SSL Verification Bypassed
The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.
Reason:
Expired Certificate - the server's certificate has expired
Open
Cached
·
just now
62/100
SECURITY SCORE
Certificate Information
Subject
CN=degchess.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 13, 2025
Valid Until
April 13, 2025
Expired
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
28:F3:24:1B:CF:6E:E2:F6:49:03:82:6C:0B:24:DB:96:08:B5:DB:09:2A:87:DD:94:B0:DD:AB:91:C8:92:3C:CF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
link.nextlegal.us
messages.nextlegal.us
aasilinteriors.com
my.abstrakty.com
adsell.ai
allenhouseroomamun.com
ankconseil.com
traders.auxilio24.com
barcodexchange.com
eatm.bharathepay.com
bierometre.fr
bluelutra.com
blurail.tk
ahtscan.bowheadhealth.com
fda.sandbox-console.bringoz.com
byte2eat.in
empresas.carbee.top
backoffice.cardalpha.com
gratitud.carlosrojas.dev
guatemala.clau.io
comy.tech
pm.connecteddevelopment.org
www.counteverything.app
www.daisyorlily.com
degchess.com
dev-peter.com
www.dineshbalaji.com
e-cono.fr
www.e4events.com.au
www.englishonestoptutor.net
escolasprime.com.br
www.escolasprime.com.br
factorybuildingsconstrucciones.com
firestarterdesigns.com
gettoskatepark.pl
shop.gls-spain.dev
www.goiascontadores.com.br
www.growthbeats.com
deeplink.haliaustralia.com
hallros.com
happs-beta.dev
iadentalflow.com.br
www.iadentalflow.com.br
hustcv20215577.hieu215577.id.vn
immigrantax.org
induro.io
admin.institutoarca.org
abdi.is-a.dev
iseki.pw
www.joshilog.com
group.letzchat.com
betaapps.level.travel
www.lokio.app
www.merakioffice.com
www.miles2one.com
www.mooncr.com
mylivlocatons.com
stopngo.mytechnis.com
stage-page.nujackpot.com
dealer.omotenashi.ai
chimpers.omp.dev
store.pannks.me
www.pegasuspool.info
www.protonwhales.com
punjabfence.com
portal.demo.insightsofficer.pwc.com
questturnuva.com
www.ramonenses.com.mx
share.realize.design
realre.it
rider.ridezum.com
www.book.rxhealthmed.ca
www.rzcareer.com
apply.salem.edu
top.smartseniorsavings.com
smoothly.chat
socialhub2022.softwarewellion.com
dev.proxy.valuehr.sokuyaku.jp
southernroots.in
sprint-spjimr.in
content.static-twentig.com
synergistic.ca
tenly.world
tapes.texcloud.app
roster.thatdoesntwork.net
theworldsbestcapitalsquiz.com
e.throughmotion.co.uk
www.tkjn.net
auth.traggr.com
ultimateblackhistory.com
unasuke.fm
admin.vereador.app
wanderindia.blog
www.wanderindia.blog
wb270.co
gloriousfood.wearemobilefirst.com
www.wolipay.bo
home.zainafzal.com
watch.zainafzal.com
zfleck.com
Other domains in certificate