indexo.dev

soprasteria.be

.be crawl

First seen 2026-06-01 · Last seen 2026-06-04 · ok HTTP/1.1 200 1422 ms crawled 2026-06-02

US · 99.83.193.31 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Sopra Steria Belux | The world is how we shape it
Description
Sopra Steria, a European leader in consulting, digital services and software development, helps its clients drive their digital transformation to obtain tangible and sustainable benefits.
Language
en
Canonical
https://www.soprasteria.be

Open Graph

url
https://www.soprasteria.be/home
title
Sopra Steria Belux | The world is how we shape it
site name
Sopra Steria BENELUX

Technology

CDN
Amazon CloudFront
Server
nginx
ASP.NET
4.0.30319
Analytics
  • Google Tag Manager
Cookie consent
  • Usercentrics

Third-party hosts loaded (3)

  • privacy-proxy.usercentrics.eu×3
  • app.usercentrics.eu×1
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • ns1.netnames.net
  • ns2.netnames.net
  • ns5.netnames.net
  • ns6.netnames.net
MX
  • 10 relay1.netnames.net
  • 20 relay2.netnames.net
Verified for
  • Google

Email authentication weak

SPF
v=spf1 mx ip4:212.180.1.59/24 ip4:84.37.121.0/28 ip4:90.115.201.24/32 ip4:216.74.162.13/32 ip4:216.74.162.14/32 ip4:143.47.149.171 include:_spf.atoracle.com include:spf.protection.outlook.com include:_spf.prod.hydra.sophos.com -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Amazon RSA 2048 M04
from 2026-05-21 to 2026-12-05
Expires in 183 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.soprasteria.be/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com https://cdn.insight.sitefinity.com https://youtube.com https://player.vimeo.com/api/player.js https://vjs.zencdn.net/7.11.4/video.min.js connect.facebook.net platform.twitter.com https://syndication.twitter.com/ https://analytics.twitter.com/i/adsct platform.linkedin.com https://www.linkedin.com/ https://s.ytimg.com https://publish.twitter.com https://twitter.com/ https://static.ads-twitter.com/uwt.js ajax.aspnetcdn.com *.twimg.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org https://sopra-steria.career-inspiration.com/js/fbapppromobox.js https://snap.licdn.com/ https://sjs.bizographics.com/insight.min.js https://secure.quantserve.com/quant.js https://rules.quantcount.com/rules-p-U-rxjfyRkAJ0Y.js https://static.pathmotion.io/initjs/init.min.js https://rules.quan
strict-transport-security
max-age=31536000; includeSubDomains

Links to (5)

Linked from (2)