axians.ch

HTML metadata

Technology

jQuery

3.7.1

Analytics

• Google Tag Manager

Third-party hosts loaded (4)

• js-eu1.hs-scripts.com×2
• js-eu1.hsforms.net×1
• secure.left5lock.com×1
• www.googletagmanager.com×1

Social

• linkedin
• facebook
• instagram
• youtube

DNS records live

NS

• ns0.infravesi.com
• ns1.infravesi.com
• nsa.perf1.fr
• nsb.perf1.com
• nsc.perf1.com

MX

• 10 mail.clouddataservices.ch

TXT

Show 4 TXT records

• vjr9j6dhie4k32cpt3rf5bgis7
• rlus1gs69059rna92bqcd9bj92
• v295bcfeeq133trpuddfsdtns2
• swisssign-check=tw25qYT3IZ5CBm8AUvb6KxmZbTU

Verified for

• Atlassian
• DocuSign
• Dynamics 365
• Google
• Microsoft 365
• Zoho

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:spf.protection.vinci-energies.com include:_spf.clouddataservices.ch -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc@vinci-energies.com; pct=100; sp=reject

policy: reject (enforced) · sp=reject

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqKqhgaQ6f/miRXMY3x3kpTbju23l0xzb3LdQ+ib2D8ZDK0uEpK+fBZR8btM923ggFYbmHmTRKcY8B…

selectors probed

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.axians.ch/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy

findings

• CSP allows unsafe inline scripts/styles
• missing Permissions Policy

Links to (7)

• axians.com×1
• breitbandreise.ch×1
• facebook.com×1
• instagram.com×1
• linkedin.com×1
• vinci-energies.ch×1
• youtube.com×1

Linked from (7)

• cloudnativeday.ch×1
• axians-infoma.ch×1
• breitbandreise.ch×1
• python-summit.ch×1
• vinci-energies.ch×1
• cloudnativezurich.ch×1
• axians.com×1