kevintrudeaufanclub.com
Score 95/100
Web site information
Web Address
IP Address
CDN
CloudFlare
JavaScript Frameworks
Lightbox
Ecommerce
WooCommerce
CMS
WordPress
Programming Languages
PHP
SEO data
title
The Official Kevin Trudeau Fan Club – Support Kevin Trudeau's Mission
robots
max-image-preview:large
msapplication-TileImage
https://kevintrudeaufanclub.com/wp-content/uploads/2022/08/KTFC-logo-2.png
Protocols
SSLv2
not offered
SSLv3
not offered
TLS 1.0
not offered
TLS 1.1
not offered
TLS 1.2
offered
TLS 1.3
offered with final
ALPN HTTP2
h2
ALPN
http/1.1
Vulnerabilities
heartbleed
not vulnerable, no heartbeat extension
CCS
not vulnerable
ticketbleed
not vulnerable
ROBOT
not vulnerable
SSL renegotiation
OpenSSL handshake didn't succeed
SSL client renegotiation
not vulnerable
CRIME TLS
not vulnerable
BREACH
potentially VULNERABLE, br HTTP compression detected - only supplied '/' tested
POODLE SSL
not vulnerable, no SSLv3
fallback SCSV
no protocol below TLS 1.2 offered
SWEET32
not vulnerable
FREAK
not vulnerable
DROWN
not vulnerable on this host and port
DROWN hint
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=D4AD1668688590783481997F642706211C258F734090B3A9DFA04BE5833937F2
LOGJAM
not vulnerable, no DH EXPORT ciphers,
LOGJAM-common primes
no DH key with <= TLS 1.2
BEAST
not vulnerable, no SSL3 or TLS1
LUCKY13
potentially vulnerable, uses TLS CBC ciphers
RC4
not vulnerable
Header Responses
Status code
200 OK ('/')
Clock skew
+145 seconds from localtime
HTTP headerAge
145 seconds
HSTS time
365 days (=31536000 seconds) > 15552000 seconds
HSTS subdomains
only for this domain
HSTS preload
domain IS marked for preloading
HPKP
No support for HTTP Public Key Pinning
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=edge
Cache-Control
max-age=600, public, s-maxage=600
Pragma
public
Server Defaults
TLS extensions
'server name/#0' 'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'status request/#5' 'next protocol/#13172' 'key share/#51' 'supported versions/#43' 'extended master secret/#23' 'application layer protocol negotiation/#16'
TLS session ticket
valid for 64800 seconds only (<daily)
SSL sessionID support
yes
Session Ticket Resumption
supported
Session ID Resumption
not supported
cert numbers
2
Signature algorithm
SHA256 with RSA
Key size
RSA 2048 bits
Key usage
Digital Signature, Key Encipherment
Extended key usage
TLS Web Server Authentication, TLS Web Client Authentication
Serial number
0F9AF800D98B305A312A520D65ACA1CF
cert serialNumberLen
16
Fingerprint SHA1
AD05204A0CCF0EEE042241BD4308B71215F2582A
Fingerprint SHA256
D4AD1668688590783481997F642706211C258F734090B3A9DFA04BE5833937F2
Certificate details
-----BEGIN CERTIFICATE----- MIIGqzCCBZOgAwIBAgIQD5r4ANmLMFoxKlINZayhzzANBgkqhkiG9w0BAQsFADBK MQswCQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UE AxMXQ2xvdWRmbGFyZSBJbmMgUlNBIENBLTIwHhcNMjMwOTE1MDAwMDAwWhcNMjQw OTEzMjM1OTU5WjB3MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEW MBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5j LjEgMB4GA1UEAxMXa2V2aW50cnVkZWF1ZmFuY2x1Yi5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQC0Yyis486i22cpS5pPgCVM+QKxK0BhzQ07+aeH Pyzo/0RAVB2V5V3cPTON6YJDofe9+OuPg4jIwquTYOl2r1kCEuVQoiLuOPEKpexM wNvKb2jwJPRZXgSCdnJ1oi7AbLRMrviFGiaaPQjjAhrccu/7OEQ7xE01Za4S2V7p AWrxi1fZ/RynBctMHrWCNvbdAlzR/M9EONwDBNM5OLY7siP4Xy5tbWpZ2VDzzd7V 2kgrnB9XU3gL1yOzD4Lyt4jwdat+GLRfuozNxpP1ZVOb9w05Zh7XS1l3BIvmK5AN T7DMy4bLWFqPyfz8Sre9bVnFexrG3+SbYmA6IOQkZVJ7s3S1AgMBAAGjggNeMIID WjAfBgNVHSMEGDAWgBQYqRr8skVJwW8wNAgr2YecsCVXejAdBgNVHQ4EFgQUsK4s wXEit6xVX6Yz/s+Z+Y8tJeEwIgYDVR0RBBswGYIXa2V2aW50cnVkZWF1ZmFuY2x1 Yi5jb20wPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDov L3d3dy5kaWdpY2VydC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwewYDVR0fBHQwcjA3oDWgM4YxaHR0cDovL2Ny bDMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNSU0FDQS0yLmNybDA3oDWgM4Yx aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNSU0FDQS0yLmNy bDB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2lj ZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29t L0Nsb3VkZmxhcmVJbmNSU0FDQS0yLmNydDAMBgNVHRMBAf8EAjAAMIIBgAYKKwYB BAHWeQIEAgSCAXAEggFsAWoAdwDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlG cR+1mwAAAYqY3zefAAAEAwBIMEYCIQDvynHzSVzq/PvjcZPr5LaQqL+PXM2NCD+x PS8r08MK8wIhAJlY8a7L/64xM351a/SNj9cTVpzcNNSX+1VI8eArDSBrAHcASLDj a9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGKmN83aAAABAMASDBGAiEA slfk0af9NPA+8/sU6oE5sDsRthkL85eGUtuE4QqcilACIQCcnD1VJB2MBckDF2hJ gT880o9oJOk4j1D599b3kYnmHAB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2k PTBI1/urAAABipjfNzkAAAQDAEcwRQIhAMtPxvvzu3LuDcbLlIp8l4m6RP5IP+iA pHxbgUvY4FboAiBAxXoEWQN9BNQE82TP5pZnjkTQhe/9N1mAi3JrCLbZIjANBgkq hkiG9w0BAQsFAAOCAQEAaZwK+oMtA0r+nyeWCUbsHtRHKk1tcOjR0wHVlPryr7P1 IZNgHOwAFh24jg+XeJPl9Jyu2/XRkG2rn2eS8E1z7pNkji10bne6sFZn4rHOKMMZ pCCc+2UWlb2jj+pZB6s6wsRORlgZxLZAljUc966d2gDtiKRNu/q2kVqWdDU/LeCu 5h46lQVtaTtb+vkPkJAQlzUMo5U2KLhh2tN4yUA/mt5FqCgTT12m1C+9tnzNh7bj J2h+UFl8xppDmrI425nNEOKxEh09uSw+b0SFpegN2xLXBHzywu/AJfmxQTkFd8l1 X7Q7FC9BPccE39KFYBIkG5bkxAc6r57p5MXHhykPkQ== -----END CERTIFICATE-----
Common names
kevintrudeaufanclub.com
Service Name Indication
request w/o SNI didn't succeed
SubjectAlternative Name
kevintrudeaufanclub.com
Certificate authority issuers
Cloudflare Inc RSA CA-2 (Cloudflare, Inc. from US)
Certificate trusted
Ok via SAN (SNI mandatory)
Certificate chain trusted
passed.
Is certificate Extended Validation
no
cert eTLS
not present
cert expirationStatus
201 >= 60 days
Valid from
2023-09-15 00:00
Valid until
2024-09-13 23:59
cert validityPeriod
No finding
Chain
2
certs list ordering problem
no
cert crlDistributionPoints
http://crl3.digicert.com/CloudflareIncRSACA-2.crl http://crl4.digicert.com/CloudflareIncRSACA-2.crl
Online Certificate Status Protocol URL
http://ocsp.digicert.com
OCSP stapling
offered
cert ocspRevoked
not revoked
cert mustStapleExtension
--
DNS CAArecord
--
certificate transparency
yes (certificate extension)
Signature algorithm
ECDSA with SHA256
Key size
EC 256 bits
Key usage
Digital Signature, Key Agreement
Extended key usage
TLS Web Server Authentication, TLS Web Client Authentication
Serial number
0391039552B39BF11DC2B861931895EE
cert serialNumberLen
16
Fingerprint SHA1
723596F8B8653795A3A21A67FBD46F238F89EFBE
Fingerprint SHA256
0F4C1C9BB6AD0E68CF7338DC85B7BE2DC5982C64C82CA92003DACF8BC7E87045
Certificate details
-----BEGIN CERTIFICATE----- MIIFHTCCBMOgAwIBAgIQA5EDlVKzm/EdwrhhkxiV7jAKBggqhkjOPQQDAjBKMQsw CQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UEAxMX Q2xvdWRmbGFyZSBJbmMgRUNDIENBLTMwHhcNMjMwOTE1MDAwMDAwWhcNMjQwOTEz MjM1OTU5WjB3MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQG A1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEg MB4GA1UEAxMXa2V2aW50cnVkZWF1ZmFuY2x1Yi5jb20wWTATBgcqhkjOPQIBBggq hkjOPQMBBwNCAASD8LRehmKTZGbIABCZOZVVjM15otRFlKxca/n3I1J1W+pOowC1 B9e4jr0czI4xIA7B2dhRH+223rEFimNPfc/Vo4IDXDCCA1gwHwYDVR0jBBgwFoAU pc436uuwdQ6UZ4i0RfrZJBCHlh8wHQYDVR0OBBYEFEAPOr5b8CnU5bGBtDK8ZL2x Xj//MCIGA1UdEQQbMBmCF2tldmludHJ1ZGVhdWZhbmNsdWIuY29tMD4GA1UdIAQ3 MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQu Y29tL0NQUzAOBgNVHQ8BAf8EBAMCA4gwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNv bS9DbG91ZGZsYXJlSW5jRUNDQ0EtMy5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRp Z2ljZXJ0LmNvbS9DbG91ZGZsYXJlSW5jRUNDQ0EtMy5jcmwwdgYIKwYBBQUHAQEE ajBoMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQAYIKwYB BQUHMAKGNGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9DbG91ZGZsYXJlSW5j RUNDQ0EtMy5jcnQwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIB agFoAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGKmN88PQAA BAMARzBFAiAy/4kpcblNabqH21cTWCcH8TRYGsbByscT/kSZOo0x6AIhAN/WJIfc ziUWDck7W9/7K5ITS6cVoJzzI83B9B0NXiaSAHYASLDja9qmRzQP5WoC+p0w6xxS ActW3SyB2bu/qznYhHMAAAGKmN875AAABAMARzBFAiEA2Tnoe8ngWW9EwJoc4M28 j2vCn6pbDB87gVlnINlnK5ICIA5sDe3MFqklk7sWxvHOp+v6E69zoD92oPXMJToQ +JbQAHYA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGKmN88FQAA BAMARzBFAiEAyHkxVHHd+fR8bw4U68YCe2gdD+eYCei5Wuy4f/ORmCUCICWEONzS dileYUzqWVZZ1kdqF/QHbGWg1l1+n1/8xcyPMAoGCCqGSM49BAMCA0gAMEUCIG3U r+ddWkco1qFwMoogCwmszCS+Alqet5sCbhwjbd9CAiEA3/1hUWdYSstPimrYOywn 0vhGllHFH+S3fs12JgQfhvU= -----END CERTIFICATE-----
Common names
kevintrudeaufanclub.com
Service Name Indication
request w/o SNI didn't succeed, usual for EC certificates
SubjectAlternative Name
kevintrudeaufanclub.com
Certificate authority issuers
Cloudflare Inc ECC CA-3 (Cloudflare, Inc. from US)
Certificate trusted
Ok via SAN (SNI mandatory)
Certificate chain trusted
passed.
Is certificate Extended Validation
no
cert eTLS
not present
cert expirationStatus
201 >= 60 days
Valid from
2023-09-15 00:00
Valid until
2024-09-13 23:59
cert validityPeriod
No finding
Chain
2
certs list ordering problem
no
cert crlDistributionPoints
http://crl3.digicert.com/CloudflareIncECCCA-3.crl http://crl4.digicert.com/CloudflareIncECCCA-3.crl
Online Certificate Status Protocol URL
http://ocsp.digicert.com
OCSP stapling
offered
cert ocspRevoked
not revoked
cert mustStapleExtension
--
DNS CAArecord
--
certificate transparency
yes (certificate extension)
Server Preferences
order
server -- TLS 1.3 client determined
Which protocol negotiated
Default protocol TLS1.3
negotiated
TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519)
order TLSv1 2
ECDHE-ECDSA-AES128-GCM-SHA256
Perfect Forward Secrecy
PFS
offered
PFS s
ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-CHACHA20-POLY1305-OLD
PFS ECDHE curves
prime256v1
Ciphers
ECDHE-ECDSA-CHACHA20-POLY1305-OLD ECDH 256 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD
(0xcc14)
ECDHE-RSA-CHACHA20-POLY1305-OLD ECDH 256 ChaCha20 256 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD
(0xcc13)
ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(0xc030)
ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
(0xc02c)
ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
(0xc028)
ECDHE-ECDSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
(0xc024)
ECDHE-RSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
(0xc014)
ECDHE-ECDSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
(0xc00a)
AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
(0x9d)
AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
(0x3d)
AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
(0x35)
ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(0xc02f)
ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
(0xc02b)
ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
(0xc027)
ECDHE-ECDSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
(0xc023)
ECDHE-RSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
(0xc013)
ECDHE-ECDSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
(0xc009)
AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
(0x9c)
AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
(0x3c)
AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
(0x2f)
Browser Simulations
Android 4.4.2
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Android 5.0.0
TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD
Android 6.0
TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD
Android 7.0
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
clientsimulation-android 81
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
clientsimulation-android 90
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-android X
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-chrome 74 win10
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-chrome 79 win10
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-firefox 66 win81
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-firefox 71 win10
TLSv1.3 TLS_AES_128_GCM_SHA256
Windows XP Internet Explorer 6
No connection
Windows 7 Internet Explorer 8
No connection
Windows XP Internet Explorer 8
No connection
Windows 7 Internet Explorer 11
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Windows 8.1 Internet Explorer 11
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
clientsimulation-ie 11 winphone81
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Windows 10 Internet Explorer 11
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
clientsimulation-edge 15 win10
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
clientsimulation-edge 17 win10
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
clientsimulation-opera 66 win10
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-safari 9 ios9
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
MacOSX 10.11 Safari 9
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
MacOSX 10.12 Safari 10
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
clientsimulation-safari 121 ios 122
TLSv1.3 TLS_CHACHA20_POLY1305_SHA256
clientsimulation-safari 130 osx 10146
TLSv1.3 TLS_CHACHA20_POLY1305_SHA256
iOS 9 App Transport Security 9
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Java 6 update 45
No connection
Java 7 update 25
No connection
clientsimulation-java 8u161
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
clientsimulation-java1102
TLSv1.3 TLS_AES_128_GCM_SHA256
clientsimulation-java1201
TLSv1.3 TLS_AES_128_GCM_SHA256
OpenSSL 1.0.2e
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
clientsimulation-openssl 110l
TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305
clientsimulation-openssl 111d
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-thunderbird 68 3 1
TLSv1.3 TLS_AES_128_GCM_SHA256