Přihlásit se Registrace
Smlouvy Dotace Platy Úřady Zakázky Sponzoři & firmy PastVina 
❤ Podpořte nás Přihlásit se Registrace
Hledat v Hlídači státu
Nápověda jak vyhledávat Snadné hledání
  1. Hlídač Státu
  2. Hlídač Webů
  3. Detailní analýza HTTPs pro Statutární město Prostějov

Hlídač Statutární město Prostějov Detailní analýza HTTPs pro Statutární město Prostějov

Statutární město Prostějov
https://www.prostejov.eu/

Statutární město Prostějov Statutární město Prostějov - webové stránky města

Zabezpečení komunikace

A+
Certifikát expiruje za 76 dní.

Výsledek analýzy HTTPS na www.prostejov.eu ze dne 26.06.2026

Všechno je v nejlepším pořádku a web se drží doporučených postupů.

Detailní analýza

Detailní report z HTTPs analýzy pomocí nástroje testssl.sh

server www.prostejov.eu/88.86.100.195
pre_128cipher INFO { 
No 128 cipher limit bug
}
SSLv2 OK { 
not offered
}
SSLv3 OK { 
not offered
}
TLS1 INFO { 
not offered
}
TLS1_1 INFO { 
not offered
}
TLS1_2 OK { 
offered
}
TLS1_3 INFO { 
not offered + downgraded to weaker protocol
}
NPN INFO { 
offered with h2, http/1.1 (advertised)
}
ALPN_HTTP2 OK { 
h2
}
ALPN INFO { 
http/1.1
}
cipherlist_NULL
zranitelnosti: CWE-327
OK { 
not offered
}
cipherlist_aNULL
zranitelnosti: CWE-327
OK { 
not offered
}
cipherlist_EXPORT
zranitelnosti: CWE-327
OK { 
not offered
}
cipherlist_LOW
zranitelnosti: CWE-327
OK { 
not offered
}
cipherlist_3DES_IDEA
zranitelnosti: CWE-310
INFO { 
not offered
}
cipherlist_AVERAGE
zranitelnosti: CWE-310
LOW { 
offered
}
cipherlist_GOOD INFO { 
not offered
}
cipherlist_STRONG OK { 
offered
}
cipher_order OK { 
server
}
protocol_negotiated OK { 
Default protocol TLS1.2
}
cipher_negotiated OK { 
ECDHE-RSA-AES256-GCM-SHA384, 384 bit ECDH (P-384)
}
cipher-tls1_2_xc030 OK { 
TLSv1.2   xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH 384   AESGCM      256      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
}
cipher-tls1_2_xc02f OK { 
TLSv1.2   xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH 384   AESGCM      128      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
}
cipher-tls1_2_x9f OK { 
TLSv1.2   x9f     DHE-RSA-AES256-GCM-SHA384         DH 4096    AESGCM      256      TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
}
cipher-tls1_2_x9e OK { 
TLSv1.2   x9e     DHE-RSA-AES128-GCM-SHA256         DH 4096    AESGCM      128      TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
}
cipher-tls1_2_xc028 LOW { 
TLSv1.2   xc028   ECDHE-RSA-AES256-SHA384           ECDH 384   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
}
cipher-tls1_2_xc014 LOW { 
TLSv1.2   xc014   ECDHE-RSA-AES256-SHA              ECDH 384   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
}
cipher-tls1_2_x6b LOW { 
TLSv1.2   x6b     DHE-RSA-AES256-SHA256             DH 4096    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
}
cipher-tls1_2_x39 LOW { 
TLSv1.2   x39     DHE-RSA-AES256-SHA                DH 4096    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA
}
cipherorder_TLSv1_2 INFO { 
ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA
}
FS OK { 
offered
}
FS_ciphers INFO { 
ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-GCM-SHA256
}
FS_ECDHE_curves OK { 
secp384r1
}
DH_groups OK { 
Unknown DH group (4096 bits)
}
TLS_extensions INFO { 
'server name/#0' 'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'heartbeat/#15' 'next protocol/#13172' 'application layer protocol negotiation/#16'
}
TLS_session_ticket INFO { 
valid for 3600 seconds only (<daily)
}
SSL_sessionID_support INFO { 
yes
}
sessionresumption_ticket INFO { 
supported
}
sessionresumption_ID INFO { 
supported
}
TLS_timestamp INFO { 
random
}
cert_compression INFO { 
N/A
}
clientAuth INFO { 
none
}
cert_numbers INFO { 
1
}
cert_signatureAlgorithm OK { 
SHA256 with RSA
}
cert_keySize OK { 
RSA 4096 bits (exponent is 65537)
}
cert_keyUsage INFO { 
Digital Signature, Key Encipherment
}
cert_extKeyUsage INFO { 
TLS Web Server Authentication
}
cert_serialNumber INFO { 
054365FCEC4E1372FA5A85EE311616EDF49E
}
cert_serialNumberLen INFO { 
18
}
cert_fingerprintSHA1 INFO { 
E0CBD47D04DC8A8A8B73AC57FD334CE5CF121628
}
cert_fingerprintSHA256 INFO { 
1FB4E5ECC183D8A1D30D0EDC2DECED11BE74291D7318E2058A4F3121824989F8
}
cert INFO { 
-----BEGIN CERTIFICATE----- MIIGLjCCBRagAwIBAgISBUNl/OxOE3L6WoXuMRYW7fSeMA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNZUjIwHhcNMjYwNjE0MTA0MDA3WhcNMjYwOTEyMTA0MDA2WjAXMRUwEwYDVQQD Ewxwcm9zdGVqb3YuZXUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCf L0ZA6HqkfDJnVfPrTAUepvw+XBzqmvb0jkpnzb8aBYAdwDdI4kF1rK4DqkShzV2h AZG0ED5XYBgh2OxaTGAZUd9YXlnHaxdZK5i46sH4SiHTkqFcfxILtJBjsoTt9OhZ Ls38AIaKbkXYXSx9jvQNiL/YG92Qdx/FnlRjNbL2GbAYAxGyDPM1JXK1USkOHEV1 0R37OAvVjRfwCrZJlzVQ4vmg1jyJuKPW1TWgejZf+orIicGLI6wIwkkn9PyHdk2/ VoT9mzBuYrRwlAD1zghv8bOE8d5U8ZvaczhLxGXtUuX6jqrZcAfYQxgBytIDN0Hm HRZISApi2uyuIwTr4VFrjMoXG2Esxom4QO02v1ISXQ/lCwkE6WoyfYZnspntRvsN LBl0j54buon/do9o3mJzZkgvoX3ycgAwJUT1RIC1529iH9yMyKTsWr8/JEl3Tcr7 3fccDQe4ADsueTNkb+ws6y5v5c76nF1/kTDHbgqvYwHtKW4PDgEbmSNTQWCMYVwW R8KUUmv3RX8jmyOKh26CkTBd36GyarJqwi1sblfkfwJ61ybkkW4acHqaaeszLa6M zRE2Yj6re+LR8f0R55fGVs9D7cWyx3IowoXBdchkJRoFX9WqdLxGFbe2ZtqyQHcH eB8Yz78rhYp8SvmsnpFGaY28LXcCPPm3gnobeDsH5QIDAQABo4ICVjCCAlIwDgYD VR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAw HQYDVR0OBBYEFAXuV/Z5dLI3XsJNs3z/NQ9ujHgWMB8GA1UdIwQYMBaAFEAVLSZ5 7TIgnt+ach3WMh+BDIEMMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0 cDovL3lyMi5pLmxlbmNyLm9yZy8wUwYDVR0RBEwwSoIUa2FyaWVyYS5wcm9zdGVq b3YuZXWCDHByb3N0ZWpvdi5ldYISc21hcnQucHJvc3Rlam92LmV1ghB3d3cucHJv c3Rlam92LmV1MBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+G HWh0dHA6Ly95cjIuYy5sZW5jci5vcmcvMzEuY3JsMIIBDAYKKwYBBAHWeQIEAgSB /QSB+gD4AHcAyzj3FYl8hKFEX1vB3fvJbvKaWc1HCmkFhbDLFMMUWOcAAAGexe01 2gAABAMASDBGAiEA+9bSsu5ZA+H2szXU7K7k5Nw6RRHHdswpoPSfshBmv10CIQDQ kyTnxice1hwWhUOPavAHIpDFn10sw+r07Rbj/cnoHgB9AGz+UBlDqF6pFrxS0TPk 3Mke8UEcfSWEINFzgJ4YGOs6AAABnsXtNvkACAAABQAQb/L5BAMARjBEAiAmjoIP Kq/ZIZnahwGMZUpuHWV8jzk+eK6+aFO8rN0xgAIgQYo5oNXEJsjv9s3+WGw9jbAd VlYanwcMLPLOjjt4OXUwDQYJKoZIhvcNAQELBQADggEBAIS6DfTA9rdBeTB2nu7D q2XM/sLf71bfGP/FcRxuqlAY6iwmjpZLFd8EF14VYz5KPH06Wh14jJ46Gd6nuoyB VDU3u5EfozekdyB3UkripVaY4PFrw7DC1Mx02/GsKQKN9CyUcuY9U4PO3t1xyTq7 plaAhKKzryiwPeiWc1JSoB1zYl9hVEX1vg69o8r8RhkoK9+hjr1P51Tszfdg8sjw Sq6ljXTB/7BRiOYK2SicrlOT48VCFOduSk+2oXANhli4/YTj2mXvFJzfYr765F3M 0rjrZWRoSiRdza1mqXnplddSXu21PdwleSGe8dkbyiokiHTQ6yQ55a/89FADd7aO aD0= -----END CERTIFICATE-----
}
cert_commonName OK { 
prostejov.eu
}
cert_commonName_wo_SNI INFO { 
*.as4u.org
}
cert_subjectAltName INFO { 
kariera.prostejov.eu prostejov.eu smart.prostejov.eu www.prostejov.eu
}
cert_trust OK { 
Ok via SAN (SNI mandatory)
}
cert_chain_of_trust OK { 
passed.
}
cert_certificatePolicies_EV INFO { 
no
}
cert_expirationStatus OK { 
77 >= 30 days
}
cert_notBefore INFO { 
2026-06-14 10:40
}
cert_notAfter OK { 
2026-09-12 10:40
}
cert_extlifeSpan OK { 
certificate has no extended life time according to browser forum
}
cert_eTLS INFO { 
not present
}
cert_crlDistributionPoints INFO { 
http://yr2.c.lencr.org/31.crl
}
cert_ocspURL INFO { 
--
}
OCSP_stapling INFO { 
not offered
}
cert_mustStapleExtension INFO { 
--
}
DNS_CAArecord LOW { 
--
}
certificate_transparency OK { 
yes (certificate extension)
}
certs_countServer INFO { 
3
}
certs_list_ordering_problem INFO { 
no
}
cert_caIssuers INFO { 
YR2 (Let's Encrypt from US)
}
intermediate_cert <#1> INFO { 
-----BEGIN CERTIFICATE----- MIIE2jCCAsKgAwIBAgIQTr0klH4k05SALYSlL9WzGTANBgkqhkiG9w0BAQsFADAu MQswCQYDVQQGEwJVUzENMAsGA1UEChMESVNSRzEQMA4GA1UEAxMHUm9vdCBZUjAe Fw0yNTA5MDMwMDAwMDBaFw0yODA5MDIyMzU5NTlaMDMxCzAJBgNVBAYTAlVTMRYw FAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQDEwNZUjIwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDZ0LxwBppqh84luqMerV/eeL/fXQ7mLQQv1Lnp WKZbyvGpx6wh6AfnslAnF6ewTkcHA+gSOoBvm3Dfm06AuGiF+KRut4fAcowqnAQQ CW98+QPP/eOv/wug7Iyk4NkOxf2I6g2f55T6nJoOTLFcukeRq80JGQEYan+dPFr9 OGUgQK2hGKgNkW87pappsOAuUJcroYhRt5uUis4qaZireiseu32gzDJNBAiKtsvd 6HX4v25bpkRNcS/B/Gtc9kVbUpD+2PLPxdei3Tim55k4tfAEXwD2qyiPTxrTNq6l N+AMr5g2c1dNqkOTwjxeV6L5lpP1rGiYvLnRaPlOqyZRPW+5AgMBAAGjge4wgesw DgYDVR0PAQH/BAQDAgGGMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBIGA1UdEwEB/wQI MAYBAf8CAQAwHQYDVR0OBBYEFEAVLSZ57TIgnt+ach3WMh+BDIEMMB8GA1UdIwQY MBaAFN7nW2DQIm1AKH0/DQH+pLVStFGUMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEF BQcwAoYWaHR0cDovL3lyLmkubGVuY3Iub3JnLzATBgNVHSAEDDAKMAgGBmeBDAEC ATAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8veXIuYy5sZW5jci5vcmcvMA0GCSqG SIb3DQEBCwUAA4ICAQB0ZUQWZ9/Yn9COEpo+JfecMnB0h0vwDm/M66IqXqw3LoaL mx9lZvRTeDIS67PUeI3yCA2W6PKRD0/FE/G57lOmS+Xy5AaaL00ICGOqjNcCaMWW 8o8nevHOd4i4lqgtznE/28QwlcdJyF8yBiWHpnyjhEpmNWJURgOCOg2xpwRMBCsj MScqYPtOhBeuYQvSwAEeTML2Ukh6uGuX4E14q65Ja8cdjF5bAldnP1eE4FBaAwsZ G2fOqqrKV03Y85Nw2btedP1AtliQuJZs/Jo/gXxXdc7LrH3McgnpnbTiAncX7yES hP6kzQejllqMCIt52HOjxDGWafS7Xw+DKwqmH+Eqy8dcbOuag/1AYlQoKNVK3F5q Hh6tEDiMqQcLIibGKteE6iHo4A/bIScbzrhXUYuism42ZYzmc48FMVIH3qy4L84E TdAH2gtxw0PAhvRVXp8HP7wfngpzsN/8xOTpeRSbM4+Qbc56G6+Bifmv6sk1ieQb NA3wJdl4DDUuQSV8hBgx6zoI1ZSGORprDFux7c6rhc77QZMSRrEgomBeklervEve 86ylWmZ3WWHV6RLMi8xNvjd71r4EPIGgY7BZU/VPBkq+uA7Gb6mbJnFgV43uh3xy LRFgxIAphIukwTGSMZZR+AI+Qnp0BYTWovHXozOf3H8r6hozEoT02JHn0AeTfA== -----END CERTIFICATE-----
}
intermediate_cert_fingerprintSHA256 <#1> INFO { 
238B85A0099C65B970477D5724F1A1D475CE5058CFFE4EFA8733899BDB863C47
}
intermediate_cert_notBefore <#1> INFO { 
2025-09-03 00:00
}
intermediate_cert_notAfter <#1> OK { 
2028-09-02 23:59
}
intermediate_cert_expiration <#1> OK { 
ok > 40 days
}
intermediate_cert_chain <#1> INFO { 
YR2 <-- Root YR
}
intermediate_cert <#2> INFO { 
-----BEGIN CERTIFICATE----- MIIF9DCCA9ygAwIBAgIRAPJLbRf52a18scn+p4eCaZ8wDQYJKoZIhvcNAQELBQAw TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjYwNTEzMDAwMDAw WhcNMzIwOTAyMjM1OTU5WjAuMQswCQYDVQQGEwJVUzENMAsGA1UEChMESVNSRzEQ MA4GA1UEAxMHUm9vdCBZUjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB ANvGJnN78CTJdWL3+eGfsLN5TrNBJs+VH9hRXqRbwxu9sGNiB0BD1fcOxbSUQCJI M1xE13Db+5Cw1w0s0EBYsvuIP/6joF0w8cuImbgR1OGgYbSQ4OpzI+DG8SGuTlcE 873OCS+kh3srlo6vl43M5OJg4Aeo1sfHp6kTJDoIiFBNJAY+OKfX/FUvYKuhjT+n o49lmqmupSBI5PkBQiqrEGtWU5uxU/cQWHGu8jSjFBznZqvbNPLMXMLFxCb3WTfr JBXXjqvWG+v4bjzxjjeAtOlU7qarRDvNOyAuQYLln904M+faKx8hnLCpJ15ZqaEg cNlY+9MMWcC5yvL2A2j3l9+2buggZX+dOE91zYmIdawTvSZuVvlbRrAlLxIB6pwM BjneXCjYQ8+3BCCjssbSNpZU3hTcBDdhfAlEDlYr6pEatnMdmDT5BqnKC92bd0Eh M1fbLHioLccLCuievT8ZkPhZrq7Mii7gNXAcUEAR8+lzYal+9zTg7C5DALyVOeG/ CqfRAMn1KSHCR0NSA6P8tn/mGRlnCct5rtVCLnVySVpU6H1qGg3DgTOuskf8eahT MiYbI5ezPJmO5ertalskQ1utp74+eDy92PI4ftHKTbq9IWhH4YZKh3WnJEIt+oQv lYZbY8tpEroKrFB6PFGzrJIDRyts4HqvuH52RFj2zv/BAgMBAAGjgeswgegwDgYD VR0PAQH/BAQDAgEGMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFN7nW2DQIm1AKH0/DQH+pLVStFGUMB8GA1UdIwQYMBaAFHm0 WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAoYW aHR0cDovL3gxLmkubGVuY3Iub3JnLzATBgNVHSAEDDAKMAgGBmeBDAECATAnBgNV HR8EIDAeMBygGqAYhhZodHRwOi8veDEuYy5sZW5jci5vcmcvMA0GCSqGSIb3DQEB CwUAA4ICAQA8spSI95KKfn2W6GMmDpHBJSPaLbsS3W93cijJCRCYAc1fsJgL1FIL 7C0C9ecPOdcwB2fi0Dk2p94j9iTJCxmt5CFSKLRWwnXT2MMSXexVxqoVB79BdWPx VXETkVme/qYSAuKVHh5Ps+5BixgmwS1JkjSAc+MfrUbNssVEEnH0aEiAh+rotXAV JSP/Ye7LJPEwD9DWG72vVWbhAcuOf5OLjz57Ctk7MgQHynZ7+PlHJtajroCaIbtC r6tcZZaAwUQm+jQyeWdV+2hv9deOYFmKeQyjjcSrN5Nadrw+L9DZJLbA1HqeNvLh BgqpP0fvJq2N6EtD574N6eMI7uMsJTnji2UDz9el5XLSv9fqJMuDQtYVb2oTNoKp oUqhxPVC0aq4eG5MESaIdn8b5ZGSSeAJLMHXljEdlNza+ncfkviXk1POLnnFdvx8 /gk6M374WbLWFXw8N141B/Rl/tINGfl1TxOIiqtiMYkL02RSGb1kq34BL9NPP27z RGMuHGnzS3hFIrRTfKxrzUZ9RzQWzEG3K6fJ3r2nqSltkeytis9DIBoFY9VmVyjL M71DMi+y1+TRSJVClEMwvA4yL++7q9XZx5r5wBRWB4kQTKH5qyoZnDw7iiuh1lID yDFx8r7i9vIJU5HS3moZLkYWAOilMaV9N56A9Bgb6dNcHkvg3NoaYA== -----END CERTIFICATE-----
}
intermediate_cert_fingerprintSHA256 <#2> INFO { 
072639D0B140D5BFFAE16AD9C3F6CC6086040621F51EE61A6D46A8915C07CF76
}
intermediate_cert_notBefore <#2> INFO { 
2026-05-13 00:00
}
intermediate_cert_notAfter <#2> OK { 
2032-09-02 23:59
}
intermediate_cert_expiration <#2> OK { 
ok > 40 days
}
intermediate_cert_chain <#2> INFO { 
Root YR <-- ISRG Root X1
}
intermediate_cert_badOCSP OK { 
intermediate certificate(s) is/are ok
}
HTTP_status_code INFO { 
200 OK ('/')
}
HTTP_clock_skew INFO { 
0 seconds from localtime
}
HTTP_headerTime INFO { 
1782505260
}
HSTS_time OK { 
365 days (=31536000 seconds) > 15552000 seconds
}
HSTS_subdomains OK { 
includes subdomains
}
HSTS_preload INFO { 
domain is NOT marked for preloading
}
HPKP INFO { 
No support for HTTP Public Key Pinning
}
banner_server INFO { 
No Server banner line in header, interesting!
}
banner_application INFO { 
No application banner found
}
cookie_count INFO { 
0 at '/'
}
X-Content-Type-Options OK { 
nosniff
}
Access-Control-Allow-Origin INFO { 
https://www.mucl.cz
}
Cache-Control INFO { 
no-cache
}
Pragma INFO { 
no-cache
}
banner_reverseproxy
zranitelnosti: CWE-200
INFO { 
--
}
heartbleed
zranitelnosti: CVE-2014-0160 CWE-119
OK { 
not vulnerable
}
CCS
zranitelnosti: CVE-2014-0224 CWE-310
OK { 
not vulnerable
}
ticketbleed
zranitelnosti: CVE-2016-9244 CWE-200
OK { 
not vulnerable
}
ROBOT
zranitelnosti: CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168 CWE-203
OK { 
not vulnerable, no RSA key transport cipher
}
secure_renego
zranitelnosti: CWE-310
OK { 
supported
}
secure_client_renego
zranitelnosti: CVE-2011-1473 CWE-310
OK { 
not vulnerable
}
CRIME_TLS
zranitelnosti: CVE-2012-4929 CWE-310
OK { 
not vulnerable
}
BREACH
zranitelnosti: CVE-2013-3587 CWE-310
MEDIUM { 
potentially VULNERABLE, gzip HTTP compression detected  - only supplied '/' tested
}
POODLE_SSL
zranitelnosti: CVE-2014-3566 CWE-310
OK { 
not vulnerable, no SSLv3
}
fallback_SCSV OK { 
no protocol below TLS 1.2 offered
}
SWEET32
zranitelnosti: CVE-2016-2183 CVE-2016-6329 CWE-327
OK { 
not vulnerable
}
FREAK
zranitelnosti: CVE-2015-0204 CWE-310
OK { 
not vulnerable
}
DROWN
zranitelnosti: CVE-2016-0800 CVE-2016-0703 CWE-310
OK { 
not vulnerable on this host and port
}
DROWN_hint
zranitelnosti: CVE-2016-0800 CVE-2016-0703 CWE-310
INFO { 
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=1FB4E5ECC183D8A1D30D0EDC2DECED11BE74291D7318E2058A4F3121824989F8
}
LOGJAM
zranitelnosti: CVE-2015-4000 CWE-310
OK { 
not vulnerable, no DH EXPORT ciphers,
}
LOGJAM-common_primes
zranitelnosti: CVE-2015-4000 CWE-310
OK { 
--
}
BEAST
zranitelnosti: CVE-2011-3389 CWE-20
OK { 
not vulnerable, no SSL3 or TLS1
}
LUCKY13
zranitelnosti: CVE-2013-0169 CWE-310
LOW { 
potentially vulnerable, uses TLS CBC ciphers
}
winshock
zranitelnosti: CVE-2014-6321 CWE-94
OK { 
not vulnerable
}
RC4
zranitelnosti: CVE-2013-2566 CVE-2015-2808 CWE-310
OK { 
not vulnerable
}
clientsimulation-android_442 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-android_500 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-android_60 INFO { 
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
}
clientsimulation-android_70 INFO { 
No connection
}
clientsimulation-android_81 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-android_90 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-android_X INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-chrome_74_win10 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-chrome_79_win10 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-firefox_66_win81 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-firefox_71_win10 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-ie_6_xp INFO { 
No connection
}
clientsimulation-ie_8_win7 INFO { 
No connection
}
clientsimulation-ie_8_xp INFO { 
No connection
}
clientsimulation-ie_11_win7 INFO { 
TLSv1.2 DHE-RSA-AES256-GCM-SHA384
}
clientsimulation-ie_11_win81 INFO { 
TLSv1.2 DHE-RSA-AES256-GCM-SHA384
}
clientsimulation-ie_11_winphone81 INFO { 
TLSv1.2 ECDHE-RSA-AES256-SHA
}
clientsimulation-ie_11_win10 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-edge_15_win10 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-edge_17_win10 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-opera_66_win10 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-safari_9_ios9 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-safari_9_osx1011 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-safari_10_osx1012 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-safari_121_ios_122 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-safari_130_osx_10146 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-apple_ats_9_ios9 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-java_6u45 INFO { 
No connection
}
clientsimulation-java_7u25 INFO { 
No connection
}
clientsimulation-java_8u161 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-java1102 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-java1201 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-openssl_102e INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-openssl_110l INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-openssl_111d INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
clientsimulation-thunderbird_68_3_1 INFO { 
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
}
rating_spec INFO { 
SSL Labs's 'SSL Server Rating Guide' (version 2009q from 2020-01-30)
}
rating_doc INFO { 
https://github.com/ssllabs/research/wiki/SSL-Server-Rating-Guide
}
protocol_support_score INFO { 
100
}
protocol_support_score_weighted INFO { 
30
}
key_exchange_score INFO { 
100
}
key_exchange_score_weighted INFO { 
30
}
cipher_strength_score INFO { 
90
}
cipher_strength_score_weighted INFO { 
36
}
final_score INFO { 
96
}
overall_grade OK { 
A+
}
scanTime INFO { 
80
}