Open
Cached
·
just now
91/100
SECURITY SCORE
Certificate Information
Subject
C=FR, ST=Auvergne-Rhône-Alpes, O=SOPRA STERIA GROUP, CN=soprasteria.com
Issuer
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Organization Validation Secure Server CA
Valid From
April 23, 2025
Valid Until
April 29, 2026
126 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
00:F5:39:29:4E:4F:02:15:48:F9:16:8A:13:65:04:E8:67:1B:57:59:66:88:96:AC:23:8E:3F:57:7B:EE:31:12
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
Basic
default-src; script-src; style-src; +6 more
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com https://cdn.insight.sitefinity.com https://youtube.com https://player.vimeo.com/api/player.js https://vjs.zencdn.net/7.11.4/video.min.js connect.facebook.net platform.twitter.com https://syndication.twitter.com/ https://analytics.twitter.com/i/adsct platform.linkedin.com https://www.linkedin.com/ https://s.ytimg.com https://publish.twitter.com https://twitter.com/ https://static.ads-twitter.com/uwt.js ajax.aspnetcdn.com *.twimg.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://sopra-steria.career-inspiration.com/js/fbapppromobox.js https://snap.licdn.com/ https://sjs.bizographics.com/insight.min.js https://secure.quantserve.com/quant.js https://rules.quantcount.com/rules-p-U-rxjfyRkAJ0Y.js https://static.pathmotion.io/initjs/init.min.js https://rules.quantcount.com/rules-p-5eXwvumSeTF0n.js *.lfeeder.com *.leadfeeder.com https://pi.pardot.com/pd.js https://snap.licdn.com/li.lms-analytics/insight.old.min.js https://pi.pardot.com/ https://go.soprasteria.de/ https://walls.io/js/ https://ytimg.com https://siteimproveanalytics.com/js/siteanalyze_6035851.js https://npmcdn.com/[email protected]/imagesloaded.pkgd.js https://tags.inzynk.io/cl383xbw/iztag.js https://analytics.inzynk.io/v/cl383xbw https://player.gobistories.com/index.js https://www.buzzsprout.com https://tag.aticdn.net/piano-analytics.js https://*.xiti.com https://*.ati-host.net https://*.aticdn.net https://unpkg.com https://tagmanager.google.com *.googletagmanager.com *.goldenbees.fr/ https://cdn.goldenbees.mgr.consensu.org/ https://cdnjs.cloudflare.com/ajax/libs/videojs-youtube/2.5.0/Youtube.min.js https://cdnjs.cloudflare.com/ajax/libs/xlsx/0.16.6/xlsx.full.min.js https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.3/Chart.min.js https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.6.1/iframeResizer.min.js https://www2.soprasteria.no https://analytics.inzynk.io */widget/v1/sr-job-alerts.js https://widget.gobistories.com/ https://js.datadome.co/tags.js js.datadome.co https://karriere.soprasteria.de https://karriere.css.soprasteria.de https://karriere.css.soprasteria.de/post_message_receiver.js https://cdn.mouseflow.com https://survey.survicate.com https://surveys-static.survicate.com https://surveys-static-prd.survicate-cdn.com *.usercentrics.eu embed.vev.page https://js-eu1.hsforms.net/ https://js-eu1.hscollectedforms.net/ https://js-eu1.hs-scripts.com https://js-eu1.hs-banner.com/ https://js-eu1.hsadspixel.net/ https://js-eu1.hs-analytics.net/ https://js-eu1.hubspot.com/ *.ceros.com *.hsadspixel.net *.hs-analytics.net js.hscta.net js-eu1.hscta.net *.hubspot.com static.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspot.net *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com feedback.hubapi.com feedback-eu1.hubapi.com *.mouseflow.com https://go.soprahr.com/ *.eloqua.com *.en25.com *.oraclecloud.com eloqua.soprasteria.co.uk https://www.google.com/recaptcha/enterprise.js https://www.youtube.com/ *.inzynk.io https://www.googleadservices.com https://www.google.com https://www.googletagmanager.com https://pagead2.googlesyndication.com https://googleads.g.doubleclick.net https://cdn.jsdelivr.net/npm/[email protected]/iXBRLViewerPlugin/viewer/dist/ixbrlviewer.js; style-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com kendo.cdn.telerik.com https://cdn.insight.sitefinity.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com https://tagmanager.google.com/debug/css.css https://pixel.quantserve.com/pixel https://vjs.zencdn.net/7.11.4/video-js.css https://www.googletagmanager.com/debug/badge.css https://surveys-static.survicate.com https://surveys-static-prd.survicate-cdn.com *.eloqua.com *.en25.com *.oraclecloud.com eloqua.soprasteria.co.uk; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com data: https://surveys-static.survicate.com https://surveys-static-prd.survicate-cdn.com *.mouseflow.com; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com *.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://*.insight.sitefinity.com https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com *.eloqua.com track.hubspot.com https://dc.ads.linkedin.com/collect/ https://px.ads.linkedin.com/ https://t.co/i/adsct https://counter.adcourier.com https://stats.g.doubleclick.net/r/collect https://pixel.quantserve.com/ data: blob: *.cdninstagram.com *.lfeeder.com *.leadfeeder.com *.google.fr/ads/ *.google.com/ads/ https://i.ytimg.com/ https://hellojaiblog.files.wordpress.com https://media.giphy.com https://s3.eu-central-1.amazonaws.com https://ytimg.com https://6035851.global.siteimproveanalytics.io/ https://conv.indeed.com/pagead/conv/5314231913872130/ https://img.youtube.com/ https://media-proxy.gobistories.co/ https://res.cloudinary.com https://ad.doubleclick.net https://analytics.twitter.com https://www.googletagmanager.com https://surveys-static.survicate.com https://surveys-static-prd.survicate-cdn.com https://assets.survicate.com https://img.survicate.com https://images.unsplash.com *.usercentrics.eu https://www.buzzsprout.com https://forms-eu1.hsforms.com/ https://perf-eu1.hsforms.com/ https://track-eu1.hubspot.com/ js.hscta.net js-eu1.hscta.net no-cache.hubspot.com *.hubspot.com *.hubspot.net cdn2.hubspot.net *.hsforms.net *.hsforms.com *.ads.linkedin.com i.vimeocdn.com https://www.soprasteria.nl https://www.soprasteria.lu *.mouseflow.com *.eloqua.com *.en25.com *.oraclecloud.com eloqua.soprasteria.co.uk https://www.soprasteria.be https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.google.com https://google.com https://www.google.fr https://www.google.com https://pagead2.googlesyndication.com; media-src 'self' data: blob: https://firebasestorage.googleapis.com https://s3.eu-central-1.amazonaws.com https://youtube.com https://googlevideo.com https://www.youtube.com/ https://res.cloudinary.com https://smartcdn.dam.gettyimages.com/ https://cdn.soprasteria.com/ https://publish-p153311-e1620657.adobeaemcloud.com https://www.soprasteria.com; frame-src 'self' https://platform.twitter.com/ https://www.youtube.com/ https://youtu.be/ https://player.vimeo.com/ https://karriere.soprasteria.de/ https://candidate.hr-manager.net/ https://my.walls.io/ https://sopra.symex.be/ https://charts.symex.be/ https://maps.google.com/ https://sopra-steria.career-inspiration.com/ https://youtube.com https://app.livestorm.co/ https://www.buzzsprout.com https://forms.office.com/ https://app.powerbi.com/ https://subscriptions.smartrecruiters.com/ https://go.soprasteria.com/ https://smrtr.io/ https://join.smartrecruiters.com/ *.doubleclick.net https://it-economics.jobs.personio.de/ https://karriere.css.soprasteria.de https://soprasteria.jobs.personio.de/ https://view.ceros.com/ *.hubspot.com *.hs-sites.com *.hs-sites-eu1.com *.hubspot.net play.hubspotvideo.com play-eu1.hubspotvideo.com *.hsforms.net *.hsforms.com https://forms-eu1.hsforms.com/ *.mouseflow.com https://go.soprahr.com/ *.eloqua.com *.en25.com *.oraclecloud.com eloqua.soprasteria.co.uk https://www.google.com/ https://www.googletagmanager.com/ https://www.googletagmanager.com https://td.doubleclick.net https://go.pardot.com/; child-src 'self' blob: *.twitter.com https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com *.facebook.com badge.stumbleupon.com https://charts.symex.be/ https://sopra.symex.be/ https://sopra-steria.career-inspiration.com/ https://candidate.hr-manager.net/ https://karriere.soprasteria.de/ *.hsforms.com *.mouseflow.com; connect-src 'self' accounts.google.com. *.sitefinity.com *.mktoresp.com https://maps.googleapis.com/ https://vimeo.com/ https://www.digitale-exzellenz.de https://www.instagram.com *.lfeeder.com *.leadfeeder.com https://stats.g.doubleclick.net/ https://www.linkedin.com/ *.linkedin.com https://api.gobistories.co/ https://api.gobistories.com/ https://res.cloudinary.com https://*.xiti.com https://*.pa-cd.com https://*.ati-host.net https://*.aticdn.net https://cdn.linkedin.oribi.io https://analytics.inzynk.io https://o2.mouseflow.com https://eu-api.friendlycaptcha.eu https://respondent.survicate.com https://survey.survicate.com *.usercentrics.eu https://forms-eu1.hsforms.com/ https://forms-eu1.hscollectedforms.net/ https://api-eu1.hubapi.com/ https://cta-eu1.hubspot.com/ *.hubapi.com js.hscta.net js-eu1.hscta.net *.hubspot.com *.hs-banner.com *.hscollectedforms.net *.hsforms.com *.mouseflow.com https://www.google.com/ccm/collect https://pagead2.googlesyndication.com https://www.googleadservices.com https://www.google.com https://google.com;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
61 domains
soprasteria.be
www.soprasteria.be
www.cimpa.com
www.cimpa.fr
www.fondationsoprasteria.org
mysoprahr.com
www.soprahr.com
soprasteria.at
www.soprasteria.at
soprasteria.bg
www.soprasteria.bg
soprasteria.ca
www.soprasteria.ca
soprasteria.ch
www.soprasteria.ch
soprasteria.co.uk
www.soprasteria.co.uk
myportal.soprasteria.com
parisairshow.soprasteria.com
soprasteria.com
support.soprasteria.com
techmeup.soprasteria.com
www.masters.soprasteria.com
www.missionhandicap.soprasteria.com
www.passerelles.soprasteria.com
www.soprasteria.com
www.support.soprasteria.com
www.techmeup.soprasteria.com
cpx.soprasteria.de
css.soprasteria.de
gasx.soprasteria.de
iss.soprasteria.de
soprasteria.de
www.iss.soprasteria.de
www.soprasteria.de
soprasteria.dk
www.soprasteria.dk
soprasteria.es
www.soprasteria.es
soprasteria.fr
www.soprasteria.fr
soprasteria.in
www.soprasteria.in
soprasteria.it
www.soprasteria.it
soprasteria.lu
www.soprasteria.lu
soprasteria.nl
www.soprasteria.nl
innhold.soprasteria.no
soprasteria.no
www.soprasteria.no
soprasteria.pl
www.soprasteria.pl
soprasteria.se
www.soprasteria.se
soprasteria.us
www.soprasteria.us
www.soprasterianext.com
www.soprasterianext.fr
soprasteriascaleup.com
Other domains in certificate