Ministry of ICT
Iran Information Technology Organization
Domain, IP Address & Port Number |
---|
www.moi.ir (185.143.233.84:443) |
Assessment Time & Date |
Nov. 20, 2024, 10:59 a.m. |
Assessment Duration |
Seconds 40 |
Is the certificate still valid? | YES | |
Certificate Issue Date | 2024-10-28 08:03 | |
Certificate Expiration Date | 2025-10-28 08:03 | |
Trust Chain Health | Healthy | |
Certificate Issuer | Certum Domain Validation CA SHA2 (Unizeto Technologies S.A. from PL) | |
Is the certificate valid for www.moi.ir? | YES | |
|
HTTP Status Code | 307 Temporary Redirect ('/') |
Strict Transport Security (HSTS) | not offered |
Public Key Pinning (HPKP) | No support for HTTP Public Key Pinning |
Server Banner | ArvanCloud Server-Timing: total;dur=0 |
Banner Application | No application banner found |
SSLv2 | Your server does not support SSLv2 which is good since it is an insecure protocol. | |
|
SSLv3 | Your server does not support SSLv3 which is good since it is an insecure protocol. | |
|
TLS1 | Your server supports TLSv1.0. This protocol is now considered as a weak protocol. You are advised to disable support for this protocol. | |
|
TLS1.1 | Your server supports TLSv1.1. This protocol is now considered a weak protocol. You are advised to start supporting more advanced protocols. | |
|
TLS1.2 | Your server supports TLSv1.2. Currently, this protocol is considered stable. But you'd better consider supporting TLS v1.3. | |
|
TLS1.3 | Your server supports TLS v1.3. Currently, this protocol is considered the most robust protocol available. | |
|
NULL | Your server does not support NULL ciphers. | |
|
aNULL | Your server does not support aNULL ciphers. | |
|
EXPORT | Your server does not support EXPORT ciphers. | |
|
LOW | Your server does not support LOW ciphers. | |
|
3DES_IDEA | Your server supports 3DES ciphers which is considered an insecure cipher. | |
|
AVERAGE | Your server supports AVERAGE ciphers which are considered insecure ciphers. | |
|
Strong | Your server support strong ciphers. | |
|
PFS Overview | Your server supports Perfect Forward Secrecy (PFS) | |
|
Ciphers that support PFS. | List of ciphers that support perfect forward secrecy (PFS). | ||
|
Analysis of ECDH Curves | Your server uses strong ECDHE keys for key exchange. | |
|
Analyzing Heartbleed Vulnerability | Your connection is immune against heartbleed attack. | |
|
Analyzing CCS Vulnerability | Your connection is immune against CCS attack. | |
|
Analyzing Ticketbleed Vulnerability | Your connection is immune against ticketbleed attack. | |
|
Analyzing ROBOT vulnerability | Your connection is immune to ROBOT attack. | |
|
Analyzing Secure Renegotiation | OpenSSL handshake do not succeed | ||
|
Analyzing Client-initiated Secure Connection | Your server is properly configured to support Secure Client Renegotiation. | |
|
Analyzing protection against CRIME Attack | Your connection is immune against CRIME_TLS attack. | |
|
Analyzing protection against poodle attacks | Your connection is immune against poodle_ssl attack. | |
|
Analyzing fallback_SCSV vulnerability | Your connection is immune against fallback_SCSV attack. | |
|
Analyzing Protection Against Freak Attack | Your connection is immune against FREAK attack. | |
|
Analyzing protection against DROWN Attacks. | Your connection is immune against DROWN attack. | |
|
Analyzing protection against LOGJAM Attack | Your connection is immune against LOGJAM attack. | |
|
Analyzing existence of common primes in public/private encryption key pairs. | Your connection is immune to LOGJAM-Common_Primes attack. | |
|
Analyzing CVE-2011-3389 vulnerability | Your connection is vulnerable to BEAST_CBC_TLS1 attack. | ||
|
Analyzing BEAST vulnerability | Your connection is vulnerable to BEAST attack. | ||
|
Analyzing luck13 vulnerability | Your connection is vulnerable to LUCKY13 attack. | ||
|
Analyzing RC4 vulnerability | Your connection is immune against RC4 attack. | |
|
TLSv1 | |||||
|
TLSv1.1 | |||||
|
TLSv1.2 | |||||||||||
|
Client | Cipher Suite | Protocol |
---|---|---|
ANDROID-442 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | ANDROID-500 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | ANDROID-60 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | ANDROID-70 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | ANDROID-81 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | ANDROID-90 | TLSv1.3 | TLS_AES_128_GCM_SHA256 | ANDROID-X | TLSv1.3 | TLS_AES_128_GCM_SHA256 | CHROME-74-WIN10 | TLSv1.3 | TLS_AES_128_GCM_SHA256 | CHROME-79-WIN10 | TLSv1.3 | TLS_AES_128_GCM_SHA256 | FIREFOX-66-WIN81 | TLSv1.3 | TLS_AES_128_GCM_SHA256 | FIREFOX-71-WIN10 | TLSv1.3 | TLS_AES_128_GCM_SHA256 | IE-6-XP | N/A | No Connection | IE-8-WIN7 | TLSv1.0 | ECDHE-RSA-AES128-SHA | IE-8-XP | N/A | No Connection | IE-11-WIN7 | TLSv1.2 | ECDHE-RSA-AES128-SHA256 | IE-11-WIN81 | TLSv1.2 | ECDHE-RSA-AES128-SHA256 | IE-11-WINPHONE81 | TLSv1.2 | ECDHE-RSA-AES128-SHA256 | IE-11-WIN10 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | EDGE-15-WIN10 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | EDGE-17-WIN10 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | OPERA-66-WIN10 | TLSv1.3 | TLS_AES_128_GCM_SHA256 | SAFARI-9-IOS9 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | SAFARI-9-OSX1011 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | SAFARI-10-OSX1012 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | SAFARI-121-IOS-122 | TLSv1.3 | TLS_CHACHA20_POLY1305_SHA256 | SAFARI-130-OSX-10146 | TLSv1.3 | TLS_CHACHA20_POLY1305_SHA256 | APPLE-ATS-9-IOS9 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | JAVA-6U45 | N/A | No Connection | JAVA-7U25 | TLSv1.0 | ECDHE-RSA-AES128-SHA | JAVA-8U161 | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | JAVA1102 | TLSv1.3 | TLS_AES_128_GCM_SHA256 | JAVA1201 | TLSv1.3 | TLS_AES_128_GCM_SHA256 | OPENSSL-102E | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | OPENSSL-110L | TLSv1.2 | ECDHE-RSA-AES128-GCM-SHA256 | OPENSSL-111D | TLSv1.3 | TLS_AES_256_GCM_SHA384 | THUNDERBIRD-68-3-1 | TLSv1.3 | TLS_AES_128_GCM_SHA256 |
|