vinci-facilities.be

HTML metadata

Technology

jQuery

3.7.1

Social

• linkedin
• facebook
• instagram
• youtube

DNS records live

NS

• ns0.infravesi.com
• ns1.infravesi.com
• nsa.perf1.fr
• nsb.perf1.com
• nsc.perf1.com

MX

• 5 vincifacilities-be01c.mail.protection.outlook.com

Verified for

• Microsoft 365

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:spf.protection.vinci-energies.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc@vinci-energies.com; pct=100; sp=reject

policy: reject (enforced) · sp=reject

DKIM

• selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCLHQQrtyVTIAMrCBM11tYRI1+z/l0QC/jdlQXoA647dJvEFwALUO3ZnWCJhUXfMrrnHVJQHUmOlFHq4Tm1JV…
• selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDV3cNJloctsW/wenpxbpG3ZgwemvClJuhqIlc/FuW1vI0oXfrLCgtKFT6ZRIc92V3QJfAHRMgs15XAiOLt1q…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.vinci-facilities.be/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy

findings

• CSP allows unsafe inline scripts/styles
• missing Permissions Policy

Links to (8)

• youtube.com×1
• vinci-facilities-workspaces.be×1
• vinci-energies.com×1
• vinci-energies.be×1
• linkedin.com×1
• instagram.com×1
• facebook.com×1
• beehire.com×1

Linked from (1)

• electro-test.be×1