Open
Cached
·
just now
94/100
SECURITY SCORE
Certificate Information
Subject
CN=userway.org
Issuer
C=US, O=Amazon, CN=Amazon RSA 2048 M01
Valid From
September 20, 2025
Valid Until
October 19, 2026
327 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
76:94:1F:10:1C:92:2F:65:78:28:92:7A:FD:9D:5C:06:B9:B6:55:D1:F3:30:39:6E:40:15:B2:D3:74:86:10:7E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
Basic
default-src; script-src; style-src; +9 more
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.googletagmanager.com https://*.googleadservices.com https://*.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://*.googlesyndication.com https://www.recaptcha.net https://*.google.com https://sgtm.userway.org https://api.userway.org/api/ https://inspect.userway.org/api https://inspect.userway.org https://userway.org https://manage.userway.org https://scan.userway.org https://cdn.userway.org https://*.hotjar.com https://*.cookiebot.com http://*.outbrain.com http://*.trustpilot.com https://cdn.debugbear.com https://js.stripe.com https://m.stripe.network/out-4.5.42.js https://*.hideousplay.com https://www.redditstatic.com/ads/pixel.js https://a.quora.com/qevents.js https://amplify.outbrain.com/cp/obtp.js https://js.hs-scripts.com https://static.ads-twitter.com/uwt.js https://m.stripe.network https://bat.bing.com http://js.hs-scripts.com https://js.hs-banner.com https://js.hs-analytics.net https://tag.clearbitscripts.com https://x.clearbitjs.com https://reveal.clearbit.com https://cdn.amplitude.com https://js.intercomcdn.com https://www.youtube.com https://*.tiktok.com/ https://snap.licdn.com https://*.6sc.co https://js.hsadspixel.net https://*.taboola.com https://connect.facebook.net https://*.intercom.io https://assets.calendly.com https://w.usabilla.com https://cdn.optimizely.com https://cdn.segment.io https://cdn.heapanalytics.com https://js.appboycdn.com https://data.pendo.io https://static.zdassets.com https://geolocation.onetrust.com https://*.airbrake.io https://api2.amplitude.com https://*.g.doubleclick.net https://cdn.cookielaw.org https://booking-dfp.calendly.com/telemetry.js; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.googletagmanager.com https://*.googleadservices.com https://*.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://*.googlesyndication.com https://www.recaptcha.net https://*.google.com https://sgtm.userway.org https://api.userway.org/api/ https://inspect.userway.org/api https://inspect.userway.org https://userway.org https://manage.userway.org https://scan.userway.org https://cdn.userway.org https://*.cookiebot.com https://tagmanager.google.com; img-src 'self' data: https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.googletagmanager.com https://*.googleadservices.com https://*.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://*.googlesyndication.com https://www.recaptcha.net https://*.google.com https://sgtm.userway.org https://api.userway.org/api/ https://inspect.userway.org/api https://inspect.userway.org https://userway.org https://manage.userway.org https://scan.userway.org https://cdn.userway.org https://track.hubspot.com https://px.ads.linkedin.com https://bat.bing.com https://static.intercomassets.com https://downloads.intercomcdn.com https://js.intercomcdn.com https://*.trustpilot.com https://*.cookiebot.com https://*.g2crowd.com https://*.taboola.com https://q.quora.com https://levelaccess.com https://stape.io https://www.linkedin.com https://*.g.doubleclick.net https://t.co/1/i/ https://analytics.twitter.com https://alb.reddit.com http://b.6sc.co/v1/beacon/ https://un.hideousplay.com/tracker/ https://ct.capterra.com/ https://i.liadm.com/ https://images.g2crowd.com https://lh3.googleusercontent.com https://www.facebook.com https://b.6sc.co https://effortless-cuddle-8148be6fe0.media.strapiapp.com https://i.ytimg.com; font-src 'self' data: https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.googletagmanager.com https://*.googleadservices.com https://*.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://*.googlesyndication.com https://www.recaptcha.net https://*.google.com https://sgtm.userway.org https://api.userway.org/api/ https://inspect.userway.org/api https://inspect.userway.org https://userway.org https://manage.userway.org https://scan.userway.org https://cdn.userway.org https://fonts.intercomcdn.com/messenger-m4/; connect-src 'self' https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.googletagmanager.com https://*.googleadservices.com https://*.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://*.googlesyndication.com https://www.recaptcha.net https://*.google.com https://sgtm.userway.org https://api.userway.org/api/ https://inspect.userway.org/api https://inspect.userway.org https://userway.org https://manage.userway.org https://scan.userway.org https://cdn.userway.org https://*.trustpilot.com https://static.hsappstatic.net https://api.hubapi.com https://www.facebook.com https://bat.bing.net wss://ws.hotjar.com https://metrics.hotjar.io https://content.hotjar.io https://vc.hotjar.io https://bat.bing.com https://*.outbrain.com https://*.taboola.com https://tag.clearbitscripts.com https://app.clearbit.com https://data.debugbear.com https://analytics.tiktok.com https://analytics-ipv6.tiktokw.us https://px.ads.linkedin.com https://pixel-config.reddit.com https://*.6sc.co https://epsilon.6sense.com https://www.redditstatic.com https://*.hideousplay.com https://conversions-config.reddit.com wss://nexus-websocket-a.intercom.io https://api-iam.intercom.io https://*.airbrake.io https://api2.amplitude.com https://cdn.amplitude.com https://*.cookiebot.com https://*.cookiebot.eu https://effortless-cuddle-8148be6fe0.media.strapiapp.com; media-src https://sgtm.userway.org https://api.userway.org/api/ https://inspect.userway.org/api https://inspect.userway.org https://userway.org https://manage.userway.org https://scan.userway.org https://cdn.userway.org; frame-src 'self' https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.googletagmanager.com https://*.googleadservices.com https://*.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://*.googlesyndication.com https://www.recaptcha.net https://*.google.com https://sgtm.userway.org https://api.userway.org/api/ https://inspect.userway.org/api https://inspect.userway.org https://userway.org https://manage.userway.org https://scan.userway.org https://cdn.userway.org https://js.stripe.com https://intercom-sheets.com https://www.facebook.com https://www.youtube.com http://www.youtube.com https://calendly.com https://*.cookiebot.com; object-src 'none'; base-uri 'self'; form-action 'self' https://www.facebook.com https://scan.userway.org https://manage.userway.org https://api.userway.org/api/ https://inspect.userway.org/api/; frame-ancestors https://userway.org https://userway.org/blog/ https://userway.org/es/blog/ https://userway.org/de/blog/ https://userway.org/fr/blog/ https://userway.org/pt/blog/ https://manage.userway.org;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 4 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
- • Consider adding 'issuewild' records to control wildcard certificate issuance