SSL-Tools

SSL check results of defend2.org

NEW You can also bulk check multiple servers.

Discover if the webservers of defend2.org can be reached through a secure connection.

Summary

JSON Refresh

Report created Fri, 13 Sep 2024 18:52:47 +0000

The webservers of defend2.org can be reached through a secure connection.

Servers

Hostname / IP address Certificates Protocol
defend2.org
96.246.224.30
 *.defend2.org
HSTS
about 2 years
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
3 s

Certificates

First seen at:

CN=*.defend2.org

Certificate chain
  • *.defend2.org
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R10
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • *.defend2.org
Alternative Names
  • *.defend2.org
  • defend2.org
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R10
validity period
Not valid before
2024-09-05
Not valid after
2024-12-04
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
98:53:7B:18:F0:97:CF:07:FA:2A:0A:A5:3F:B8:FE:29:26:5B:8E:FE:89:68:AD:51:0F:45:F8:A4:2E:71:84:6A
SHA1
CA:20:4C:9C:BC:F4:B2:34:B2:24:4A:7A:9B:D7:D9:2A:94:65:8B:D0
X509v3 extensions
subjectKeyIdentifier
  • 30:76:27:FA:40:3B:FA:78:F4:9A:A5:04:04:42:48:FA:99:1D:0A:D0
authorityKeyIdentifier
  • keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
authorityInfoAccess
  • OCSP - URI:http://r10.o.lencr.org
  • CA Issuers - URI:http://r10.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Sep 5 23:10:11.917 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:99:19:5D:54:91:BC:FE:3E:47:CA:14:
  • 77:EE:2B:59:DF:91:6B:81:6D:41:DF:16:71:70:D5:85:
  • A7:C0:E5:D3:8D:02:20:29:56:8B:A1:B8:BB:4A:0C:6E:
  • 1C:09:61:4A:55:C5:73:76:59:DA:16:BD:7B:A0:8F:90:
  • FE:19:ED:91:19:4A:8A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
  • B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
  • Timestamp : Sep 5 23:10:11.967 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:28:7E:48:AC:8C:08:76:9A:AF:39:C1:10:
  • 5D:8A:48:8B:8A:27:40:E3:BE:BD:46:3C:35:9D:85:07:
  • 36:30:CD:70:02:21:00:FC:39:A1:24:D4:CF:E4:1A:80:
  • BE:10:E4:F8:AF:A7:BE:7D:09:A9:BA:ED:06:E9:24:A4:
  • 6C:B7:1C:33:C5:04:17

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_443._tcp.defend2.org
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid