Ministry of ICT
Iran Information Technology Organization
Domain, IP Address & Port Number |
---|
ghods-niroo.com (46.209.59.94:443) |
Assessment Time & Date |
Nov. 20, 2024, 10:09 a.m. |
Assessment Duration |
Seconds 48 |
Is the certificate still valid? | YES | |
Certificate Issue Date | 2024-01-28 12:30 | |
Certificate Expiration Date | 2025-01-27 12:30 | |
Trust Chain Health | Healthy | |
Certificate Issuer | Certum Domain Validation CA SHA2 (Unizeto Technologies S.A. from PL) | |
Is the certificate valid for ghods-niroo.com? | YES | |
|
HTTP Status Code | 200 OK ('/') |
Strict Transport Security (HSTS) | 365 days (=31536000 seconds) > 15465600 seconds |
HSTS Subdomains | only for this domain |
HSTS Preload | domain is NOT marked for preloading |
Public Key Pinning (HPKP) | No support for HTTP Public Key Pinning |
Server Banner | Microsoft-IIS/10.0 |
Banner Application | X-AspNet-Version: 4.0.30319, X-Powered-By: ASP.NET |
SSLv2 | Your server does not support SSLv2 which is good since it is an insecure protocol. | |
|
SSLv3 | Your server does not support SSLv3 which is good since it is an insecure protocol. | |
|
TLS1 | Your server supports TLSv1.0. This protocol is now considered as a weak protocol. You are advised to disable support for this protocol. | |
|
TLS1.1 | Your server supports TLSv1.1. This protocol is now considered a weak protocol. You are advised to start supporting more advanced protocols. | |
|
TLS1.2 | Your server supports TLSv1.2. Currently, this protocol is considered stable. But you'd better consider supporting TLS v1.3. | |
|
TLS1.3 | Your server does not support TLSv1.3. We strongly advise supporting this protocol. | |
|
NULL | Your server does not support NULL ciphers. | |
|
aNULL | Your server does not support aNULL ciphers. | |
|
EXPORT | Your server does not support EXPORT ciphers. | |
|
LOW | Your server does not support LOW ciphers. | |
|
3DES_IDEA | Your server supports 3DES ciphers which is considered an insecure cipher. | |
|
AVERAGE | Your server supports AVERAGE ciphers which are considered insecure ciphers. | |
|
Strong | Your server support strong ciphers. | |
|
PFS Overview | Your server supports Perfect Forward Secrecy (PFS) | |
|
Ciphers that support PFS. | List of ciphers that support perfect forward secrecy (PFS). | ||
|
Analysis of ECDH Curves | Your server uses strong ECDHE keys for key exchange. | |
|
Analysis of the strength of Diffie-Hellman Keys | Your server uses strong Diffie-Hellman keys for key exchange. | |
|
Analyzing Heartbleed Vulnerability | Your connection is immune against heartbleed attack. | |
|
Analyzing CCS Vulnerability | Your connection is immune against CCS attack. | |
|
Analyzing Ticketbleed Vulnerability | Your connection is immune against ticketbleed attack. | |
|
Analyzing ROBOT vulnerability | Your connection is immune to ROBOT attack. | |
|
Analyzing Secure Renegotiation | Your connection is immune against secure_renego attack. | ||
|
Analyzing Client-initiated Secure Connection | Your server is properly configured to support Secure Client Renegotiation. | |
|
Analyzing protection against CRIME Attack | Your connection is immune against CRIME_TLS attack. | |
|
Analyzing protection against poodle attacks | Your connection is immune against poodle_ssl attack. | |
|
Analyzing Protection Against Freak Attack | Your connection is immune against FREAK attack. | |
|
Analyzing protection against DROWN Attacks. | Your connection is immune against DROWN attack. | |
|
Analyzing existence of common primes in public/private encryption key pairs. | Your connection is vulnerable to LOGJAM-Common_Primes attack. | |
|
Analyzing protection against LOGJAM Attack | Your connection is immune against LOGJAM attack. | |
|
Analyzing CVE-2011-3389 vulnerability | Your connection is vulnerable to BEAST_CBC_TLS1 attack. | ||
|
Analyzing BEAST vulnerability | Your connection is vulnerable to BEAST attack. | ||
|
Analyzing luck13 vulnerability | Your connection is vulnerable to LUCKY13 attack. | ||
|
Analyzing RC4 vulnerability | Your connection is immune against RC4 attack. | |
|
TLSv1 | |||||
|
TLSv1.1 | |||||
|
TLSv1.2 | |||||||||||||||
|
Client | Cipher Suite | Protocol |
---|---|---|
ANDROID-442 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | ANDROID-500 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | ANDROID-60 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | ANDROID-70 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | ANDROID-81 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | ANDROID-90 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | ANDROID-X | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | CHROME-74-WIN10 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | CHROME-79-WIN10 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | FIREFOX-66-WIN81 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | FIREFOX-71-WIN10 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | IE-6-XP | N/A | No Connection | IE-8-WIN7 | TLSv1.0 | ECDHE-RSA-AES256-SHA | IE-8-XP | TLSv1.0 | DES-CBC3-SHA | IE-11-WIN7 | TLSv1.2 | DHE-RSA-AES256-GCM-SHA384 | IE-11-WIN81 | TLSv1.2 | DHE-RSA-AES256-GCM-SHA384 | IE-11-WINPHONE81 | TLSv1.2 | ECDHE-RSA-AES128-SHA256 | IE-11-WIN10 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | EDGE-15-WIN10 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | EDGE-17-WIN10 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | OPERA-66-WIN10 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | SAFARI-9-IOS9 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | SAFARI-9-OSX1011 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | SAFARI-10-OSX1012 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | SAFARI-121-IOS-122 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | SAFARI-130-OSX-10146 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | APPLE-ATS-9-IOS9 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | JAVA-6U45 | TLSv1.0 | AES128-SHA | JAVA-7U25 | TLSv1.0 | ECDHE-RSA-AES128-SHA | JAVA-8U161 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | JAVA1102 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | JAVA1201 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | OPENSSL-102E | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | OPENSSL-110L | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | OPENSSL-111D | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | THUNDERBIRD-68-3-1 | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 |
|