DNS Gurus

SSL Verification Bypassed

The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.

Reason:

Expired Certificate - the server's certificate has expired

Open Cached · just now
62/100 SECURITY SCORE

Certificate Information

Subject
CN=securesign.fi
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
July 17, 2025
Valid Until
October 15, 2025 Expired
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
39:6B:EC:D0:D3:43:1D:3D:A3:05:AA:2E:F1:7A:76:A8:62:80:8E:7E:29:78:DD:ED:5A:3D:F8:51:E5:C3:FB:3A
Alternative Names
100 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains
www.all-city.co

Other domains in certificate

27studio.com.ar
gasometer.agrimind.com.br
alexandergaribello.com
squareshades-docs.algojaxon.com
www.all-city.app
www.all-city.art
planos.ress.app.br
updatepwd.randstad.ausy.be
azarcchiropractic.com
www.bilindgame.com
tribuds.bindebank.com
coba.soexma.biz.id
www.blackstarlegal.org
www.blackstarlegalservices.com
www.burcak.dev
www.ceromulta.com
www.claria.cloud
srikanthvoonna.co.in
www.anjanaadhikari.com.np
enesans4925.com.tr transigo.com.tr www.enesans4925.com.tr
www.connectartist.in
www.cricbolt.com
cyrilformapro.fr
earthstory.app
app.eumplus.kr
app.fairytel.se
gemmer.us
gospodarstwo-rodzinne.pl
admin.staging.auction.holmasto.fi
iabrmv.com www.iabrmv.com
welcome.igo.football
app.vendor.inf.br
uiic-natcat.inrisk.insure
joincortex.xyz
jomin.ca
kiddolearn.app
www.laconic.kr
www.landruatherapies.com
auth.lifechangersteam.fr
gamers-graphics.lloydborres.com
lucassvahn.se
a.lyppo.click
link.maxi-retail.ru
test.admin.mayais.co.za
memorialetter.com
fb.mokesu.top
mps-services.fr
multiaibot.com
auth.lazackorganisation.my.id sherly.rizkanur.my.id
naijahustleplug.com
nessasolutions.co.za
swordfish.obrelahellas.gr
a.official-store.in
mindstack.override.com.mx
pdcgsolutions.com
pdqtech.co.za
topblockchaincompanies.stage.pixelplexlabs.com
plancknetwork.com www.plancknetwork.com
point-speedlogistics.cloud
polaris-k.com
predika.pro
admin.propxplorer.com www.propxplorer.com
qimora-agency.com
letschat.shequ.qzz.io
renouelement-canva.site
docs.rosepetal.ai
www.scfinance.it
securesign.fi
www.shamstailors.in
silvermed.ch www.silvermed.ch
smarttracker.online
sstcolombia.com
www.stagiidepractica.ro
structurerealm.com
quiz.talentmath.vn
www.tasmeel.ae
taymo.ma
prates.tec.br
tenpastone.com
terilastech.com
thammuucaqn.cloud
thecloudhosters.com
www.toindonomercado.com.br
turtlewithcrocs.com
verbaloom.com
www.versus-studios.com
gc-02.vibbyfs.web.id kalkulatorusahatani.web.id
weeshyhima.com
wingcruit.com www.wingcruit.com
old-ma-rue-yang.youngrean.com