Namecheap.com

SSL Checker

Submit the Hostname and Port in the fields below. This checker supports SNI and STARTTLS.

Report

Hostname: Matches Common Name or/and SAN
Expired: No (83 days till expiration)
Public Key: We were unable to find any issues in the public key of end-entity certificate
Trusted: Yes, we were able to verify the certificate
Self-Signed: No, the end-entity certificate is not self-signed
Chain Issues: No, we were unable to detect any issues in the certificate chain sent by the server
Weak signatures: No, certificates sent by the server were not signed utilizing a weak hash function
OCSP Status: OCSP Responder returned "good" status for the end-entity certificate

DNS Information

Resolves To: 151.101.1.29
Reverse IP lookup: No records found
Nameserver: ns01.r9dns.net.
Nameserver: ns02.r9dns.net.
Nameserver: ns03.r9dns.net.
Nameserver: ns04.r9dns.net.
Nameserver: dns1.p10.nsone.net.
Nameserver: dns2.p10.nsone.net.
Nameserver: dns3.p10.nsone.net.
Nameserver: dns4.p10.nsone.net.

General Information

Common Name: kayak.ch
SANs: DNS:kayak.ch Total number of SANs: 1
Signature Algorithm: sha256WithRSAEncryption
Key Type: RSA
Key size: 2048 bits
Serial Number: 467ec4495cfcc973c9725c152d9fc611e23
Not Before: Nov 23, 2021 08:45:27 GMT
Not After: Feb 21, 2022 08:45:26 GMT
Number of certs: 3
Revocation Status: good
OCSP Stapling: Supported
Server: Varnish
HSTS: Not Supported
HPKP: Not Supported

Chain Information

Certificate # 1 - Common Name: kayak.ch

Decode this certificate for verbose information →
Subject Common Name kayak.ch
Issuer Common Name R3
Issuer Organization Let's Encrypt
Not Before: Nov 23, 2021 08:45:27 GMT
Not After: Feb 21, 2022 08:45:26 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 467ec4495cfcc973c9725c152d9fc611e23
SHA1 Fingerprint: D8:30:21:94:18:4A:49:F6:AF:63:C4:88:69:AD:DA:37:EA:E5:CC:D1
MD5 Fingerprint: 33:19:A8:F4:6E:14:BA:37:08:58:66:82:CB:F6:3F:C7

Certificate # 2 - Common Name: R3

Decode this certificate for verbose information →
In place? Yes, this certificate directly certifies the preceding one
Subject Common Name R3
Subject Organization Let's Encrypt
Issuer Common Name ISRG Root X1
Issuer Organization Internet Security Research Group
Not Before: Sep 04, 2020 00:00:00 GMT
Not After: Sep 15, 2025 16:00:00 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 912b084acf0c18a753f6d62e25a75f5a
SHA1 Fingerprint: A0:53:37:5B:FE:84:E8:B7:48:78:2C:7C:EE:15:82:7A:6A:F5:A4:05
MD5 Fingerprint: E8:29:E6:5D:7C:43:07:D6:FB:C1:3C:17:9E:03:7A:36

Certificate # 3 - Common Name: ISRG Root X1

Decode this certificate for verbose information →
In place? Yes, this certificate directly certifies the preceding one
Subject Common Name ISRG Root X1
Subject Organization Internet Security Research Group
Issuer Common Name DST Root CA X3
Issuer Organization Digital Signature Trust Co.
Not Before: Jan 20, 2021 19:14:03 GMT
Not After: Sep 30, 2024 18:14:03 GMT
Signature Algorithm: sha256WithRSAEncryption
Serial Number: 4001772137d4e942b8ee76aa3c640ab7
SHA1 Fingerprint: 93:3C:6D:DE:E9:5C:9C:41:A4:0F:9F:50:49:3D:82:BE:03:AD:87:BF
MD5 Fingerprint: C1:E1:FF:07:F9:F6:88:49:82:74:D1:A1:80:53:EA:BF

OpenSSL Handshake

depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = kayak.ch
verify return:1
CONNECTED(00000003)
OCSP response: 
======================================
OCSP Response Data:
    OCSP Response Status: successful (0x0)
    Response Type: Basic OCSP Response
    Version: 1 (0x0)
    Responder Id: C = US, O = Let's Encrypt, CN = R3
    Produced At: Nov 23 09:45:00 2021 GMT
    Responses:
    Certificate ID:
      Hash Algorithm: sha1
      Issuer Name Hash: 48DAC9A0FB2BD32D4FF0DE68D2F567B735F9B3C4
      Issuer Key Hash: 142EB317B75856CBAE500940E61FAF9D8B14C2C6
      Serial Number: 0467EC4495CFCC973C9725C152D9FC611E23
    Cert Status: good
    This Update: Nov 23 09:00:00 2021 GMT
    Next Update: Nov 30 08:59:58 2021 GMT

    Signature Algorithm: sha256WithRSAEncryption
         88:00:e4:cd:d4:17:2a:b5:b8:23:ed:05:bb:67:31:4b:d6:20:
         e1:40:72:cc:14:59:64:49:53:0e:fe:c8:af:39:60:9b:6c:d8:
         8c:17:35:8d:63:69:77:2b:c3:17:c4:79:b0:00:cb:89:61:bc:
         f7:3d:86:44:c7:0e:62:cc:b4:fb:94:c7:82:4a:b1:54:66:b9:
         54:c7:88:38:dc:8e:86:0f:17:fc:8a:b4:4f:c0:d0:5d:55:07:
         f8:1c:d6:1f:a8:5b:c5:f0:de:58:38:4b:00:68:15:eb:01:a1:
         57:a3:15:24:23:44:11:7e:c8:1e:30:da:70:9e:63:35:01:ab:
         ad:f7:55:36:e9:3e:95:bd:4f:44:63:f2:01:22:ba:19:fb:7b:
         42:37:8f:4d:04:8a:23:ec:08:e1:f5:11:c4:cb:4e:f0:ff:b9:
         55:74:50:d6:14:0e:b2:8d:43:34:74:70:27:fd:f2:a5:dc:92:
         5e:45:c0:c5:a1:73:ae:b1:c7:9d:22:7f:6c:5b:4b:aa:3a:7d:
         19:6c:81:99:8b:49:19:22:3e:fb:39:d2:3a:9d:0c:2b:85:ab:
         f3:0a:71:57:6e:a4:be:8b:9d:98:36:20:7e:0a:c2:84:d4:0a:
         bf:cd:76:a9:45:f3:9d:d0:dd:93:f1:24:c6:f3:d6:32:e9:5e:
         ff:51:e4:15
======================================
---
Certificate chain
 0 s:/CN=kayak.ch
   i:/C=US/O=Let's Encrypt/CN=R3
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISBGfsRJXPzJc8lyXBUtn8YR4jMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTExMjMwODQ1MjdaFw0yMjAyMjEwODQ1MjZaMBMxETAPBgNVBAMT
CGtheWFrLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfa+JZ5Z
d/W6flSTkgn0gjljk2t7VTLUJwwFCRr7hySVD2RHVBvEmrGWlzqngYfy7AwLDDn6
Xj/hah57SeDx+dQRzyum+3OW1dT8hllQJhvMIudcsPVquqCHqhqpJIUHMhiMMwKL
NC3yAR35RNno6oLt66W/o9DxenKFsWDMkvHvzz7dqCNWQUXBCc8MtnKYZgucn1Am
8Vm6upvETc0una+uV0EONLYmREWjDkKGWrI2DSxBchNCZLSvZYiReqLO+OK0OHtd
7+tw5SJXETPkmwabH9T7eVvRjpMAvvVrllEptyy4krXO+xUgY/GNebhUnRKw5849
DENBsW1x0xljmwIDAQABo4ICRDCCAkAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQV
9FiCOTPXAG/r9yB4IiVpaaEHozAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+d
ixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxl
bmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzATBgNV
HREEDDAKgghrYXlhay5jaDBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLf
EwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCC
AQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4
+U1dJlwlXceEAAABfUwvmKQAAAQDAEgwRgIhAKR4OmN9rsbXYKsWRaSFtshXNPu9
qgSDffjGD1c2RIsDAiEA8q67VIUigbhMuHj212JeRuHW2i+rWML5nW3R5pxV/N8A
dgDfpV6raIJPH2yt7rhfTj5a6s2iEqRqXo47EsAgRFwqcwAAAX1ML5yLAAAEAwBH
MEUCIQCwBZH/2A1yD5C/udAw7izXJoDVFZXqqvxTRgYurGX2DAIgc1cExD0Oxnn2
VGgIksCYEgdDb6wMx//79jXzaWat3YwwDQYJKoZIhvcNAQELBQADggEBACTNM2Wu
Zw/S566sg3Wmq8AqdHq4H15dbFCaBcxpss39m99CK+rDPT0LB1Bo+4DPocWRgBmf
JU6YzC0I71tXlsLsnL0Ff9YLNv5vCZHs+Jq45iK3rd22ZFYaz6quXQfSSeKXVXBp
HcuJkEGpBIVUzSq2iGlP/yNXj9V8NhYkLSnYhY8i4wU7d6FLieSIeMdLI3L+jr1O
ODfAA0D8064Bt+e0f4WL4BUeQRIG91fVTC16ZQ+3MHJNPIj1SB5RLoGsCNQdyLxt
gk0Yuv+Wn+TG275ML6bd676p9pjI9JrdnvNL3Zx0NAqZ5kOaealAchP2q4vGu38y
xZ8yB9r53bxzaeE=
-----END CERTIFICATE-----
 1 s:/C=US/O=Let's Encrypt/CN=R3
   i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----
 2 s:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
-----END CERTIFICATE-----
---
Server certificate
subject=/CN=kayak.ch
issuer=/C=US/O=Let's Encrypt/CN=R3
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 5164 bytes and written 295 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: 853732F393E73204F85AD4BFACC6E88E49BF208BE2E4025CCE2459B6E2A0F20B
    Session-ID-ctx: 
    Master-Key: C78C014CA211B5F86F63EA7D5B66932A7AAE4C4D83CCEAD8C931FE152C3BD8854401909D19E91C19213B2D8B29C9AA13
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - 21 31 e2 86 76 2e eb ac-a8 4a 15 d7 9d 9d 1b 00   !1..v....J......
    0010 - 40 dc 9e ce f8 73 ec c9-00 a1 24 fd 15 9a 51 a5   @....s....$...Q.
    0020 - b1 59 32 f6 70 95 66 fc-9e 69 bb 96 54 5a 3b b3   .Y2.p.f..i..TZ;.
    0030 - 69 41 4f 31 13 a7 05 23-17 c4 b2 57 80 dc 93 98   iAO1...#...W....
    0040 - b3 ee 2a 88 6a 5d e7 54-2e 1b 0d 1e f5 2b ce d1   ..*.j].T.....+..
    0050 - bd cf f0 1b eb b0 81 fc-40 76 9b 2f ed 96 ab c6   ........@v./....
    0060 - 73 2b 86 08 09 f1 2d 4b-79 38 53 2f b9 4a 67 82   s+....-Ky8S/.Jg.
    0070 - bb 4d 22 5a 51 26 27 23-93 90 6f 03 61 02 41 cd   .M"ZQ&'#..o.a.A.
    0080 - 4a 01 dc 6f 10 e2 e3 28-34 03 79 a3 ff 50 92 c1   J..o...(4.y..P..
    0090 - ad 78 e3 b0 9a b3 24 9c-49 cd 63 87 6e c7 42 5c   .x....$.I.c.n.B\
    00a0 - 60 b5 ac 5d 1c 4e 60 ec-8d ed 06 4b 4e 77 6b d4   `..].N`....KNwk.

    Start Time: 1638257169
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: yes
---
DONE