plan-group.com

HTML metadata

Title: Plan Group | Home
Description: Every day, across the Electrical, Mechanical and Technology fields, we design, build, operate & maintain the most noteworthy spaces in Canada. [node:]
Language: en
Canonical: https://www.plan-group.com/

Technology

CDN: Akamai

Analytics

Google Tag Manager

Cookie consent

OneTrust

Fonts

Google Fonts

Third-party hosts loaded (4)

cdn.jsdelivr.net×5
fonts.googleapis.com×2
cdn.cookielaw.org×1
www.googletagmanager.com×1

Social

Contact

Phone

416.635.9050

Address

1 place Samuel de Champlain, 92400, Courbevoie, FR

Registration

Registrar

Gandi SAS

Created

1997-12-22

Expires

2031-12-21 2041 days left

Updated

2025-09-08

Name servers

ns-1368.awsdns-43.org
ns-1794.awsdns-32.co.uk
ns-73.awsdns-09.com
ns-906.awsdns-49.net

DNS records live

NS

ns-1368.awsdns-43.org
ns-1794.awsdns-32.co.uk
ns-73.awsdns-09.com
ns-906.awsdns-49.net

MX

10 plangroup-com01b.mail.protection.outlook.com

TXT

Show 12 TXT records

tt7uip4d7vdc5pv06ogdgg8l1q
3vs7bomp29avpdlmdppsuq6hm8
81e1hshckt24hf7ql5pjh1smqc
MS=ms43242930
ZXUtd2VzdC0xX3JSWFRxaE1oQw==
_7v4qn9bak3196xhjo52r9ifr7wfyt7u
_jwpb85i26suellqhv6nxc5to16jafn1
atlassian-domain-verification=cIhhElwO2CE6l64PELWK0FYYShcKzJ0IFwYTyqsSP8yaHv9ozPal2JPm/mvoBrzp
autodesk-domain-verification=vZk4MWOfLycmbi_ohbX3
docusign=1d6c8a11-9123-4b58-b82e-7a862f730dd7
docusign=cac6a77b-8164-449f-b6c1-e91ccfabe792
jmakjash5pm0pd88v14ol2ujci

Email authentication strong

SPF

v=spf1 mx include:spf.protection.outlook.com a:concentrateur.bouygues-construction.com include:_gtw.equans.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; fo=1; ri=3600; rua=mailto:5fcnr3lu@ag.eu.dmarcadvisor.com; ruf=mailto:5fcnr3lu@fr.eu.dmarcadvisor.com;

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB0i4srvEX3Yz2k21AHAPjLW2XfuaCWxYhh6PSwS9IUGu9wQTJctJEv7qzOICLy5EXzx98W94RBd2s…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7eK8bn/ZmUlrqKF9CLFs5O4rzwiFHGFJ/nGdZFO+R2PnQSxUS0Q7AfwSogdJ+37sXn3m1rrQx1ssL8…

selectors probed

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1

from 2025-07-24 to 2026-07-24

Expires in 65 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.plan-group.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection
missing Permissions Policy

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: ALLOW-FROM https://share-eu1.hsforms.com
x-content-type-options: nosniff
content-security-policy: default-src 'none' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com www.googletagmanager.com snap.licdn.com cookie-cdn.cookiepro.com cdn.cookielaw.org googletagmanager.com *.googleapis.com cdnjs.cloudflare.com www.google.com www.gstatic.com www.buzzsprout.com/ cdn.jsdelivr.net/gh/ckeditor/ static.pathmotion.io pathmotion.com equans.career-inspiration.com/ *.doubleclick.net *.googleadservices.com connect.facebook.net fbcdn.net cdn.jsdelivr.net consent.cookiebot.com siteimproveanalytics.com cdn.matomo.cloud cdn.siteimprove.net www.youtube-nocookie.com unpkg.com odyssiant.azureedge.net *.bootstrapcdn.com js-agent.newrelic.com *.linkedin.com snippet.capybara.lmc.cz s.go-mpulse.net tags.data-driven.fr *.byspotify.com *.tiktok.com cdn.cookielaw.org eu.textrecruit.com *.hotjar.com sc-static.net secure.data-insight365.com cdn.leadinfo.net *.ldnfrpl.com *.youtube.com bat.bing.net bat.bing.com *.clarity.ms symposium.dashboard.davenhr.com a.usbrowserspeed.com tag.demandbas
strict-transport-security: max-age=15768000

Links to (4)

Linked from (2)

equans-na.com×4
buildingtransformations.org×2