|Netblock Owner||Navy Network Information Center (NNIC)|
|IP address||220.127.116.11 (VirusTotal)|
|IPv6 address||Not Present|
|Top Level Domain||US military (.navy.mil)|
|DNS Security Extensions||unknown|
|0.0.0.0-255.255.255.255||N/A||IANA-BLK||The whole IPv4 address space|
|↳ 18.104.22.168-22.214.171.124||United States||NET205||American Registry for Internet Numbers|
|↳ 126.96.36.199-188.8.131.52||United States||NETBLK-NIC-BLK1||Navy Network Information Center (NNIC)|
|↳ 184.108.40.206||United States||NETBLK-NIC-BLK1||Navy Network Information Center (NNIC)|
|Organisational unit||DoD; PKI; USN|
|Subject Alternative Name||donogc.navy.mil|
|Validity period||From May 7 2019 to May 7 2022 (36 months)|
|Public key algorithm||rsaEncryption|
|Public key length||2048|
|Certificate check||unable to get local issuer certificate|
|Perfect Forward Secrecy||Yes|
|Next Protocol Negotiation||Not Present|
|Supported TLS Extensions||unknown, RFC5746 renegotiation info|
|Issuing organisation||U.S. Government|
|Issuer common name||DOD SW CA-53|
|Issuer unit||DoD; PKI|
|Issuer location||Not Present|
|Issuer state||Not Present|
|Certificate Revocation Lists||
|Public Key Hash||d791249485a66f1c3dc364b041c7db9660403ed845d0176b1fc36b6baf66ffd3|
|OCSP servers||http://ocsp.disa.mil - 0.00% uptime in the past 24 hours
|OCSP stapling response||No response received|
Signed Certificate Timestamps (SCTs)
|No SCTs received or issuer unknown|
This site does not support the SSL version 3 protocol.
The site did not offer the Heartbeat TLS extension prior to the Heartbleed disclosure, and so was not exploitable.
This test does not exploit the Heartbleed vulnerability but uses information from conventional HTTPS requests. More information about Heartbleed detection.
SSL Certificate Chain
|Netblock owner||IP address||OS||Web server||Last seen|
|220.127.116.11||Windows Server 2008||Microsoft-IIS/7.5||6-Jul-2017|
|18.104.22.168||Windows Server 2008||Microsoft-IIS/7.5||28-Aug-2015|
Sender Policy Framework
A host's Sender Policy Framework (SPF) describes who can send mail on its behalf. This is done by publishing an SPF record containing a series of rules. Each rule consists of a qualifier followed by a specification of which domains to apply this qualifier to. For more information please see open-spf.org.
Warning: It appears that this host does not have an SPF record.
Setting up an SPF record helps prevent the delivery of forged emails from your domain. Please note that an SPF record will only protect the domain it is added to and not any mail-enabled subdomains. It is recommended to add an SPF record to any subdomain with an MX record.
DMARC (Domain-based Message Authentication, Reporting and Conformance) is a mechanism for domain owners to indicate how mail purporting to originate from their domain should be authenticated. It builds on SPF and DKIM, providing a method to set policy and to give reporting of failures. For more information please see dmarc.org.
This host does not have a DMARC record.
No known trackers were identified.