SSL Verification Bypassed
The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.
Reason:
Hostname Mismatch - certificate is issued for www.fiserv.com, billmatrix.com, billmatrix.net, cardvalet.com, checkfreepay.com, fiserv.com, stage.billmatrix.com, stage.fiserv.com, star.com, not for cuassist.com
Open
Cached
·
just now
82/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=Wisconsin, L=Brookfield, O=Fiserv, Inc., CN=www.fiserv.com
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
Valid From
October 08, 2025
Valid Until
September 15, 2026
241 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AB:8E:BC:68:4E:7C:30:62:27:82:AE:80:4A:39:A6:88:BD:5F:1C:D2:BA:67:8C:6D:6E:41:2E:43:D0:FD:B1:7D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.0
TLS 1.1
TLS 1.2
Forward Secrecy
Limited
(Check cipher configuration)
Warnings
- • TLS 1.3 is not supported (recommended)
- • TLS 1.1 is deprecated and should be disabled
- • TLS 1.0 is deprecated and should be disabled
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Good
default-src; frame-src
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(), usb=()
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Strengthen CSP by removing 'unsafe-eval'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
48 domains
accelnetwork.com
www.accelnetwork.com
billmatrix.com
stage.billmatrix.com
www.billmatrix.com
billmatrix.net
cardvalet.com
www.cardvalet.com
www.stage.cardvalet.com
checkfreepay.com
www.checkfreepay.com
creditcardservices.com
www.creditcardservices.com
finxact.com
stage.finxact.com
www.finxact.com
fiserv.be
www.fiserv.be
dev.fiserv.com
fiserv.com
impactmarketing.fiserv.com
stage.fiserv.com
www.fiserv.com
www.stage.fiserv.com
fiserv.com.ar
www.fiserv.com.ar
fiserv.com.mx
www.fiserv.com.mx
fiserv.forum
www.fiserv.forum
fiserv.nl
www.fiserv.nl
www.fiserveventresponse.com
www.stage.fiserveventresponse.com
inletdigital.com
www.inletdigital.com
mycheckfree.com
www.mycheckfree.com
www.author.dev.onefiserv.net
www.author.prd.onefiserv.net
www.author.stg.onefiserv.net
m.popmoney.com
popmoney.com
www.popmoney.com
raddon.com
www.raddon.com
star.com
www.star.com