← new scan
~/scans/expired.badssl.com.report
⇣ export pdf
target expired.badssl.com
resolved104.154.89.105
scanned 2026-07-18 10:02:02
modules 7 of 7 completed
// overall risk
CRITICAL Risk
17 issues across 7 modules — 1 critical, 2 high, 6 medium, 8 low
1 critical
2 high
6 medium
8 low
0 ok
01
WHOIS & DNS
DNS records retrieved — email policy issues found
MEDIUM
// whois
registrar MarkMonitor Inc.
created 2015-04-07
expires 2027-04-07
updated 2026-03-06
nameserver ns-cloud-c1.googledomains.com
nameserver ns-cloud-c2.googledomains.com
nameserver ns-cloud-c3.googledomains.com
nameserver ns-cloud-c4.googledomains.com
status client delete prohibited
status client transfer prohibited
status client update prohibited
// dns records
A 104.154.89.105
www A 104.154.89.105
MX 20 alt2.gmr-smtp-in.l.google.com
MX 40 alt4.gmr-smtp-in.l.google.com
MX 30 alt3.gmr-smtp-in.l.google.com
MX 5 gmr-smtp-in.l.google.com
MX 10 alt1.gmr-smtp-in.l.google.com
NS NS-CLOUD-C1.GOOGLEDOMAINS.COM
NS NS-CLOUD-C2.GOOGLEDOMAINS.COM
NS NS-CLOUD-C3.GOOGLEDOMAINS.COM
NS NS-CLOUD-C4.GOOGLEDOMAINS.COM
// ip whois (1)
104.154.89.105 SSL unavailable for this endpoint, order a key at https://members.ip-api.com/ whois ↗
// email security
// txt records (1)
txt.01 _4wahjzefs6if6al9ai0ukockra7wb9c
// findings (6)
  • medium No SPF record — email spoofing is possible
  • · low No DMARC record — email abuse is harder to detect
  • ok 5 MX record(s) configured
  • · low No CAA records — any certificate authority can issue certs for this domain
  • · low No MTA-STS DNS record at _mta-sts — inbound mail can be downgraded
  • · low No TLS-RPT record at _smtp._tls — no visibility into TLS delivery failures
// detected services (2)
02
SSL / TLS Certificate
Valid certificate, EXPIRED — TLSv1.2
CRITICAL
// raw output
issuer COMODO RSA Domain Validation Secure Server CA
subject *.badssl.com
valid from Apr 09 00:00:00 2015 UTC
valid to Apr 12 23:59:59 2015 UTC
tls version TLSv1.2
// findings (3)
  • critical Certificate has expired
  • · low TLS 1.2 active — TLS 1.3 preferred
  • ok HTTP redirects to HTTPS in 1 hop(s)
03
CMS Detection
No CMS detected
OK
// raw output
cms none detected
// findings (1)
  • ok No known CMS fingerprint found
04
Security Headers
7 of 7 headers missing
HIGH
// raw output
HSTS MISSING
CSP MISSING
X-Frame-Options MISSING
X-Content-Type-Options MISSING
Referrer-Policy MISSING
Permissions-Policy MISSING
Cross-Origin-Opener MISSING
// findings (8)
  • medium HSTS not set — browsers may allow HTTP connections
  • high X-Content-Type-Options missing — MIME-sniffing possible
  • high X-Frame-Options missing — clickjacking attacks possible
  • medium Referrer-Policy missing — leaking referrer data to third parties
  • medium Content-Security-Policy missing — site exposed to XSS injection
  • medium Permissions-Policy missing — browser features not restricted
  • · low Cross-Origin-Opener-Policy not set
  • · low No /.well-known/security.txt — researchers cannot find a contact for vulnerability reports
05
Raw HTTP Headers
HTTP/1.1 · 9 headers · nginx/1.10.3 (Ubuntu)
MEDIUM
// detected
nginx Web server: nginx
Server version exposed Server header reveals version info (nginx/1.10.3 (Ubuntu)) — remove or mask the version string
HTTP/1.1 HTTP/1.1 detected — upgrade to HTTP/2 for significantly better performance and security
GZIP compression Response is GZIP-compressed — reduces bandwidth usage
// raw headers (9)
status HTTP/1.1 200
date Sat, 18 Jul 2026 10:02:00 GMT
etag W/"6a56a3cf-1ee"
server nginx/1.10.3 (Ubuntu)
connection keep-alive
content-type text/html
cache-control no-store
last-modified Tue, 14 Jul 2026 21:02:07 GMT
content-encoding gzip
// findings (5)
  • ok Web server: nginx
  • medium Server header exposes version: nginx/1.10.3 (Ubuntu)
  • · low HTTP/1.1 in use — HTTP/2 or HTTP/3 recommended
  • ok GZIP compression active
  • ok Cache-Control: no-store
06
External JS Libraries
No external JS libraries detected
OK
// raw output
external scripts 0 detected
// findings (1)
  • ok No third-party JavaScript files loaded
07
Malware & Blocklists
Clean — not present on any monitored blocklist
OK
// raw output
Google Safe Browsing clean
VirusTotal clean
injected scripts 0 detected
malware patterns 0 matches
// findings (3)
  • ok Google Safe Browsing — clean
  • ok VirusTotal — clean
  • ok No malware signatures found across monitored blocklists
// end of report · expired.badssl.com · 2026-07-18 10:02:02 ↻ scan again