Přihlásit se Registrace
Smlouvy Dotace Platy Úřady Zakázky Sponzoři & firmy PastVina 
❤ Podpořte nás Přihlásit se Registrace
Hledat v Hlídači státu
Nápověda jak vyhledávat Snadné hledání
  1. Hlídač Státu
  2. Hlídač Webů
  3. Detailní analýza HTTPs pro Rezervace termínu k očkování COVID-19

Hlídač Rezervace termínu k očkování COVID-19 Detailní analýza HTTPs pro Rezervace termínu k očkování COVID-19

Rezervace termínu k očkování COVID-19
https://rezervace.medic.cz/vakcinace

Ministerstvo vnitra Rezervace termínu centrálního rezervačního systemu k očkování proti COVID-19. Komeční služba Reservatic.com

Zabezpečení komunikace

T
Certifikát expiroval před 38 dny.

Výsledek analýzy HTTPS na rezervace.medic.cz ze dne 17.06.2026

Služba je chráněna certifikátem od certifikační autority, kterou hlavní prohlížeče neznají nebo jí nedůvěřují. V českých podmínkách to znamená nejspíše certifikáty vydané našimi vnitrostátními autoritami (ICA, PostSignum a eIdentity), které sice stát zákonem prohlásil za důvěryhodné, ale které nesplňují mezinárodní podmínky nutné proto, aby je za důvěryhodné pokládali i autoři prohlížečů.

Detailní analýza

Detailní report z HTTPs analýzy pomocí nástroje testssl.sh

server rezervace.medic.cz/62.176.172.5
pre_128cipher INFO { 
No 128 cipher limit bug
}
SSLv2 OK { 
not offered
}
SSLv3 OK { 
not offered
}
TLS1 INFO { 
not offered
}
TLS1_1 INFO { 
not offered
}
TLS1_2 OK { 
offered
}
TLS1_3 OK { 
offered with final
}
NPN INFO { 
not offered
}
ALPN INFO { 
http/1.1
}
cipherlist_NULL
zranitelnosti: CWE-327
OK { 
not offered
}
cipherlist_aNULL
zranitelnosti: CWE-327
OK { 
not offered
}
cipherlist_EXPORT
zranitelnosti: CWE-327
OK { 
not offered
}
cipherlist_LOW
zranitelnosti: CWE-327
OK { 
not offered
}
cipherlist_3DES_IDEA
zranitelnosti: CWE-310
INFO { 
not offered
}
cipherlist_AVERAGE
zranitelnosti: CWE-310
LOW { 
offered
}
cipherlist_GOOD OK { 
offered
}
cipherlist_STRONG OK { 
offered
}
cipher_order HIGH { 
NOT a cipher order configured
}
protocol_negotiated OK { 
Default protocol TLS1.3
}
cipher_negotiated OK { 
TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519)  (limited sense as client will pick)
}
cipher-tls1_2_xc030 OK { 
TLSv1.2   xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH 521   AESGCM      256      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
}
cipher-tls1_2_xc028 LOW { 
TLSv1.2   xc028   ECDHE-RSA-AES256-SHA384           ECDH 521   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
}
cipher-tls1_2_xc014 LOW { 
TLSv1.2   xc014   ECDHE-RSA-AES256-SHA              ECDH 521   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
}
cipher-tls1_2_x9f OK { 
TLSv1.2   x9f     DHE-RSA-AES256-GCM-SHA384         DH 2048    AESGCM      256      TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
}
cipher-tls1_2_xcca8 OK { 
TLSv1.2   xcca8   ECDHE-RSA-CHACHA20-POLY1305       ECDH 521   ChaCha20    256      TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
}
cipher-tls1_2_xccaa OK { 
TLSv1.2   xccaa   DHE-RSA-CHACHA20-POLY1305         DH 2048    ChaCha20    256      TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
}
cipher-tls1_2_xc0a3 OK { 
TLSv1.2   xc0a3   DHE-RSA-AES256-CCM8               DH 2048    AESCCM8     256      TLS_DHE_RSA_WITH_AES_256_CCM_8
}
cipher-tls1_2_xc09f OK { 
TLSv1.2   xc09f   DHE-RSA-AES256-CCM                DH 2048    AESCCM      256      TLS_DHE_RSA_WITH_AES_256_CCM
}
cipher-tls1_2_x6b LOW { 
TLSv1.2   x6b     DHE-RSA-AES256-SHA256             DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
}
cipher-tls1_2_x39 LOW { 
TLSv1.2   x39     DHE-RSA-AES256-SHA                DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA
}
cipher-tls1_2_xc077 LOW { 
TLSv1.2   xc077   ECDHE-RSA-CAMELLIA256-SHA384      ECDH 521   Camellia    256      TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
}
cipher-tls1_2_xc4 LOW { 
TLSv1.2   xc4     DHE-RSA-CAMELLIA256-SHA256        DH 2048    Camellia    256      TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
}
cipher-tls1_2_x88 LOW { 
TLSv1.2   x88     DHE-RSA-CAMELLIA256-SHA           DH 2048    Camellia    256      TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
}
cipher-tls1_2_x9d OK { 
TLSv1.2   x9d     AES256-GCM-SHA384                 RSA        AESGCM      256      TLS_RSA_WITH_AES_256_GCM_SHA384
}
cipher-tls1_2_xc0a1 OK { 
TLSv1.2   xc0a1   AES256-CCM8                       RSA        AESCCM8     256      TLS_RSA_WITH_AES_256_CCM_8
}
cipher-tls1_2_xc09d OK { 
TLSv1.2   xc09d   AES256-CCM                        RSA        AESCCM      256      TLS_RSA_WITH_AES_256_CCM
}
cipher-tls1_2_x3d LOW { 
TLSv1.2   x3d     AES256-SHA256                     RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA256
}
cipher-tls1_2_x35 LOW { 
TLSv1.2   x35     AES256-SHA                        RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA
}
cipher-tls1_2_xc0 LOW { 
TLSv1.2   xc0     CAMELLIA256-SHA256                RSA        Camellia    256      TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
}
cipher-tls1_2_x84 LOW { 
TLSv1.2   x84     CAMELLIA256-SHA                   RSA        Camellia    256      TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
}
cipher-tls1_2_xc051 OK { 
TLSv1.2   xc051   ARIA256-GCM-SHA384                RSA        ARIAGCM     256      TLS_RSA_WITH_ARIA_256_GCM_SHA384
}
cipher-tls1_2_xc053 OK { 
TLSv1.2   xc053   DHE-RSA-ARIA256-GCM-SHA384        DH 2048    ARIAGCM     256      TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
}
cipher-tls1_2_xc061 OK { 
TLSv1.2   xc061   ECDHE-ARIA256-GCM-SHA384          ECDH 521   ARIAGCM     256      TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
}
cipher-tls1_2_xc02f OK { 
TLSv1.2   xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH 521   AESGCM      128      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
}
cipher-tls1_2_xc027 LOW { 
TLSv1.2   xc027   ECDHE-RSA-AES128-SHA256           ECDH 521   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
}
cipher-tls1_2_xc013 LOW { 
TLSv1.2   xc013   ECDHE-RSA-AES128-SHA              ECDH 521   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
}
cipher-tls1_2_x9e OK { 
TLSv1.2   x9e     DHE-RSA-AES128-GCM-SHA256         DH 2048    AESGCM      128      TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
}
cipher-tls1_2_xc0a2 OK { 
TLSv1.2   xc0a2   DHE-RSA-AES128-CCM8               DH 2048    AESCCM8     128      TLS_DHE_RSA_WITH_AES_128_CCM_8
}
cipher-tls1_2_xc09e OK { 
TLSv1.2   xc09e   DHE-RSA-AES128-CCM                DH 2048    AESCCM      128      TLS_DHE_RSA_WITH_AES_128_CCM
}
cipher-tls1_2_xc0a0 OK { 
TLSv1.2   xc0a0   AES128-CCM8                       RSA        AESCCM8     128      TLS_RSA_WITH_AES_128_CCM_8
}
cipher-tls1_2_xc09c OK { 
TLSv1.2   xc09c   AES128-CCM                        RSA        AESCCM      128      TLS_RSA_WITH_AES_128_CCM
}
cipher-tls1_2_x67 LOW { 
TLSv1.2   x67     DHE-RSA-AES128-SHA256             DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
}
cipher-tls1_2_x33 LOW { 
TLSv1.2   x33     DHE-RSA-AES128-SHA                DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA
}
cipher-tls1_2_xc076 LOW { 
TLSv1.2   xc076   ECDHE-RSA-CAMELLIA128-SHA256      ECDH 521   Camellia    128      TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
}
cipher-tls1_2_xbe LOW { 
TLSv1.2   xbe     DHE-RSA-CAMELLIA128-SHA256        DH 2048    Camellia    128      TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
}
cipher-tls1_2_x45 LOW { 
TLSv1.2   x45     DHE-RSA-CAMELLIA128-SHA           DH 2048    Camellia    128      TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
}
cipher-tls1_2_x9c OK { 
TLSv1.2   x9c     AES128-GCM-SHA256                 RSA        AESGCM      128      TLS_RSA_WITH_AES_128_GCM_SHA256
}
cipher-tls1_2_x3c LOW { 
TLSv1.2   x3c     AES128-SHA256                     RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA256
}
cipher-tls1_2_x2f LOW { 
TLSv1.2   x2f     AES128-SHA                        RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA
}
cipher-tls1_2_xba LOW { 
TLSv1.2   xba     CAMELLIA128-SHA256                RSA        Camellia    128      TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
}
cipher-tls1_2_x41 LOW { 
TLSv1.2   x41     CAMELLIA128-SHA                   RSA        Camellia    128      TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
}
cipher-tls1_2_xc050 OK { 
TLSv1.2   xc050   ARIA128-GCM-SHA256                RSA        ARIAGCM     128      TLS_RSA_WITH_ARIA_128_GCM_SHA256
}
cipher-tls1_2_xc052 OK { 
TLSv1.2   xc052   DHE-RSA-ARIA128-GCM-SHA256        DH 2048    ARIAGCM     128      TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
}
cipher-tls1_2_xc060 OK { 
TLSv1.2   xc060   ECDHE-ARIA128-GCM-SHA256          ECDH 521   ARIAGCM     128      TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
}
supportedciphers_TLSv1_2 INFO { 
ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-CHACHA20-POLY1305 DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-CCM8 DHE-RSA-AES256-CCM DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA ECDHE-RSA-CAMELLIA256-SHA384 DHE-RSA-CAMELLIA256-SHA256 DHE-RSA-CAMELLIA256-SHA AES256-GCM-SHA384 AES256-CCM8 AES256-CCM AES256-SHA256 AES256-SHA CAMELLIA256-SHA256 CAMELLIA256-SHA ARIA256-GCM-SHA384 DHE-RSA-ARIA256-GCM-SHA384 ECDHE-ARIA256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-CCM8 DHE-RSA-AES128-CCM AES128-CCM8 AES128-CCM DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA ECDHE-RSA-CAMELLIA128-SHA256 DHE-RSA-CAMELLIA128-SHA256 DHE-RSA-CAMELLIA128-SHA AES128-GCM-SHA256 AES128-SHA256 AES128-SHA CAMELLIA128-SHA256 CAMELLIA128-SHA ARIA128-GCM-SHA256 DHE-RSA-ARIA128-GCM-SHA256 ECDHE-ARIA128-GCM-SHA256
}
cipher-tls1_3_x1302 OK { 
TLSv1.3   x1302   TLS_AES_256_GCM_SHA384            ECDH 253   AESGCM      256      TLS_AES_256_GCM_SHA384
}
cipher-tls1_3_x1303 OK { 
TLSv1.3   x1303   TLS_CHACHA20_POLY1305_SHA256      ECDH 253   ChaCha20    256      TLS_CHACHA20_POLY1305_SHA256
}
cipher-tls1_3_x1301 OK { 
TLSv1.3   x1301   TLS_AES_128_GCM_SHA256            ECDH 253   AESGCM      128      TLS_AES_128_GCM_SHA256
}
supportedciphers_TLSv1_3 INFO { 
TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256
}
FS OK { 
offered
}
FS_ciphers INFO { 
TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-CHACHA20-POLY1305 DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-CCM8 DHE-RSA-AES256-CCM DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA ECDHE-RSA-CAMELLIA256-SHA384 DHE-RSA-CAMELLIA256-SHA256 DHE-RSA-CAMELLIA256-SHA DHE-RSA-ARIA256-GCM-SHA384 ECDHE-ARIA256-GCM-SHA384 TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-CCM8 DHE-RSA-AES128-CCM DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA ECDHE-RSA-CAMELLIA128-SHA256 DHE-RSA-CAMELLIA128-SHA256 DHE-RSA-CAMELLIA128-SHA DHE-RSA-ARIA128-GCM-SHA256 ECDHE-ARIA128-GCM-SHA256
}
FS_ECDHE_curves OK { 
prime256v1 secp384r1 secp521r1 X25519 X448
}
DH_groups OK { 
ffdhe2048 ffdhe3072 ffdhe4096 ffdhe6144 ffdhe8192
}
TLS_extensions INFO { 
'renegotiation info/#65281' 'EC point formats/#11' 'supported versions/#43' 'key share/#51' 'supported_groups/#10' 'max fragment length/#1' 'application layer protocol negotiation/#16' 'encrypt-then-mac/#22' 'extended master secret/#23'
}
TLS_session_ticket INFO { 
no -- no lifetime advertised
}
SSL_sessionID_support INFO { 
yes
}
sessionresumption_ticket INFO { 
not supported
}
sessionresumption_ID INFO { 
supported
}
TLS_timestamp INFO { 
random
}
certificate_compression INFO { 
none
}
clientAuth INFO { 
none
}
cert_numbers INFO { 
1
}
cert_signatureAlgorithm OK { 
SHA256 with RSA
}
cert_keySize INFO { 
RSA 2048 bits (exponent is 65537)
}
cert_keyUsage INFO { 
Digital Signature, Key Encipherment
}
cert_extKeyUsage INFO { 
TLS Web Server Authentication
}
cert_serialNumber INFO { 
0C5FC08AF8BE670DA90000000000000881
}
cert_serialNumberLen INFO { 
17
}
cert_fingerprintSHA1 INFO { 
85A43D83D39EBAEF0FF5B47CA1FD607CC6202BC3
}
cert_fingerprintSHA256 INFO { 
FEF04625EADF324E683498E547FE06BE830848A5F4683A703FFA133DB8B593DE
}
cert INFO { 
-----BEGIN CERTIFICATE----- MIIGmjCCBYKgAwIBAgIRDF/Aivi+Zw2pAAAAAAAACIEwDQYJKoZIhvcNAQELBQAw ZTELMAkGA1UEBhMCU0sxEzARBgNVBAcMCkJyYXRpc2xhdmExEzARBgNVBAoMCkRp c2lnIGEucy4xLDAqBgNVBAMMI0NBIERpc2lnIFIySTIgQ2VydGlmaWNhdGlvbiBT ZXJ2aWNlMB4XDTI1MDQxMTA3NTI0MFoXDTI2MDUxMTA3NTI0MFowUDELMAkGA1UE BhMCU0sxEzARBgNVBAcMCkJyYXRpc2xhdmExFzAVBgNVBAoMDkdhcnNpdXMgcy5y Lm8uMRMwEQYDVQQDDAoqLm1lZGljLmN6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAs1zi4Z89vr1BvjEI0lBIaKMsf1pbgLdHIQ3MSUpu/G13DfrgOS++ iIfoJvYyRxrkXZ0pduF+Wfs34xjY/R3SlsbGwUPZlURFFrWvI7qT4p0Mdj+CtImK UyiYRIotnO+tSrTOC3FgEhrbqTXMvyo/GSok6yodKEnSaMED676r4BTMj2OxUssM lDTSIdAaVlKvyA6jAB2X2dv/E6bqeJx9s09YZIjkSAiToWbLMabQ/OOEZhHYA9Pt b2uIZFuJ3ucxhxNGXTeJd1W0leKJQf52lLrXYYxIuuJE/IjlqaVd6Rp0LDMp+axO DceaIUQp3RwnAGYbuMSLg1xHs2SK/sK8cwIDAQABo4IDWDCCA1QwHwYDVR0jBBgw FoAUJKW8OihiFUIy+TBayfE+5KEJqLEwDgYDVR0PAQH/BAQDAgWgMEAGA1UdHwQ5 MDcwNaAzoDGGL2h0dHA6Ly9jZHAuZGlzaWcuc2svc3ViY2FyMmkyL2NybC9zdWJj YXIyaTIuY3JsMBMGA1UdJQQMMAoGCCsGAQUFBwMBMCMGA1UdIAQcMBowCAYGZ4EM AQICMA4GDCuBHpGT5goAAAABATCBiAYIKwYBBQUHAQEEfDB6MDkGCCsGAQUFBzAB hi1odHRwOi8vc3ViY2FyMmkyLW9jc3AuZGlzaWcuc2svb2NzcC9zdWJjYXIyaTIw PQYIKwYBBQUHMAKGMWh0dHA6Ly9jZHAxLmRpc2lnLnNrL3N1YmNhcjJpMi9jZXJ0 L3N1YmNhcjJpMi5kZXIwHwYDVR0RBBgwFoIKKi5tZWRpYy5jeoIIbWVkaWMuY3ow ggH3BgorBgEEAdZ5AgQCBIIB5wSCAeMB4QB2AJaXZL9VWJet90OHaDcIQnfp8DrV 9qTzNm5GpD8PyqnGAAABliPY8T0AAAQDAEcwRQIhAIFUiogHGwFHwnUFoIjINW3y tClxkajdb07rauLPEwCZAiAxe2es6BI9d484+fDxuTwIwhSW90RhEqD4gLIVuyVr 6gB2AA5XlLzzrqk+MxssmQez95Dfm8I9cTIl3SGpJaxhxU4hAAABliPY7v0AAAQD AEcwRQIhAPoCrO6uKgwUmE88qeVRtpcWMRIQodltPFB8+z5juWgNAiBmEbtCgRN6 aPS9+fRM9djTYkHkRUiv6AorKn3KajBywwB3AMs49xWJfIShRF9bwd37yW7ymlnN RwppBYWwyxTDFFjnAAABliPY+OYAAAQDAEgwRgIhAOKlI4kuNhZj0zXlsdesALj4 +48qW2XEYLkXEMZfdciRAiEAsOg8xw5Pos1FVhkaSU8QiKmJRi0a2shI0GR0cdDn 3sgAdgBWbNWjdr6D3+NCtnXEnCMkmKdpusOCy6tJo4d9mrMtAQAAAZYj2PSXAAAE AwBHMEUCIQDx7wOPYvzxS6ECQMkzrJTXaBOxevR9k6YdT36cfmAeUgIgEP5U7Yyw rpD9qusO383rPU4SLE5C6/zt21xWpRipwB8wDQYJKoZIhvcNAQELBQADggEBAAm6 1kzcHi+EB/6EdUtT2gnU4NoUSPeH0xtvqHFLBNtKy8OIK123hZaU/6VbyXhGlw+v 4cwrS0Uw59iXyczvV1r9Z0OZSbY1L5gFxhtiicfgrNrRDTqyopR4QOeu9Ydb/pCD 9Wvd82UyTb8Mjnak8PN/eBqUR8+oP8qWOE+NQJpzvHtqH3GwhJLYoH6xrZ+yIDzb 4va509cg0doWoLvWIOy1yWmp2tfvk5YQT0emPO6rezB8Rw0pt2snxGsibY4XslN3 zwSvbcuHuRI+K4k+jzpMn448mwiC/Qs/6/22EkyLroGBM2naPQ+3Kobnj5kLFpwJ ZoxbODJeR9SWbm9PyhI= -----END CERTIFICATE-----
}
cert_commonName OK { 
*.medic.cz
}
cert_commonName_wo_SNI INFO { 
*.medic.cz
}
cert_subjectAltName INFO { 
*.medic.cz medic.cz
}
cert_trust OK { 
Ok via SAN wildcard and CN wildcard (same w/o SNI)
}
cert_chain_of_trust CRITICAL { 
failed (expired).
}
cert_certificatePolicies_EV INFO { 
no
}
cert_expirationStatus CRITICAL { 
expired
}
cert_notBefore INFO { 
2025-04-11 07:52
}
cert_notAfter CRITICAL { 
2026-05-11 07:52
}
cert_extlifeSpan OK { 
certificate has no extended life time according to browser forum
}
cert_eTLS INFO { 
not present
}
cert_crlDistributionPoints INFO { 
http://cdp.disig.sk/subcar2i2/crl/subcar2i2.crl
}
cert_ocspURL INFO { 
http://subcar2i2-ocsp.disig.sk/ocsp/subcar2i2
}
OCSP_stapling LOW { 
not offered
}
cert_mustStapleExtension INFO { 
--
}
DNS_CAArecord LOW { 
--
}
certificate_transparency OK { 
yes (certificate extension)
}
certs_countServer INFO { 
3
}
certs_list_ordering_problem INFO { 
no
}
cert_caIssuers INFO { 
CA Disig R2I2 Certification Service (Disig a.s. from SK)
}
intermediate_cert <#1> INFO { 
-----BEGIN CERTIFICATE----- MIIGAjCCA+qgAwIBAgIRCBeSUjZo9chQAAAAAAAAAAMwDQYJKoZIhvcNAQELBQAw UjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmExEzARBgNVBAoTCkRp c2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIwHhcNMTQxMDAyMTIx OTA2WhcNMjkwOTI4MTIxOTA2WjBlMQswCQYDVQQGEwJTSzETMBEGA1UEBwwKQnJh dGlzbGF2YTETMBEGA1UECgwKRGlzaWcgYS5zLjEsMCoGA1UEAwwjQ0EgRGlzaWcg UjJJMiBDZXJ0aWZpY2F0aW9uIFNlcnZpY2UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyUskVGBrkooW8zWUYsR8WKNA5baWkD6PKuMXL3mi9lt/u0W1J 5b2FIjtWJt6PBZlMGcnzCQSEC8Ao/9HZQQwwAttLgmcdBSwyIenDMuxiM1WbnZ+5 kmUnKjHs+LaROq3vBCIzdGDQGoJACEFsJuFpDGQXrVDtlzhhRlmM0bsyJRJwp6iL 31OCnGBz/sj5/rugnWFB9XNwUSFcafzTLwlo8OI/gIhhXQSdk8WjrFvQdG1TiqkI ojm9Mz5a6pzfN9NncZbGV4Xa1cV/oMG4fZAqu7+X7tlVPPDF3/7UKzSRGydrShWc 4tPOORPevcT6/XQnpqGrB89sxvtkm2lCsvrDAgMBAAGjggG+MIIBujCBgwYIKwYB BQUHAQEEdzB1MDcGCCsGAQUFBzABhitodHRwOi8vcm9vdGNhcjItb2NzcC5kaXNp Zy5zay9vY3NwL3Jvb3RjYXIyMDoGCCsGAQUFBzAChi5odHRwOi8vd3d3LmRpc2ln LnNrL3Jvb3RjYXIyL2NlcnQvcm9vdGNhcjIuZGVyMB0GA1UdDgQWBBQkpbw6KGIV QjL5MFrJ8T7koQmosTAfBgNVHSMEGDAWgBS1mfivsJT14yDWCq3OTlakLm5C7TAS BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjB1BgNVHR8EbjBsMDSg MqAwhi5odHRwOi8vY2RwMS5kaXNpZy5zay9yb290Y2FyMi9jcmwvcm9vdGNhcjIu Y3JsMDSgMqAwhi5odHRwOi8vY2RwMi5kaXNpZy5zay9yb290Y2FyMi9jcmwvcm9v dGNhcjIuY3JsMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQGCCsGAQUFBwIBFhhodHRw Oi8vd3d3LmRpc2lnLnNrL2Nwcy8wHAYDVR0RBBUwE4ERc3ByYXZhY2FAZGlzaWcu c2swDQYJKoZIhvcNAQELBQADggIBAEoFQYsKbtRjEdbWeqZHhJF8cRcg66HUY0zD OksWZpGzTOL7K7PGaJVRrMxIiIiG3hFU/CYWQlVk3NjiUo1T3m02TgkWfcXsyEZ2 MVXpImSl5fgsDfI/5/INCGh39YkN5Y91yE0bDrJUa/uTadpS3fd4vKzmhy5qRsl2 QFt29QDu7p/NUi5rojns1fCqzPserZyvciAG/hYS8t4C3GIOK2rwn09nZK+du5Gq uSX89KaVKM6UySqT+jIXzyhTwnXbEabFGSMVlmW/fKlGGLhET6jYPUnGje/b0qPv GmuvYpNC7ztCHcnNdfGLpB4L6Puxtn5xcYTswh1D8raQvArDFoqPwOQr2XggqU+t 0ktu6IKIfInhB4WjGgAMr3aGyoNqKSv9Qzbh8vkdIe7+lwIBievK/+04q+Fsi5JB zTAUumLQZhS9eXd+065GF/0O90D5fS0Y5Wc7naMQ7/o9T+9hIxC4BIm+2g0KtL43 SPF+jdqrLjUfe7/mWyZIvEKqlk6X6CUjRx9fVc01uO5gUyLHMSoWAtIyGBtmDUVC 7exu4q8BHUDMQdrZyhJOJ9TbN2Xi+z8BhpqosGPe7UTtRB3/UmMsbEgbfIIb5mMw nx6TtnF5r+FLiew8BeQcD7+7768rw0+LaddwiKlmGBjYvNy+e1cSlJl1ZBXtHzlj 57JOD9u0 -----END CERTIFICATE-----
}
intermediate_cert_fingerprintSHA256 <#1> INFO { 
C96F24C45113FD91AE2F9E40E106653BFA0FFBCFA07E209524C844E7C8DA4148
}
intermediate_cert_notBefore <#1> INFO { 
2014-10-02 12:19
}
intermediate_cert_notAfter <#1> OK { 
2029-09-28 12:19
}
intermediate_cert_expiration <#1> OK { 
ok > 40 days
}
intermediate_cert_chain <#1> INFO { 
CA Disig R2I2 Certification Service <-- CA Disig Root R2
}
intermediate_cert <#2> INFO { 
-----BEGIN CERTIFICATE----- MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQy MDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIw ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbCw3Oe NcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNH PWSb6WiaxswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3I x2ymrdMxp7zo5eFm1tL7A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbe QTg06ov80egEFGEtQX6sx3dOy1FU+16SGBsEWmjGycT6txOgmLcRK7fWV8x8nhfR yyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqVg8NTEQxzHQuyRpDRQjrO QG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa5Beny912 H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJ QfYEkoopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUD i/ZnWejBBhG93c+AAk9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORs nLMOPReisjQS1n6yqEm70XooQL6iFh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1 rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud DwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5uQu0wDQYJKoZI hvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqf GopTpti72TVVsRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkb lvdhuDvEK7Z4bLQjb/D907JedR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka +elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W81k/BfDxujRNt+3vrMNDcTa/F1bal TFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjxmHHEt38OFdAlab0i nSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3 gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18Dr G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL -----END CERTIFICATE-----
}
intermediate_cert_fingerprintSHA256 <#2> INFO { 
E23D4A036D7B70E9F595B1422079D2B91EDFBB1FB651A0633EAA8A9DC5F80703
}
intermediate_cert_notBefore <#2> INFO { 
2012-07-19 09:15
}
intermediate_cert_notAfter <#2> OK { 
2042-07-19 09:15
}
intermediate_cert_expiration <#2> OK { 
ok > 40 days
}
intermediate_cert_chain <#2> INFO { 
CA Disig Root R2 <-- CA Disig Root R2
}
intermediate_cert_badOCSP OK { 
intermediate certificate(s) is/are ok
}
HTTP_status_code WARN { 
Unexpected 410 Gone @ '/'
}
HTTP_clock_skew INFO { 
0 seconds from localtime
}
HTTP_headerTime INFO { 
1781728355
}
HSTS LOW { 
not offered
}
HPKP INFO { 
No support for HTTP Public Key Pinning
}
banner_server INFO { 
Apache/2.4.66 (Debian)
}
banner_application INFO { 
No application banner found
}
cookie_count INFO { 
0 at '/' (30x detected, better try target URL of 30x)
}
security_headers MEDIUM { 
--
}
banner_reverseproxy
zranitelnosti: CWE-200
INFO { 
--
}
heartbleed
zranitelnosti: CVE-2014-0160 CWE-119
OK { 
not vulnerable, no heartbeat extension
}
CCS
zranitelnosti: CVE-2014-0224 CWE-310
OK { 
not vulnerable
}
ticketbleed
zranitelnosti: CVE-2016-9244 CWE-200
OK { 
no session ticket extension
}
ROBOT
zranitelnosti: CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168 CWE-203
OK { 
not vulnerable
}
secure_renego
zranitelnosti: CWE-310
OK { 
supported
}
secure_client_renego
zranitelnosti: CVE-2011-1473 CWE-310
OK { 
not vulnerable
}
CRIME_TLS
zranitelnosti: CVE-2012-4929 CWE-310
OK { 
not vulnerable
}
BREACH
zranitelnosti: CVE-2013-3587 CWE-310
OK { 
not vulnerable, no gzip/deflate/compress/br HTTP compression  - only supplied '/' tested
}
POODLE_SSL
zranitelnosti: CVE-2014-3566 CWE-310
OK { 
not vulnerable, no SSLv3
}
fallback_SCSV OK { 
no protocol below TLS 1.2 offered
}
SWEET32
zranitelnosti: CVE-2016-2183 CVE-2016-6329 CWE-327
OK { 
not vulnerable
}
FREAK
zranitelnosti: CVE-2015-0204 CWE-310
OK { 
not vulnerable
}
DROWN
zranitelnosti: CVE-2016-0800 CVE-2016-0703 CWE-310
OK { 
not vulnerable on this host and port
}
DROWN_hint
zranitelnosti: CVE-2016-0800 CVE-2016-0703 CWE-310
INFO { 
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=FEF04625EADF324E683498E547FE06BE830848A5F4683A703FFA133DB8B593DE
}
LOGJAM-common_primes
zranitelnosti: CVE-2015-4000 CWE-310
INFO { 
RFC3526/Oakley Group 14
}
LOGJAM
zranitelnosti: CVE-2015-4000 CWE-310
OK { 
not vulnerable, no DH EXPORT ciphers,
}
BEAST
zranitelnosti: CVE-2011-3389 CWE-20
OK { 
not vulnerable, no SSL3 or TLS1
}
LUCKY13
zranitelnosti: CVE-2013-0169 CWE-310
LOW { 
potentially vulnerable, uses TLS CBC ciphers
}
winshock
zranitelnosti: CVE-2014-6321 CWE-94
OK { 
not vulnerable
}
RC4
zranitelnosti: CVE-2013-2566 CVE-2015-2808 CWE-310
OK { 
not vulnerable
}
clientsimulation-android_442 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-android_500 INFO { 
TLSv1.2 ECDHE-RSA-AES256-SHA
}
clientsimulation-android_60 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-android_70 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-android_81 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-android_90 INFO { 
TLSv1.3 TLS_AES_128_GCM_SHA256
}
clientsimulation-android_X INFO { 
TLSv1.3 TLS_AES_128_GCM_SHA256
}
clientsimulation-chrome_74_win10 INFO { 
TLSv1.3 TLS_AES_128_GCM_SHA256
}
clientsimulation-chrome_79_win10 INFO { 
TLSv1.3 TLS_AES_128_GCM_SHA256
}
clientsimulation-firefox_66_win81 INFO { 
TLSv1.3 TLS_AES_128_GCM_SHA256
}
clientsimulation-firefox_71_win10 INFO { 
TLSv1.3 TLS_AES_128_GCM_SHA256
}
clientsimulation-ie_6_xp INFO { 
No connection
}
clientsimulation-ie_8_win7 INFO { 
No connection
}
clientsimulation-ie_8_xp INFO { 
No connection
}
clientsimulation-ie_11_win7 INFO { 
TLSv1.2 ECDHE-RSA-AES256-SHA384
}
clientsimulation-ie_11_win81 INFO { 
TLSv1.2 ECDHE-RSA-AES256-SHA384
}
clientsimulation-ie_11_winphone81 INFO { 
TLSv1.2 AES128-SHA256
}
clientsimulation-ie_11_win10 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-edge_15_win10 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-edge_17_win10 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-opera_66_win10 INFO { 
TLSv1.3 TLS_AES_128_GCM_SHA256
}
clientsimulation-safari_9_ios9 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-safari_9_osx1011 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-safari_10_osx1012 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-safari_121_ios_122 INFO { 
TLSv1.3 TLS_CHACHA20_POLY1305_SHA256
}
clientsimulation-safari_130_osx_10146 INFO { 
TLSv1.3 TLS_CHACHA20_POLY1305_SHA256
}
clientsimulation-apple_ats_9_ios9 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-java_6u45 INFO { 
No connection
}
clientsimulation-java_7u25 INFO { 
No connection
}
clientsimulation-java_8u161 INFO { 
TLSv1.2 ECDHE-RSA-AES256-SHA384
}
clientsimulation-java1102 INFO { 
TLSv1.3 TLS_AES_128_GCM_SHA256
}
clientsimulation-java1201 INFO { 
TLSv1.3 TLS_AES_128_GCM_SHA256
}
clientsimulation-openssl_102e INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-openssl_110l INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-openssl_111d INFO { 
TLSv1.3 TLS_AES_256_GCM_SHA384
}
clientsimulation-thunderbird_68_3_1 INFO { 
TLSv1.3 TLS_AES_128_GCM_SHA256
}
rating_spec INFO { 
SSL Labs's 'SSL Server Rating Guide' (version 2009q from 2020-01-30)
}
rating_doc INFO { 
https://github.com/ssllabs/research/wiki/SSL-Server-Rating-Guide
}
protocol_support_score INFO { 
0
}
protocol_support_score_weighted INFO { 
0
}
key_exchange_score INFO { 
0
}
key_exchange_score_weighted INFO { 
0
}
cipher_strength_score INFO { 
0
}
cipher_strength_score_weighted INFO { 
0
}
final_score INFO { 
0
}
overall_grade CRITICAL { 
T
}
grade_cap_reason_1 INFO { 
Grade capped to T. Issues with the chain of trust (expired)
}
grade_cap_reason_2 INFO { 
Grade capped to T. Certificate expired
}
grade_cap_reason_3 INFO { 
Grade capped to A. HSTS is not offered
}
scanTime INFO { 
379
}