lassuranceretraite.fr

HTML metadata

Title: L'Assurance retraite – La retraite de la Sécurité sociale
Description: Site internet officiel de l'Assurance retraite – Informations sur la retraite et l'action sociale et les démarches en ligne.
Language: fr
Canonical: https://www.lassuranceretraite.fr/portail-info/home.html

Technology

Third-party hosts loaded (1)

tag.aticdn.net×1

Social

Registration

Registrar

CNAV - Caisse Nationale d'Assurance Vieillesse Travail Salariés

Created

2008-03-20

Expires

2027-03-20 303 days left

Updated

2026-04-30

Name servers

ns0.cnav.fr
ns1.cnav.fr

DNS records live

NS

ns0.cnav.fr
ns1.cnav.fr

MX

5 mx1.hc898-42.eu.iphmx.com
5 mx2.hc898-42.eu.iphmx.com

TXT

145.239.37.162

Verified for

Apple
Brevo

Email authentication partial

SPF

v=spf1 include:spf1.cnav.fr include:spf2.cnav.fr include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:cnav.rua@emailsecurity.merox.io;

policy: none (monitoring only)

DKIM

mail: v=DKIM1;k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+ls…

selectors probed

Certificate (current)

Sectigo Qualified Website Authentication CA R35

from 2025-06-19 to 2026-06-20

Expires in 30 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.lassuranceretraite.fr/portail-info/home.html

present

strict-transport-security
content-security-policy
content-security-policy-report-only
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: connect-src 'self' https://*.lassuranceretraite.fr/ https://platform.twitter.com/ https://*.sibforms.com/ https://sibforms.com/ https://static.brevo.com/ https://translate.googleapis.com/ https://*.inbenta.io/ https://www.google.com/recaptcha/ https://fra-col.eum-appdynamics.com/ https://logs1409.xiti.com/ https://ddjhjpv.pa-cd.com; font-src 'self' data: https://*.lassuranceretraite.fr/ https://assets.brevo.com/ https://*.inbenta.io/ https://fonts.gstatic.com/; manifest-src 'self'; media-src 'self' data:; object-src 'self'; worker-src 'self'; style-src-elem 'self' 'unsafe-inline' https://*.lassuranceretraite.fr/ https://sibforms.com/ https://www.gstatic.com/ https://fonts.googleapis.com/ https://sdk.inbenta.io/; style-src 'self' 'unsafe-inline' https://*.lassuranceretraite.fr/ https://sibforms.com/ https://www.gstatic.com/ https://sdk.inbenta.io/ https://fonts.googleapis.com/; frame-src 'self' blob: lassuranceretraite.fr https://*.lassuranceretraite.fr/ https://*.sibforms.com/ https://
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: connect-src 'self' https://*.lassuranceretraite.fr/ https://platform.twitter.com/ https://*.sibforms.com/ https://sibforms.com/ https://static.brevo.com/ https://translate.googleapis.com/ https://*.inbenta.io/ https://www.google.com/recaptcha/ https://fra-col.eum-appdynamics.com/ https://logs1409.xiti.com/ https://ddjhjpv.pa-cd.com; font-src 'self' data: https://*.lassuranceretraite.fr/ https://assets.brevo.com/ https://*.inbenta.io/ https://fonts.gstatic.com/; manifest-src 'self'; media-src 'self' data:; object-src 'self'; worker-src 'self'; style-src-elem 'self' 'unsafe-inline' https://*.lassuranceretraite.fr/ https://sibforms.com/ https://www.gstatic.com/ https://fonts.googleapis.com/ https://sdk.inbenta.io/; style-src 'self' 'unsafe-inline' https://*.lassuranceretraite.fr/ https://sibforms.com/ https://www.gstatic.com/ https://sdk.inbenta.io/ https://fonts.googleapis.com/; frame-src 'self' blob: lassuranceretraite.fr https://*.lassuranceretraite.fr/ https://*.sibforms.com/ https://