sosafe-awareness.com

HTML metadata

Title

Security awareness and human risk management

Description

With our behavioural science-based platform, you continuously empower your employees to protect your organisation.

Language

en

Generator

WPML ver:4.9.2 stt:37,1,4,3,27,2;

Canonical

https://sosafe-awareness.com/

Translations

de
en
es
fr
it
nl

Open Graph

url: https://sosafe-awareness.com/
title: Security awareness and human risk management
locale: en_US
site name: SoSafe
description: With our behavioural science-based platform, you continuously empower your employees to protect your organisation.
updated time: 2026-04-09T11:23:17+02:00

Technology

CDN: Cloudflare
CMS: WordPress

Analytics

Amplitude
Google Tag Manager

Cookie consent

Cookiebot

Third-party hosts loaded (7)

dev.visualwebsiteoptimizer.com×3
cdn.eu.amplitude.com×2
js.hsforms.net×2
consent.cookiebot.com×1
euob.withflowersea.com×1
obseu.withflowersea.com×1
www.googletagmanager.com×1

Social

Contact

Address: Lichtstraße 25a, 50825, Köln, DE

Registration

Registrar

RegistryGate GmbH

Created

2019-04-25

Expires

2027-04-25 339 days left

Updated

2026-04-26

Name servers

ns-1153.awsdns-16.org
ns-1643.awsdns-13.co.uk
ns-287.awsdns-35.com
ns-758.awsdns-30.net

DNS records live

NS

ns-1153.awsdns-16.org
ns-1643.awsdns-13.co.uk
ns-287.awsdns-35.com
ns-758.awsdns-30.net

MX

1 smtp.google.com

TXT

c2a81a49-f45b-4621-a91b-9a18aff3e0b2
ca3-4135ebf9f895457395635b8d89ec3ec8
v=spf1 include:spf.protection.outlook.com include:_spf.google.com include:spf-eu.emailsignatures365.com include:8858700.spf05.hubspotemail.net -all

Verified for

Anthropic
Apple
Atlassian
Google
Meta

Certificate (current)

WE1

from 2026-03-28 to 2026-06-26

Expires in 37 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://sosafe-awareness.com/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: no-referrer-when-downgrade
permissions-policy: payment=(self), geolocation=(self), microphone=(self), camera=(self), display-capture=(self), fullscreen=(self), accelerometer=(), gyroscope=(), magnetometer=()
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' sosafeawareness.matomo.cloud https://sosafe.local *.sosafe-stage.de *.sosafe-dev.de *.sosafe.de *.sosafe-awareness.com *.sosafe-security.com *.sosafe-security-dev.com *.sosafe-security-stage.com; script-src 'unsafe-inline' 'unsafe-eval' blob: data: localhost localhost:3000 cdn.matomo.cloud sosafeawareness.matomo.cloud apis.google.com www.googletagmanager.com sosafe.local huficon.local *.sosafe-awareness.com sosafe-awareness.com www.google-analytics.com snap.licdn.com bat.bing.com px.ads.linkedin.com adservice.google.com *.doubleclick.net *.gravatar.com boards-api.greenhouse.io boards.eu.greenhouse.io *.hsforms.net *.hsforms.com *.hubspot.com play.google.com www.googleadservices.com *.hotjar.com *.hs-scripts.com js.hs-analytics.net js.hsadspixel.net js.hscollectedforms.net *.hs-banner.com js.hsleadflows.net connect.facebook.net cdn.transifex.com humanfirewallconference.kinsta.cloud humanfirewallconference.com *.humanfirewallconference.com human-firewall-conference
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-resource-policy: cross-origin