
strict (-all)
DMARC
v=DMARC1;p=reject;pct=100;rua=mailto:448f4f781b@rua.easydmarc.us;ri=86400;fo=1
policy: reject (enforced)
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQSSa7Va6dDwM5S020gDMvj5Edgq4h6pOdeICpg+LCANl+m/XAowttHjUpNCVkTHo6TWU6/LeBk0Un…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApszGaJTueB4b6RQU/qDbMMna7N6Jor0ncwhLFYaRAQErqMXxudcah88mn4fL9JMVAAxjy//CKwZAMXXKk0…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCmINTq0DOe0ddStT4UDCHHbLFa0T+CBW2fv9NtbWvS570Z6ia846bw2h+fX1DzQ4VpkKeRpr6JEOuUr5bLhTbGL1…
selectors probed

Certificate (current)

Amazon RSA 2048 M01
from 2025-12-01 to 2026-12-30
Expires in 224 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://vena.io/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Permissions Policy
Header values
referrer-policy
origin
x-content-type-options
nosniff
content-security-policy
default-src 'none'; object-src 'none'; worker-src 'self' https://*.vena.io blob:; base-uri 'self'; style-src 'self' 'unsafe-inline' cdn.vena.io *.pendo.io https://pendo-static-5675147559960576.storage.googleapis.com; img-src 'self' cdn.vena.io *.vena.io *.pendo.io *.zendesk.com *.zdusercontent.com *.smooch.io *.zdassets.com blob: https://app.hubspot.com/ https://forms.hsforms.com/ https://stats.g.doubleclick.net/ https://f.hubspotusercontent30.net *.hubspotusercontent-na1.net *.hubspotusercontent-eu1.net https://pendo-static-5675147559960576.storage.googleapis.com https://track.hubspot.com/ *.office.net data:; media-src 'self' cdn.vena.io *.zdassets.com *.vena.io; script-src 'self' 'unsafe-eval' cdn.vena.io *.pendo.io pendo-io-static.storage.googleapis.com js.hs-scripts.com https://js.usemessages.com/ https://js.hs-analytics.net/ https://js.hscollectedforms.net/ https://js.hs-banner.com/ https://js-na1.hs-scripts.com/ *.hs-scripts.com/ js.hsadspixel.net js.hsleadflows.net 'sha256-SbiQe
strict-transport-security
max-age=31536000; includeSubDomains

Linked from (2)

See all sites whose homepage links to vena.io →