hdtube.bond
Score 87/100
Web site information
SEO data
title
404 Not Found
Protocols
SSLv2
not offered
SSLv3
not offered
TLS 1.0
offered (deprecated)
TLS 1.1
offered (deprecated)
TLS 1.2
offered
TLS 1.3
offered with final
ALPN HTTP2
h2
ALPN
http/1.1
Vulnerabilities
heartbleed
not vulnerable, no heartbeat extension
CCS
not vulnerable
ticketbleed
not vulnerable
ROBOT
not vulnerable
SSL renegotiation
supported
SSL client renegotiation
not vulnerable
CRIME TLS
not vulnerable
BREACH
potentially VULNERABLE, br HTTP compression detected - only supplied '/' tested
POODLE SSL
not vulnerable, no SSLv3
fallback SCSV
supported
SWEET32
uses 64 bit block ciphers
FREAK
not vulnerable
DROWN
not vulnerable on this host and port
DROWN hint
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=43711C62705FC33AEF4CAF52B3383863864402CF67511F83A8FAF266EB98ED9F
LOGJAM
not vulnerable, no DH EXPORT ciphers,
LOGJAM-common primes
no DH key with <= TLS 1.2
Header Responses
Status code
404 Not Found ('/')
Clock skew
0 seconds from localtime
HSTS
not offered
HPKP
No support for HTTP Public Key Pinning
security headers
--
Server Defaults
TLS extensions
'server name/#0' 'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'status request/#5' 'next protocol/#13172' 'key share/#51' 'supported versions/#43' 'extended master secret/#23' 'application layer protocol negotiation/#16'
TLS session ticket
valid for 64800 seconds only (<daily)
SSL sessionID support
yes
Session Ticket Resumption
supported
Session ID Resumption
not supported
cert numbers
1
Signature algorithm
SHA256 with RSA
Key size
RSA 2048 bits
Key usage
Digital Signature, Key Encipherment
Extended key usage
TLS Web Server Authentication
Serial number
1656CDE17F55637C13FF495EAEE186D1
cert serialNumberLen
16
Fingerprint SHA1
1BC970E390CE75801A2CEC588AEBF19CD85D7D18
Fingerprint SHA256
43711C62705FC33AEF4CAF52B3383863864402CF67511F83A8FAF266EB98ED9F
Certificate details
-----BEGIN CERTIFICATE----- MIIFajCCBFKgAwIBAgIQFlbN4X9VY3wT/0leruGG0TANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM QzETMBEGA1UEAxMKR1RTIENBIDFQNTAeFw0yNDAzMjgxNTEyMjJaFw0yNDA2MjYx NTEyMjFaMBYxFDASBgNVBAMTC2hkdHViZS5ib25kMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEA3vbBCajaHFvDxhkIo+RlwFvde47CvB5gLi3VLotIQYKv 3+aUCuNbWCFizuddh4ejfU0UF4ZOOf1qEO95N9dcZkH0b/pB61eEZZ2qUyW24aFw uxjItHzUVgYKxWAydSO/iJDGmfOCmsStCBBVVKfhMvxqQcuLmsR3pe1siZ2Bs+Om XKiC3vZsSWqVramgFwaDdl4hzDPZAvvkS/eVG0mCX0HpYJTU3GlLERgezrSdVx1F euQ0bTfwLjgszqtnpGv9on1ngoakX9GSbw2OSU2ckUQE6Gq9eUhw7cv2NcJac/pF CxMnFkMl/ombHYdpnSFAEkyuqWTGIFwWIELJ96+tswIDAQABo4ICgjCCAn4wDgYD VR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAw HQYDVR0OBBYEFJE43NMg4dIT0luhL73vfnciG1vRMB8GA1UdIwQYMBaAFNX8ng3f HsrdCJeXbivFX8Ur9ey4MHgGCCsGAQUFBwEBBGwwajA1BggrBgEFBQcwAYYpaHR0 cDovL29jc3AucGtpLmdvb2cvcy9ndHMxcDUvelNwdmlzUnk3WFEwMQYIKwYBBQUH MAKGJWh0dHA6Ly9wa2kuZ29vZy9yZXBvL2NlcnRzL2d0czFwNS5kZXIwJQYDVR0R BB4wHIILaGR0dWJlLmJvbmSCDSouaGR0dWJlLmJvbmQwIQYDVR0gBBowGDAIBgZn gQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3Js cy5wa2kuZ29vZy9ndHMxcDUvbHlITkxIbzFlbGsuY3JsMIIBBQYKKwYBBAHWeQIE AgSB9gSB8wDxAHcA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGO hdV3kQAABAMASDBGAiEA3jbwFQTmfoYkobWWBbr0EW9mvqTdh/W1jFfCDL6pSTwC IQDWHEuM53VbkjtBzyIyefgvVoPbtkPmppe/3ZAQn6QeDgB2AO7N0GTV2xrOxVy3 nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABjoXVd1kAAAQDAEcwRQIhAKeitLWq/Qa8 xz6AipoYPA1DgbA33CxDHD98xh6LZPRdAiA37VCqk9tF3rnBExUJ/PrpFu4uKqxJ WYCSHVtP25f11zANBgkqhkiG9w0BAQsFAAOCAQEAr5smKyiGoLCoBeYxTXwG4jcA 4xNKciozeCgU4jiE6v3OK4LSsEeCLzwwEuDyeyVR9cFifdZW+OAnZ+sKgYVoqLat TS+kXMm7Bgj7LvdoiC6b8HPwzDsk+bGvWOLiNg5sl9dBAvKpkkMkWmflQxl6TBEg Pxkp3ZGInm6bn7El25dyKRgVwwKpHybn6FbOLbrz5PjNS8hzCC63vCpPkKebeLO6 ZCwYohdXVCbBeNr6NXt0aYrySP9xuJoBM/qJDV38Mf57Kj2ywE9CLyVF+f1kHzwh Fx8/xv5PBcoa5EGtk/pSdkPg0V7VpFVIVXp/aItu9xQ/Oj5KvxqBRZSIVRuELA== -----END CERTIFICATE-----
Common names
hdtube.bond
Service Name Indication
sni.cloudflaressl.com
SubjectAlternative Name
hdtube.bond *.hdtube.bond
Certificate authority issuers
GTS CA 1P5 (Google Trust Services LLC from US)
Certificate trusted
Ok via SAN (SNI mandatory)
Certificate chain trusted
passed.
Is certificate Extended Validation
no
cert eTLS
not present
cert expirationStatus
expires < 60 days (53)
Valid from
2024-03-28 15:12
Valid until
2024-06-26 15:12
cert validityPeriod
No finding
Chain
3
certs list ordering problem
no
cert crlDistributionPoints
http://crls.pki.goog/gts1p5/lyHNLHo1elk.crl
Online Certificate Status Protocol URL
http://ocsp.pki.goog/s/gts1p5/zSpvisRy7XQ
OCSP stapling
offered
cert ocspRevoked
not revoked
cert mustStapleExtension
--
DNS CAArecord
--
certificate transparency
yes (certificate extension)
Server Preferences
order
server -- TLS 1.3 client determined
Which protocol negotiated
Default protocol TLS1.3
negotiated
TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519)
order TLSv1
ECDHE-RSA-AES128-SHA
order TLSv1 1
ECDHE-RSA-AES128-SHA
order TLSv1 2
ECDHE-RSA-AES128-GCM-SHA256
Perfect Forward Secrecy
PFS
offered
PFS s
ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-CHACHA20-POLY1305-OLD
PFS ECDHE curves
prime256v1 secp384r1 secp521r1