SSL-Tools

SSL check results of defend2.org

NEW You can also bulk check multiple servers.

Discover if the webservers of defend2.org can be reached through a secure connection.

Summary

JSON Refresh

Report created Sat, 08 Nov 2025 13:55:49 +0000

The webservers of defend2.org can be reached through a secure connection.

Servers

Hostname / IP address Certificates Protocol
defend2.org
96.246.224.30
 *.defend2.org
HSTS
about 2 years
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
3 s

Certificates

First seen at:

CN=*.defend2.org

Certificate chain
  • *.defend2.org
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R13
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • *.defend2.org
Alternative Names
  • *.defend2.org
  • defend2.org
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R13
validity period
Not valid before
2025-11-08
Not valid after
2026-02-06
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
72:6E:04:5A:C1:2D:67:93:58:B3:4D:B7:8F:2C:41:E6:EE:93:A9:28:D3:49:C9:72:74:B2:C7:6A:29:36:9B:85
SHA1
57:3B:93:87:43:5A:BC:AA:29:C2:23:3A:EA:69:1E:DC:C3:DB:35:52
X509v3 extensions
subjectKeyIdentifier
  • D6:0C:3F:2D:5B:36:46:A7:A9:81:ED:63:94:6C:06:F8:D0:0F:63:99
authorityKeyIdentifier
  • keyid:E7:AB:9F:0F:2C:33:A0:53:D3:5E:4F:78:C8:B2:84:0E:3B:D6:92:33
authorityInfoAccess
  • CA Issuers - URI:http://r13.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r13.c.lencr.org/117.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 64:11:C4:6C:A4:12:EC:A7:89:1C:A2:02:2E:00:BC:AB:
  • 4F:28:07:D4:1E:35:27:AB:EA:FE:D5:03:C9:7D:CD:F0
  • Timestamp : Nov 8 13:18:12.846 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:7A:E4:6F:18:86:BD:B1:F8:08:C7:9F:00:
  • 1B:61:A6:09:40:F2:05:9C:D9:F9:58:9C:FB:02:4C:A4:
  • F9:DC:F1:CB:02:21:00:AF:CB:9F:18:97:07:A4:9A:A8:
  • FD:FC:57:1B:86:12:BA:71:52:38:7F:AB:06:83:32:40:
  • D5:99:39:91:AB:58:4B
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CB:38:F7:15:89:7C:84:A1:44:5F:5B:C1:DD:FB:C9:6E:
  • F2:9A:59:CD:47:0A:69:05:85:B0:CB:14:C3:14:58:E7
  • Timestamp : Nov 8 13:18:12.869 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:56:00:F1:45:A6:29:90:1F:D8:6C:82:95:
  • C8:63:78:1F:49:CF:5E:2F:FE:E6:A9:51:22:46:50:0C:
  • 5F:09:B0:CC:02:21:00:CA:F6:13:FD:D2:F9:15:EE:11:
  • 2F:85:35:05:E3:9A:4C:B8:77:01:BB:BC:74:E6:56:82:
  • 6E:75:36:88:24:C3:C0

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_443._tcp.defend2.org
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid