SSL Verification Bypassed
The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.
Reason:
Expired Certificate - the server's certificate has expired
Open
Cached
·
just now
62/100
SECURITY SCORE
Certificate Information
Subject
CN=kavimanch.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
April 19, 2025
Valid Until
July 18, 2025
Expired
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9A:5E:2B:40:94:C1:A2:4F:1B:09:7A:58:69:54:28:89:BB:48:63:BB:66:1F:11:65:C0:8E:44:0F:1A:E4:9B:6C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
v-tenelectrical.com
www.v-tenelectrical.com
algorithms.cool
askvikdevelopment.no
auco.pro
barberbuddy.co
barcribbage.com
auth.beanie.nu
bendzsa.com
www.biejanssen.nl
staging.navigator.bowhead.ai
bpmsvietnam.com
cacophonycards.com
test.portal.camino.solutions
cdsscanner.com
www.chetanbendre.com
citizensolutions.co.za
statina-stage.clinicalgenomics.se
pappasbuilders.co.in
api.kohepets.com.sg
conectalab.co
empresas.criptan.es
e1group.net
www.earth2.se
energyon.us
www.fotivjohnlaingsettlement.com
totem.frin.fr
www.galas.fm
app.gridlockedgame.app
firebase.hiro.pet
huster-5b33b.id.vn
tools.irix.app
teste.dev.simulador.izii.io
www.jlconsultorias.com
kavimanch.com
www.kavimanch.com
kensley.info
kts-analytics.ktsutah.org
test23.lamusica.com
www.lechantbeny.fr
booking.linkednet.com.au
makeitbetter.studio
www.leaderboard.mathematic.org
michielbarnaart.nl
minominolyly.net
minveiledning.no
insects.mobilminds.com
msmsm.work
octoapp.eu
mas.parkalot.io
patrickhenryhighfoundation.org
parks.patrickwilliamweaver.com
www.pensioenbijevofenedex.nl
www.perfect-assignment.com
app.pichincha.pe
order.pierrejkt.com
www.app.poj.es
www.prettyboy.app
count.quickpit.app
rereagri.work
www.restaurantly.io
bot.rpr1.de
salihkhan.me
platform.segna.io
serviciosdeseguridadaraucania.cl
debug.shallotapp.com
pe360-online.sheremetat.dev
link-staging.skipr.ninja
sphiverse.org
sportzbuff.com
sriradheyhospital.in
www.sriradheyhospital.in
www.staige.lu
story.chat
pateliafamilytree.talhahpatelia.com
anesthesia.tempbutton.com
invite.tezoronow.com
www.theessenceworld.com
thehappydev.io
toddlerwalks.com
www.tornhult.se
app.trowit.com
hadassahca.um-manu.com
upleafmediaatx.com
urbancamowindowcleaning.com
testnetmerchant.usdtify.com
www.versaprisme.be
www.viibe.app
vinos.com
www.we-kopen-uw-huis.be
www.wearestudiobrass.com
lawsites.web.id
www.wev360.com
qa.app.wink.financial
lpforlicensee.wizonchain.com
worstgamesever.com
www.yashashomestay.com
ypage.pl
gestion-sslaiss.zerogroups.uk
newton.zerogroups.uk
Other domains in certificate