Open
Cached
·
just now
84/100
SECURITY SCORE
Certificate Information
Subject
CN=msasafety.com
Issuer
C=AT, O=ZeroSSL, CN=ZeroSSL RSA Domain Secure Site CA
Valid From
November 10, 2025
Valid Until
February 08, 2026
71 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA384-RSA
SHA-256 Fingerprint
5E:64:99:27:2F:2A:E1:68:CC:3F:C1:0C:68:F3:79:B8:79:1F:E3:BE:03:9E:96:66:FB:00:E8:CD:A2:2A:05:CE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
Forward Secrecy
Limited
(Check cipher configuration)
Warnings
- • TLS 1.3 is not supported (recommended)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31557600
Content-Security-Policy
Basic
block-all-mixed-content; child-src; connect-src; +11 more
block-all-mixed-content; child-src blob:; connect-src 'self' https://*.scene7.com https://*.limelight.com https://*.google-analytics.com https://*.bing.com https://*.mktoresp.com https://*.doubleclick.net https://*.wisepops.com https://*.medallia.com https://*.kampyle.com https://*.msanet.com https://*.mapbox.com https://*.googlevideo.com https://*.llnw.net https://*.facebook.com https://*.cookielaw.org https://*.clarity.ms https://*.clickagy.com https://*.onetrust.com https://*.msasafety.com https://*.zoominfo.com https://*.usetiful.com https://*.mktoutil.com https://*.hotjar.io https://cdn.linkedin.oribi.io https://*.googleapis.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.rumiview.com wss://*.hotjar.com https://*.hotjar.com https://*.csp-1.com https://csp-1.picarioxpo.com https://*.tockify.com https://tockify.com https://app.getwisp.co https://*.wisepops.net https://*.qzzr.com https://*.algolianet.com https://*.algolia.net https://*.kudoboard.com https://*.curator.io https://*.pricespider.com https://cdnjs.cloudflare.com https://*.algolia.io https://wisepops.net https://*.tiles.mapbox.com wss: https://px.ads.linkedin.com https://*.niceincontact.com https://*.uplynk.com https://pactsafe.io https://lexipol.blueconic.net; default-src 'self'; font-src 'self' data: https://*.gstatic.com https://*.fontawesome.com https://*.cloudfront.net https://*.typekit.net https://*.pricespider.com https://*.niceincontact.com https://webapps.msanet.com; frame-src 'self' https://*.msasafety.com https://*.msanet.com https://*.google.com https://*.doubleclick.net https://*.marketo.com https://*.bing.com https://*.hotjar.com https://*.medallia.com https://*.zoho.com https://*.metalocator.com https://*.youtube.com https://*.sierramonitor.com https://*.123formbuilder.com https://*.clickagy.com https://*.facebook.com http://*.msanet.com https://*.webdamdb.com https://*.force.com https://*.office.com https://*.csp-1.com https://msasafety.wufoo.com https://*.tockify.com https://tockify.com https://*.vimeo.com https://www.firegrantshelp.com https://*.qzzr.com https://*.riddle.com https://*.surveymonkey.com https://www.mybacharach.com https://*.kudoboard.com https://*.extforms.netsuite.com https://*.app.netsuite.com https://*.marketingautomation.services https://*.wisepops.com https://*.wisepops.net https://wisepops.net https://insight.adsrvr.org https://msa.webdamdb.com/ https://*.niceincontact.com https://*.instagram.com https://jfrog-prod-use1-shared-virginia-main.s3.amazonaws.com https://*.googletagmanager.com https://content.uplynk.com https://msasafety700.outgrow.us https://*.uplynk.com; img-src data: 'self' https://*.scene7.com https://*.googletagmanager.com https://*.pricespider.com https://*.googleadservices.com https://*.linkedin.com https://*.doubleclick.net https://*.bing.com https://*.facebook.com https://*.google-analytics.com https://*.cookielaw.org https://*.clarity.ms https://*.metalocator.com https://*.msasafety.com https://*.msanet.com https://*.webdamdb.com https://*.kickfire.com https://*.kampyle.com https://*.simpli.fi https://*.rumiview.com https://*.webtraxs.com https://*.analytics.google.com https://*.adroll.com https://*.g.doubleclick.net https://*.ads.linkedin.com https://*.clickagy.com https://*.msafire.com https://*.content.video.llnw.net https://*.csp-1.com https://csp-1.picarioxpo.com https://id.rlcdn.com https://pixel-sync.sitescout.com https://blog.sierramonitor.com https://*.wisepops.net https://dx4nr741tfc02.cloudfront.net https://wisp-production-storage.s3.amazonaws.com https://*.wisepops.com https://*.mapbox.com https://safetyio.com https://*.safetyio.com blob: https://img.delvenetworks.com https://pixel-geo.prfct.co https://blog.fieldserver.com https://curator-assets.b-cdn.net https://*.curator.io https://*.niceincontact.com/ https://dummyimage.com https://*.placeholder.com https://placehold.it https://*.uplynk.com https://media.msasafety.com.cn https://*.google.com https://*.google.ad https://*.google.ae https://*.google.com.af https://*.google.com.ag https://*.google.al https://*.google.am https://*.google.co.ao https://*.google.com.ar https://*.google.as https://*.google.at https://*.google.com.au https://*.google.az https://*.google.ba https://*.google.com.bd https://*.google.be https://*.google.bf https://*.google.bg https://*.google.com.bh https://*.google.bi https://*.google.bj https://*.google.com.bn https://*.google.com.bo https://*.google.com.br https://*.google.bs https://*.google.bt https://*.google.co.bw https://*.google.by https://*.google.com.bz https://*.google.ca https://*.google.cd https://*.google.cf https://*.google.cg https://*.google.ch https://*.google.ci https://*.google.co.ck https://*.google.cl https://*.google.cm https://*.google.cn https://*.google.com.co https://*.google.co.cr https://*.google.com.cu https://*.google.cv https://*.google.com.cy https://*.google.cz https://*.google.de https://*.google.dj https://*.google.dk https://*.google.dm https://*.google.com.do https://*.google.dz https://*.google.com.ec https://*.google.ee https://*.google.com.eg https://*.google.es https://*.google.com.et https://*.google.fi https://*.google.com.fj https://*.google.fm https://*.google.fr https://*.google.ga https://*.google.ge https://*.google.gg https://*.google.com.gh https://*.google.com.gi https://*.google.gl https://*.google.gm https://*.google.gr https://*.google.com.gt https://*.google.gy https://*.google.com.hk https://*.google.hn https://*.google.hr https://*.google.ht https://*.google.hu https://*.google.co.id https://*.google.ie https://*.google.co.il https://*.google.im https://*.google.co.in https://*.google.iq https://*.google.is https://*.google.it https://*.google.je https://*.google.com.jm https://*.google.jo https://*.google.co.jp https://*.google.co.ke https://*.google.com.kh https://*.google.ki https://*.google.kg https://*.google.co.kr https://*.google.com.kw https://*.google.kz https://*.google.la https://*.google.com.lb https://*.google.li https://*.google.lk https://*.google.co.ls https://*.google.lt https://*.google.lu https://*.google.lv https://*.google.com.ly https://*.google.co.ma https://*.google.md https://*.google.me https://*.google.mg https://*.google.mk https://*.google.ml https://*.google.com.mm https://*.google.mn https://*.google.com.mt https://*.google.mu https://*.google.mv https://*.google.mw https://*.google.com.mx https://*.google.com.my https://*.google.co.mz https://*.google.com.na https://*.google.com.ng https://*.google.com.ni https://*.google.ne https://*.google.nl https://*.google.no https://*.google.com.np https://*.google.nr https://*.google.nu https://*.google.co.nz https://*.google.com.om https://*.google.com.pa https://*.google.com.pe https://*.google.com.pg https://*.google.com.ph https://*.google.com.pk https://*.google.pl https://*.google.pn https://*.google.com.pr https://*.google.ps https://*.google.pt https://*.google.com.py https://*.google.com.qa https://*.google.ro https://*.google.ru https://*.google.rw https://*.google.com.sa https://*.google.com.sb https://*.google.sc https://*.google.se https://*.google.com.sg https://*.google.sh https://*.google.si https://*.google.sk https://*.google.com.sl https://*.google.sn https://*.google.so https://*.google.sm https://*.google.sr https://*.google.st https://*.google.com.sv https://*.google.td https://*.google.tg https://*.google.co.th https://*.google.com.tj https://*.google.tl https://*.google.tm https://*.google.tn https://*.google.to https://*.google.com.tr https://*.google.tt https://*.google.com.tw https://*.google.co.tz https://*.google.com.ua https://*.google.co.ug https://*.google.co.uk https://*.google.com.uy https://*.google.co.uz https://*.google.com.vc https://*.google.co.ve https://*.google.co.vi https://*.google.com.vn https://*.google.vu https://*.google.ws https://*.google.rs https://*.google.co.za https://*.google.co.zm https://*.google.co.zw https://*.google.cat https://msasafety.bynder.com; media-src 'self' blob: https://*.llnw.net https://*.msanet.com https://*.webdamdb.com/ https://*.curator.io https://curator-assets.b-cdn.net/ https://*.shutterstock.com https://*.uplynk.com/ https://msasafety.bynder.com assetlibrary.msasafety.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.msasafety.com https://*.scene7.com https://*.pricespider.com https://*.limelight.com https://*.marketo.com https://*.marketo.net https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://*.googleadservices.com https://*.gstatic.com https://*.bing.com https://*.doubleclick.net https://*.hotjar.com https://*.facebook.net https://*.wisepops.com https://*.adobedtm.com https://*.licdn.com https://*.medallia.com https://*.kampyle.com https://*.kickfire.com https://*.simpli.fi https://*.google.com https://*.metalocator.com https://*.pardot.com https://*.mapbox.com https://*.sierramonitor.com https://*.zohostatic.com https://*.usersnap.com https://*.cloudfront.net https://*.youtube.com https://*.cookielaw.org https://*.clarity.ms https://*.clickagy.com https://*.123formbuilder.com https://*.zoominfo.com https://*.usetiful.com https://*.webtraxs.com https://*.adroll.com https://*.rumiview.com https://*.la5-c2-ia4.salesforceliveagent.com https://*.jquery.com https://*.force.com https://*.g.doubleclick.net https://*.csp-1.com https://*.tockify.com https://tockify.com https://*.wisepops.net https://app.getwisp.co https://*.qzzr.com https://cdn.jsdelivr.net https://koi-3QNJ3FOY90.marketingautomation.services https://curator.io https://*.curator.io https://*.marketingautomation.services https://wisepops.net https://cdnjs.cloudflare.com https://tag.perfectaudience.com https://js.adsrvr.org https://*.tiles.mapbox.com https://pixel-geo.prfct.co https://*.niceincontact.com https://*.instagram.com https://webapps.msanet.com https://webapps.msasafety.com https://*.uplynk.net https://*.uplynk.com https://pactsafe.io https://*.pactsafe.io https://msasafety.bynder.com https://*.blueconic.net; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://*.mapbox.com https://*.pricespider.com https://*.tiles.mapbox.com https://*.msasafety.com https://*.scene7.com https://www.usetiful.com https://*.msanet.com https://*.fontawesome.com https://*.googleapis.com https://*.typekit.net https://*.curator.io/ https://*.niceincontact.com https://*.uplynk.com https://*.blueconic.net; upgrade-insecure-requests; worker-src 'self' blob:; report-uri /.webscale/csp-report
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports