SSL-Tools

SSL check results of defend2.org

NEW You can also bulk check multiple servers.

Discover if the webservers of defend2.org can be reached through a secure connection.

Summary

JSON Refresh

Report created Fri, 12 Apr 2024 14:26:54 +0000

The webservers of defend2.org can be reached through a secure connection.

Servers

Hostname / IP address Certificates Protocol
defend2.org
96.246.224.30
 *.defend2.org
HSTS
about 2 years
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
3 s

Certificates

First seen at:

CN=*.defend2.org

Certificate chain
  • *.defend2.org
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • *.defend2.org
Alternative Names
  • *.defend2.org
  • defend2.org
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-03-09
Not valid after
2024-06-07
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
AA:04:45:BF:8C:C4:F8:00:94:59:B2:A4:BB:B4:49:30:D6:CB:52:6C:6D:8B:6D:31:E2:09:E8:51:FB:B9:FA:00
SHA1
D0:20:DF:38:78:B8:74:C7:9D:46:96:56:CC:AA:AC:65:88:9F:63:95
X509v3 extensions
subjectKeyIdentifier
  • 0F:7F:F3:35:FA:FD:B1:83:7E:60:33:4A:8D:60:40:FC:4B:8D:DD:1B
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
  • 65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
  • Timestamp : Mar 9 20:38:43.699 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:49:11:9C:6C:B0:F0:FC:0E:C9:4F:6D:DB:
  • 89:0F:A1:1E:02:B5:5D:89:A3:4D:9E:3F:5F:E8:09:A6:
  • DA:15:80:B1:02:20:68:5B:01:9C:32:FB:0B:BE:12:BD:
  • 36:17:F8:9C:6B:A4:5C:DE:E2:AF:E5:54:19:BA:5E:B3:
  • 65:3C:29:01:6E:85
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
  • B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
  • Timestamp : Mar 9 20:38:43.719 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:CE:46:87:F9:42:A0:DC:1B:20:9B:E8:
  • E6:0F:52:CD:6B:8D:58:2A:E4:10:89:D0:84:9F:2E:EB:
  • D8:17:3C:6A:52:02:21:00:AA:7C:13:F5:8D:26:67:5D:
  • 1D:ED:26:81:4D:A4:B8:44:A5:26:EA:CE:D4:7E:09:01:
  • BB:98:B8:8B:EA:8D:C2:63

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_443._tcp.defend2.org
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid