vinci-energies.be

HTML metadata

Title

Accueil - VINCI Energies Belgium

Description

VINCI Energies Belgium creates bespoke multi-technical solutions and services for energy, transport and communication infrastructure, as well as buildings, factories and IT systems.

Language

fr-FR

Canonical

https://www.vinci-energies.be/

Translations

en
fr
nl

Open Graph

url: https://www.vinci-energies.be/
title: Accueil - VINCI Energies Belgium
locale: fr_FR
site name: VINCI Energies Belgium
description: VINCI Energies Belgium creates bespoke multi-technical solutions and services for energy, transport and communication infrastructure, as well as buildings, factories and IT systems.
locale:alternate: nl_BE

Technology

CMS: WordPress
jQuery: 3.7.1

Social

DNS records live

NS

ns0.infravesi.com
ns1.infravesi.com
nsa.perf1.fr
nsb.perf1.com
nsc.perf1.com

MX

5 vincienergies-be01c.mail.protection.outlook.com

TXT

jEPiiRkbqOFshpyfP55NfTUhTTftx7SLgELFp05y5J41hz/zSNpaR4Gfr4qkKaIBUwbi/RF1740Lt0eeB73q9w==

Verified for

GlobalSign
Microsoft 365

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:spf.protection.vinci-energies.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc@vinci-energies.com; pct=100; sp=reject

policy: reject (enforced) · sp=reject

DKIM

selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCic9u3io8ST9w9VKhJhdZ1OCgqD0H0kihJkKrW3Ozd1DBbq/bTIk0To85ZWfdfBeIV9kpsDD7saukUxo2oxe…

selectors probed

Certificate (current)

R12

from 2026-03-09 to 2026-06-07

Expires in 6 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.vinci-energies.be/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
missing Permissions Policy

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src https:; font-src 'unsafe-inline' https: data:; child-src https: blob:; connect-src https: blob:; worker-src https: blob:; script-src 'unsafe-eval' 'unsafe-inline' 'self' https:; object-src; base-uri 'none'; style-src 'unsafe-inline' https: data:; img-src https: data:;
strict-transport-security: max-age=15552001; includeSubDomains;