Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=preapp.firstchoicepos.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 17, 2026
Valid Until
April 17, 2026
64 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
20:94:6F:81:90:60:F1:48:57:24:A7:73:FF:A2:B8:51:3C:BB:11:B3:70:5F:C2:46:D8:32:32:0D:21:AF:05:1A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
clipjiffy.com
1jp.app
bnq-alara-configurator-test.3dcloud.io
www.acss.in
www.agaarneg.mn
www.albertoh.com
ambi-admin-testing.ambihome.net
www.anna-sharp.ca
antisocial.fun
apaon.com.au
avgrunn.com
awesomepiece.com
bernardi-asociados.com
besthouse.today
billeaz.com
bitewise.info
bluelaundrykilifi.com
www.boxofic.com
cafeyvr.com
capxly.com
carahiggins.com
casval.trade
celect.in
chadmusick.com
www.charliestedman.dev
clinicadentaldgc.com
motto.co.il
partner.easycashpoint.co.in
voxen.co.in
copafederacion.org
dash-wheel.com
datanest.jp
dodraseva.com
dreamdayrentals.store
www.easystory360.tools
www.eion.dev
tech.electricelk.co
www.elektrolibera.jp
fcreactdev.co.uk
preapp.firstchoicepos.com
fortuneestates.info
fossilchart.org
govvies.info
greydoha.qa
hooemi.co
icmoon.xyz
www.indistinctchatter.app
jpkrp.com
klarasvalg.com
cbattery.lolibai.me
maryvarrodaja.hu
moeshadi.info
app.mokin.nl
app.mustpool.com
www.nancyandrichie.nyc
patrickmbarker.com
ezserv-uk.penzigo.net
pixul.nl
www.raiar.dev
redboxpizza.com.br
puzzle.renefloor.nl
badges.rhems-japan.com
link.russiapp.ru
rust-cursus.nl
www.sailscanner.org
www.salsarod.com
scaleforce.io
www.seelenlichtraum.de
chennai.selvitravels.in
krishnagiri.selvitravels.in
virudhunagar.selvitravels.in
sidewaysgame.app
sociallife.club
www.sportstatss.com
b1ow.staq.dev
www.sunriseexcavating.ca
syncsharp.com
theamazingfurball.com
www.thebigwoodgroup.com
app.theincircle.com
thenextapp.nl
topado.com.br
admin.totterdownapothecary.com
app.trucksnb.eu
www.tvrbo.pro
www.twinjack.com
two-eyes.online
twoway-trading.com
uhydro.net
umuzi.net
hic.usemason.com
viicouriers.com
dev.vocaldocs.com
clicks.workhere.com
xarlat.com
ficci.xcape.in
introcrm.yac.com
dev-app.zeca.ai
www.zetasp.com
www.zianemagic.fr
Other domains in certificate