SSL-Tools

SSL check results of defend2.org

NEW You can also bulk check multiple servers.

Discover if the webservers of defend2.org can be reached through a secure connection.

Summary

JSON Refresh

Report created Wed, 02 Jul 2025 17:56:17 +0000

The webservers of defend2.org can be reached through a secure connection.

Servers

Hostname / IP address Certificates Protocol
defend2.org
96.246.224.30
 *.defend2.org
HSTS
about 2 years
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
3 s

Certificates

First seen at:

CN=*.defend2.org

Certificate chain
  • *.defend2.org
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R10
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • *.defend2.org
Alternative Names
  • *.defend2.org
  • defend2.org
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R10
validity period
Not valid before
2025-05-11
Not valid after
2025-08-09
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
D4:59:8E:52:93:8F:1C:38:50:51:58:CC:4E:EE:7A:B0:98:A1:34:DA:A3:6C:B1:47:B2:F4:D2:64:2D:25:23:BB
SHA1
50:45:B7:E0:B3:33:17:2B:7A:2D:CF:EE:4C:26:AA:24:D1:7B:81:97
X509v3 extensions
subjectKeyIdentifier
  • 1F:60:81:6A:95:27:32:2C:F6:F4:82:A0:5E:D1:42:DF:E0:62:11:B1
authorityKeyIdentifier
  • keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
authorityInfoAccess
  • CA Issuers - URI:http://r10.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r10.c.lencr.org/128.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : May 11 12:20:16.439 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:71:89:32:34:8D:CB:7E:AF:A8:60:A2:97:
  • 9C:BA:AF:3B:A3:34:1A:90:E3:9E:F7:0E:49:CE:2E:F4:
  • 9C:FA:FD:78:02:20:4E:40:36:60:AA:C1:C9:D7:18:E6:
  • CE:AB:65:2F:E8:4F:C4:0F:A1:84:A2:39:5B:CC:F9:C5:
  • 6E:D8:48:88:57:3E
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
  • F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
  • Timestamp : May 11 12:20:18.418 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:2E:B6:CF:D1:EA:89:24:B3:AB:76:0C:0A:
  • 47:56:9E:AD:1A:25:97:C6:C9:46:D7:C5:E9:B5:69:FF:
  • 66:C6:FD:06:02:21:00:86:BF:72:B3:01:D4:B8:2C:D5:
  • 27:FB:4E:78:BC:1C:FA:98:D9:BB:7A:A0:8A:53:E6:16:
  • C2:3B:58:0A:C9:7A:BC

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_443._tcp.defend2.org
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid