jadenconwright.com
Score 93/100
Web site information
SEO data
title
Protocols
SSLv2
not offered
SSLv3
not offered
TLS 1.0
not offered
TLS 1.1
not offered
TLS 1.2
offered
TLS 1.3
unexpected results
ALPN HTTP2
h2
ALPN
http/1.1
Vulnerabilities
heartbleed
not vulnerable, no heartbeat extension
CCS
not vulnerable
ticketbleed
not vulnerable
ROBOT
not vulnerable
SSL renegotiation
OpenSSL handshake didn't succeed
SSL client renegotiation
not vulnerable
CRIME TLS
not vulnerable
BREACH
not vulnerable, no HTTP compression - only supplied '/' tested
POODLE SSL
not vulnerable, no SSLv3
fallback SCSV
no protocol below TLS 1.2 offered
SWEET32
uses 64 bit block ciphers
FREAK
not vulnerable
DROWN
not vulnerable on this host and port
DROWN hint
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=DD5DEE3A701BC9124F85B17B692FBBF3D48965D9CBE7180E2EA1382A30DB8894
LOGJAM
not vulnerable, no DH EXPORT ciphers,
LOGJAM-common primes
no DH key with <= TLS 1.2
BEAST
not vulnerable, no SSL3 or TLS1
LUCKY13
potentially vulnerable, uses TLS CBC ciphers
RC4
not vulnerable
Header Responses
Status code
200 OK ('/')
Clock skew
0 seconds from localtime
HSTS
not offered
HPKP
No support for HTTP Public Key Pinning
security headers
--
Server Defaults
TLS extensions
'session ticket/#35' 'renegotiation info/#65281' 'EC point formats/#11' 'extended master secret/#23' 'application layer protocol negotiation/#16'
TLS session ticket
no -- no lifetime advertised
SSL sessionID support
yes
Session Ticket Resumption
not supported
Session ID Resumption
not supported
cert numbers
1
Signature algorithm
SHA256 with RSA
Key size
RSA 2048 bits
Key usage
Digital Signature, Key Encipherment
Extended key usage
TLS Web Server Authentication, TLS Web Client Authentication
Serial number
C9619567C1DB864C
cert serialNumberLen
8
Fingerprint SHA1
21A08DFB72180DFC52820CF90D958269E636D016
Fingerprint SHA256
DD5DEE3A701BC9124F85B17B692FBBF3D48965D9CBE7180E2EA1382A30DB8894
Certificate details
-----BEGIN CERTIFICATE----- MIIGjDCCBXSgAwIBAgIJAMlhlWfB24ZMMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0 cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTI0MDkxNjE5MzI1OFoX DTI1MDkxNjE5MzI1OFowHTEbMBkGA1UEAxMSamFkZW5jb253cmlnaHQuY29tMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Id/Lfa31ATF1RF7ZON4QkbY x8F54pOlVZKA4cQLr/hMNTFIE/bJrvm3YHFc1aFPpXboyWY9+ptgNoBxm5WgGSbd oo6VHLvkBA0jS3LoQs4Tc4jVlw3PAwz7hxNA1mOBtav4/l5q0iTOGaKAUA41AaSt jjezjZjNdwGBd204V9KmMTzBZZz7Cj/ZBcBsichiWkad7xA3kp/0l7qxblP//Btd Eaz4A6gnUIZAceSjo/dVgG7nYZiDhyUWyTIPUfCRXFFyYG7wlanGQPbEl+4XEwes AH+TtHVoo05JZrvUb/iJ6vooS9L4lj2vLeo9Aamu8Ng1EC502/rbne9bkMzLwQID AQABo4IDNTCCAzEwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMDkGA1UdHwQyMDAwLqAsoCqGKGh0dHA6 Ly9jcmwuZ29kYWRkeS5jb20vZ2RpZzJzMS0zMDMzNy5jcmwwXQYDVR0gBFYwVDBI BgtghkgBhv1tAQcXATA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVz LmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATB2BggrBgEFBQcBAQRq MGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHkuY29tLzBABggrBgEF BQcwAoY0aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5 L2dkaWcyLmNydDAfBgNVHSMEGDAWgBRAwr0njsw0gzCiM9f7bLPwtCyAzjAdBgNV HREEFjAUghJqYWRlbmNvbndyaWdodC5jb20wHQYDVR0OBBYEFMOc9mGMC72ZDsMt e8Qu8VT2mgwbMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdwAS8U40vVNyTIQG GcOPP3oT+Oe1YoeInG0wBYTr5YYmOgAAAZH8Uu71AAAEAwBIMEYCIQDVK3TnNKA7 GjNvJtzT9SmPSJ1mB2Uoth7oNEW3sBNwOQIhANS1SVw2CQvV1xmNd4cBqtqpa1AD ssFTE7Pdby4qGHA3AHYAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgA AAGR/FLwEwAABAMARzBFAiEAx1Vayd3FKJmGcyqfVQWze2/cgwirWXuiqOMSZOm4 gawCIAxXiyswHU70F1ECnVfLHm6fvRXJ2abhN/YNePoLnj7JAHYAzPsPaoVxCWX+ lZtTzumyfCLphVwNl422qX5UwP5MDbAAAAGR/FLwpwAABAMARzBFAiEAn7qpImgn BfNv7JjH8YK4xs6siI01+zmJQkJZb3IY58ICIDXoO18uHmxskQ91LDcbx1Msd8+A SFnsK4L7ldw1QZ04MA0GCSqGSIb3DQEBCwUAA4IBAQAFx7JCgWnRFHaz8IoYkTAa rGrpxE4gHBLwrhxCwuY/mRLWWOqvwuVE8e4O23BcyUWzziCvcj3o98BiadHUawnX HlUzFF/gwrMGAV8afkNV/WBYqJFHJOFJrWma2clmWGXdZaBzSYKY77Q+CRL/E39T 4uIBp6C9cij/h1rgH4dgX04yDxLvnG2BMx286e9u9WAqFscoGZtc1UhnVZla6/wj lcRozdwpXVey6OaNn61WXHyCgYLejaSQQbasJDnqyMCiEo33rh6+X1+oz8+C+IlB 8/r1nfkRGQfhIEeF/+mnA0yzd2cXroBaBqQhDNMxPn9IHT20Tc5oVuCea8UeYgjS -----END CERTIFICATE-----
Common names
jadenconwright.com
Service Name Indication
request w/o SNI didn't succeed
SubjectAlternative Name
jadenconwright.com
Certificate authority issuers
Go Daddy Secure Certificate Authority - G2 (GoDaddy.com, Inc. from US)
Certificate trusted
Ok via SAN (SNI mandatory)
Certificate chain trusted
passed.
Is certificate Extended Validation
no
cert eTLS
not present
cert expirationStatus
299 >= 60 days
Valid from
2024-09-16 19:32
Valid until
2025-09-16 19:32
cert validityPeriod
No finding
Chain
2
certs list ordering problem
no
cert crlDistributionPoints
http://crl.godaddy.com/gdig2s1-30337.crl
Online Certificate Status Protocol URL
http://ocsp.godaddy.com/
OCSP stapling
not offered
cert mustStapleExtension
--
DNS CAArecord
--
certificate transparency
yes (certificate extension)
Server Preferences
order
server
Which protocol negotiated
Default protocol TLS1.2
negotiated
ECDHE-RSA-AES128-GCM-SHA256, 521 bit ECDH (P-521)
order TLSv1 2
ECDHE-RSA-AES128-GCM-SHA256
Perfect Forward Secrecy
PFS
offered
PFS s
ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA
PFS ECDHE curves
prime256v1 secp384r1 secp521r1
Ciphers
ECDHE-RSA-AES256-GCM-SHA384 ECDH 521 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(0xc030)
ECDHE-RSA-AES256-SHA ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
(0xc014)
AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
(0x9d)
AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
(0x35)
ECDHE-RSA-AES128-GCM-SHA256 ECDH 521 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(0xc02f)
ECDHE-RSA-AES128-SHA ECDH 521 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
(0xc013)
AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
(0x9c)
AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
(0x2f)
ECDHE-RSA-DES-CBC3-SHA ECDH 521 3DES 168 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
(0xc012)
DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA
(0x0a)
Browser Simulations
Android 4.4.2
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Android 5.0.0
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Android 6.0
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Android 7.0
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
clientsimulation-android 81
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
clientsimulation-android 90
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-android X
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-chrome 74 win10
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-chrome 79 win10
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-firefox 66 win81
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-firefox 71 win10
TLSv1.3 TLS_AES_128_GCM_SHA256
Windows XP Internet Explorer 6
No connection
Windows 7 Internet Explorer 8
No connection
Windows XP Internet Explorer 8
No connection
Windows 7 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES128-SHA
Windows 8.1 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES128-SHA
clientsimulation-ie 11 winphone81
TLSv1.2 ECDHE-RSA-AES128-SHA
Windows 10 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
clientsimulation-edge 15 win10
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
clientsimulation-edge 17 win10
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
clientsimulation-opera 66 win10
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-safari 9 ios9
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
MacOSX 10.11 Safari 9
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
MacOSX 10.12 Safari 10
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
clientsimulation-safari 121 ios 122
TLSv1.3 TLS_CHACHA20_POLY1305_SHA256
clientsimulation-safari 130 osx 10146
TLSv1.3 TLS_CHACHA20_POLY1305_SHA256
iOS 9 App Transport Security 9
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Java 6 update 45
No connection
Java 7 update 25
No connection
clientsimulation-java 8u161
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
clientsimulation-java1102
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-java1201
TLSv1.3 TLS_AES_128_GCM_SHA256
OpenSSL 1.0.2e
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
clientsimulation-openssl 110l
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
clientsimulation-openssl 111d
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-thunderbird 68 3 1
TLSv1.3 TLS_AES_128_GCM_SHA256