postfallsmarketing.com

Score 92/100

Web site information

Web Address
postfallsmarketing.com
IP Address
188.114.96.3
CDN
CloudFlare

SEO data

Protocols

SSLv2
not offered
SSLv3
not offered
TLS 1.0
offered (deprecated)
TLS 1.1
offered (deprecated)
TLS 1.2
offered
TLS 1.3
offered with final
ALPN HTTP2
h2
ALPN
http/1.1

Vulnerabilities

heartbleed
not vulnerable, no heartbeat extension
CCS
not vulnerable
ticketbleed
not vulnerable

Header Responses

Status code
200 OK ('/')
Clock skew
0 seconds from localtime
HSTS
not offered
HPKP
No support for HTTP Public Key Pinning
Number of cookies
0 at '/'
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Server Defaults

TLS extensions
'server name/#0' 'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'status request/#5' 'next protocol/#13172' 'key share/#51' 'supported versions/#43' 'extended master secret/#23' 'application layer protocol negotiation/#16'
TLS session ticket
valid for 64800 seconds only (<daily)
SSL sessionID support
yes
Session Ticket Resumption
supported
Session ID Resumption
supported
TLS timestamp
off by 0 seconds from your localtime
cert numbers
1
Signature algorithm
SHA256 with RSA
Key size
RSA 2048 bits
Key usage
Digital Signature, Key Encipherment
Extended key usage
TLS Web Server Authentication
Serial number
2C369EBE62B70AD40D20DAAEFE88F683
cert serialNumberLen
16
Fingerprint SHA1
539C5A08EC01F023E485BAA057AE41C32F091038
Fingerprint SHA256
8FA23C8AB6950769BC77BEAE4F44E48CE6652DC472208732E5A5A8C380CBBFC4
Certificate details
-----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgIQLDaevmK3CtQNINqu/oj2gzANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM QzETMBEGA1UEAxMKR1RTIENBIDFQNTAeFw0yNDAzMTQyMDE3NTRaFw0yNDA2MTIy MDE3NTNaMCExHzAdBgNVBAMTFnBvc3RmYWxsc21hcmtldGluZy5jb20wggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0dGbLRmHCFVyO3LjIsmcyJSPpneHN rf9stQhLrGEl8tFMBJqoq2oltgKHjVCWQTfdvYwYodP5uoSAbtViDU3qJgde1El4 MJ+13XNk4XQOzVer45DWh3Ewxkaf2dqr7LOvY9Ny4/3ZucxSQ/CRfDjELym0f1Iu ufGwliiaOwWvlF3wZD+r/VBpK9g+s3UBAgomUQDnsWhJxPWwbx6bW+h9UOlWtIC0 XC4mp7H2u2wwikNBZYPe4i5eL/Csj5Cuu+x5kHrZ2pBZRsXwgHG+JKMfkJgnnGqM riEXm2/OpSSrmkzTFh6OXTeB0jRg8WocmtvnC8uvF374D2ZLXLPp8iz9AgMBAAGj ggKXMIICkzAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQUYHzBU4IznUtlW8GfxNOIuDoOfNkwHwYDVR0j BBgwFoAU1fyeDd8eyt0Il5duK8VfxSv17LgweAYIKwYBBQUHAQEEbDBqMDUGCCsG AQUFBzABhilodHRwOi8vb2NzcC5wa2kuZ29vZy9zL2d0czFwNS9uUlJKZElzY1NM NDAxBggrBgEFBQcwAoYlaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzMXA1 LmRlcjA7BgNVHREENDAyghZwb3N0ZmFsbHNtYXJrZXRpbmcuY29tghgqLnBvc3Rm YWxsc21hcmtldGluZy5jb20wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHW eQIFAzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMx cDUvLXVweUxfQldGb1EuY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHUA7s3Q ZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGOPtQrZwAABAMARjBEAiBN r17GngEW6rmqfxhNBQQPIT1OsHUvVss2AScZf31naAIgfAnZmTI9plhsJ1L+0hmD vHKUr1ebDVc2wnDc2vonTa4AdwBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+r OdiEcwAAAY4+1CuhAAAEAwBIMEYCIQDs+9dEtLWe1FE9LnuSzHZgjL5ZVw2Eupv1 Fmsd2uPUGwIhAIjxPIlr5DgJK8hB1Co1iNCXTqoliJEm+1VBAXZuMYwoMA0GCSqG SIb3DQEBCwUAA4IBAQCKhKuo9UhF7/Wafhha69788hhlx9ZWTz26w8n0n5b9oRpL +A1EtRUXAcuxFDV1L6Ji+sUJUjZtxB4MXNJZgIvBIXiR4Tvtv/g/OoT/HpRhtRTx iaPrW2iW0g3hCMTm/KUO4TFUCYv63pUkzSwW4DBDnJoliSB6bRZMS0767E4z70Ib UknR/8sGALanxN84f/C7fx/Awqe2D+ui8s63TVq/EseHF9kDs0e9B2bObaZ6h+/T M5lGliYnsPQg3TP/3200PHu8hZzb5Ki09TO4fSSs+RfQBC4+H3klU2TyP86DQjx9 clZJC1jcRk6+2bN8vSZlGOTAJf7yjEVGtx2zJA6z -----END CERTIFICATE-----
Common names
postfallsmarketing.com
Service Name Indication
sni.cloudflaressl.com
SubjectAlternative Name
postfallsmarketing.com *.postfallsmarketing.com
Certificate authority issuers
GTS CA 1P5 (Google Trust Services LLC from US)
Certificate trusted
Ok via SAN (SNI mandatory)
Certificate chain trusted
passed.
Is certificate Extended Validation
no
cert eTLS
not present
cert expirationStatus
expires < 60 days (49)
Valid from
2024-03-14 20:17
Valid until
2024-06-12 20:17
cert validityPeriod
No finding
Chain
3
certs list ordering problem
no
cert crlDistributionPoints
http://crls.pki.goog/gts1p5/-upyL_BWFoQ.crl
Online Certificate Status Protocol URL
http://ocsp.pki.goog/s/gts1p5/nRRJdIscSL4
OCSP stapling
offered
cert ocspRevoked
not revoked
cert mustStapleExtension
--
DNS CAArecord
--
certificate transparency
yes (certificate extension)

Server Preferences

order
server -- TLS 1.3 client determined
Which protocol negotiated
Default protocol TLS1.3
negotiated
TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519)
order TLSv1
ECDHE-RSA-AES128-SHA
order TLSv1 1
ECDHE-RSA-AES128-SHA
order TLSv1 2
ECDHE-RSA-AES128-GCM-SHA256

Perfect Forward Secrecy

PFS
offered
PFS s
ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-CHACHA20-POLY1305-OLD
PFS ECDHE curves
prime256v1 secp384r1 secp521r1