← new scan
~/scans/expired.badssl.com.report
⇣ export pdf
target expired.badssl.com
resolved104.154.89.105
scanned 2026-07-18 10:02:02
modules 7 of 7 completed
// overall risk
CRITICAL Risk
17 issues across 7 modules — 1 critical, 2 high, 6 medium, 8 low
1 critical
2 high
6 medium
8 low
0 ok
01
WHOIS & DNS
DNS records retrieved — email policy issues found
MEDIUM
02
SSL / TLS Certificate
Valid certificate, EXPIRED — TLSv1.2
CRITICAL
// raw output
issuer COMODO RSA Domain Validation Secure Server CA
subject *.badssl.com
valid from Apr 09 00:00:00 2015 UTC
valid to Apr 12 23:59:59 2015 UTC
tls version TLSv1.2
// findings (3)
  • critical Certificate has expired
  • · low TLS 1.2 active — TLS 1.3 preferred
  • ok HTTP redirects to HTTPS in 1 hop(s)
03
CMS Detection
No CMS detected
OK
04
Security Headers
7 of 7 headers missing
HIGH
// raw output
HSTS MISSING
CSP MISSING
X-Frame-Options MISSING
X-Content-Type-Options MISSING
Referrer-Policy MISSING
Permissions-Policy MISSING
Cross-Origin-Opener MISSING
// findings (8)
  • medium HSTS not set — browsers may allow HTTP connections
  • high X-Content-Type-Options missing — MIME-sniffing possible
  • high X-Frame-Options missing — clickjacking attacks possible
  • medium Referrer-Policy missing — leaking referrer data to third parties
  • medium Content-Security-Policy missing — site exposed to XSS injection
  • medium Permissions-Policy missing — browser features not restricted
  • · low Cross-Origin-Opener-Policy not set
  • · low No /.well-known/security.txt — researchers cannot find a contact for vulnerability reports
05
Raw HTTP Headers
HTTP/1.1 · 9 headers · nginx/1.10.3 (Ubuntu)
MEDIUM
06
External JS Libraries
No external JS libraries detected
OK
07
Malware & Blocklists
Clean — not present on any monitored blocklist
OK
// end of report · expired.badssl.com · 2026-07-18 10:02:02 ↻ scan again