sar.hovedredningssentralen.no

Score 85/100

Web site information

Website image sar.hovedredningssentralen.no
IP Address
Web Servers
Apache
JavaScript Frameworks
jQuery

SEO data

title
SAR
description
keywords
robots
all
distribution
Global
mssmarttagspreventparsing
true

Web site external calls

www.google.com
www.gstatic.com

Protocols

SSLv2
not offered
SSLv3
not offered
TLS 1.0
not offered
TLS 1.1
is not offered
TLS 1.2
offered
TLS 1.3
not offered and downgraded to a weaker protocol
ALPN
http/1.1

Vulnerabilities

heartbleed
not vulnerable, no heartbeat extension
CCS
not vulnerable
ticketbleed
no session ticket extension
ROBOT
not vulnerable
SSL renegotiation
not vulnerable
SSL client renegotiation
VULNERABLE, DoS threat
CRIME TLS
not vulnerable
BREACH
potentially VULNERABLE, uses gzip HTTP compression - only supplied '/' tested
POODLE SSL
not vulnerable
fallback SCSV
no protocol below TLS 1.2 offered
SWEET32
not vulnerable
FREAK
not vulnerable
DROWN
not vulnerable to DROWN on this host and port
DROWN
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=9D43D3799854EE3B65A0534DE1A0AF7524FD86CAA07292FAC25549AFC1B209F3
LOGJAM
not vulnerable, no DH EXPORT ciphers,
LOGJAM-common primes
no DH key
BEAST
not vulnerable, no SSL3 or TLS1
LUCKY13
potentially vulnerable, uses TLS CBC ciphers
RC4
not vulnerable

Header Responses

Status code
200 OK ('/')
Clock skew
+319 seconds from localtime
HSTS
not offered
HPKP
No support for HTTP Public Key Pinning
security headers
--

Server Defaults

TLS extensions
'renegotiation info/#65281' 'EC point formats/#11' 'application layer protocol negotiation/#16'
TLS session ticket
No lifetime advertised
SSL sessionID support
yes
Session Ticket Resumption
supported
Session ID Resumption
supported
TLS timestamp
off by +76 seconds from your localtime
Signature algorithm
SHA256 with RSA
Key size
2048 bits
Key usage
Digital Signature, Key Encipherment
Extended key usage
cert_ext_keyusage
Serial number
555053D60014D61C8C885AD4C4969074
Fingerprint SHA1
2A586BB299FDD6EE84446A88578680B134517FF1
Fingerprint SHA256
9D43D3799854EE3B65A0534DE1A0AF7524FD86CAA07292FAC25549AFC1B209F3
Certificate details
-----BEGIN CERTIFICATE----- MIIGZTCCBU2gAwIBAgIQVVBT1gAU1hyMiFrUxJaQdDANBgkqhkiG9w0BAQsFADCB jzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD Ey5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB MB4XDTIxMTAxNTAwMDAwMFoXDTIyMTExNTIzNTk1OVowKDEmMCQGA1UEAxMdc2Fy LmhvdmVkcmVkbmluZ3NzZW50cmFsZW4ubm8wggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDcu1bbeYsgDJS2P9sqWHC0Zv+8Tx3h7w1vmR2yxxP78LCj3/fj +ECnWYabudAfOaY1ggWvAkKB2PBnm1RofcKTnAYXPEObRXM76cJ7VqhSUn52hNGe iWYUAcyhdRdHeIyQssfqp8QUDMtCfHzmPgyz4SCQH5srHUyKKlgXTIRuEVI9kSe3 mI/pRUP5H4zvGY9A8eHEcSfO8EeuV6YXCClkCaNfLWKRqRFdtdlnIUns/spkk50e ogkQAIgP4kzIdhak7U+IMwjCClcAf1VUPdJpO5j88kwrY5U1ssIj9XGP6yKr4nOf FD32LUIsQDOd5rSuZmyJzTNYuG3S4snbbTCLAgMBAAGjggMhMIIDHTAfBgNVHSME GDAWgBSNjF7EVK2K4Xfpm/mbBeG4AY1h4TAdBgNVHQ4EFgQUf/svu4jm+5kaNHM/ mqnPbwjjqg4wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAgcw JTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQIB MIGEBggrBgEFBQcBAQR4MHYwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9jcnQuc2VjdGln by5jb20vU2VjdGlnb1JTQURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5j cnQwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMIIBgQYKKwYB BAHWeQIEAgSCAXEEggFtAWsAdwBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiFq/L8 cP5tRwAAAXyEF3YCAAAEAwBIMEYCIQDgXbI9vG9/tS8XxfWtBBUrSLK12GBhOTuj w0J3jJcxQAIhANMUU/9FrRs4++mAKMa926lH428cqCebTBOetp4sM3JCAHcAQcjK sd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF8hBd1wAAABAMASDBGAiEA gVVs3StG25Q6ldXCEO3k9Se+0LiorybntvHoyK01Pf0CIQDTkuzSHBlU8ByaRLG1 bAM3rTjJGs6ZzXrB2WMIzp7I4wB3ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4+U1d JlwlXceEAAABfIQXdZgAAAQDAEgwRgIhAP20sVRQv3FiZLm9NnNWovT491TreRdC XUaPIcYY6g5vAiEAvUcxpoB9ssuVHcdyfY11N/9YbhzhNQoTLNeBbSWz+kswRwYD VR0RBEAwPoIdc2FyLmhvdmVkcmVkbmluZ3NzZW50cmFsZW4ubm+CHXNydC5ob3Zl ZHJlZG5pbmdzc2VudHJhbGVuLm5vMA0GCSqGSIb3DQEBCwUAA4IBAQAmB+P/xBbK yNkZapZvp/NNqDZAfV7TMQJOOC3T2xUaI9eoT7s1iO+vxgKuB3rb9MTL4Ptqj9Lu MUrjncujsxpDQkAYUJ9vxQNzYMH298MvzqojW8g+igzictm7fLAwszo0JfOlE6yO PQHhW35lSFj4vJBU3QyK/IVuxnmeG0W5U0VG69PwAWLL5p8k7+HSmQuGc7k0bZ4l nzCr6Y82dUhd+YTMr6d2GlyhfbDjlhJTKzO3tyR4IA51g0ewzK9dINyafjTs8rN1 lsJTNfIueiBw9BHwFyLxFEwv62vBFXXBUmg7XZ9sF0VE0L4CpGsTMyPXRqx/PLVk IZ5aHuAosa4T -----END CERTIFICATE-----
Common names
sar.hovedredningssentralen.no
Service Name Indication
sar.hovedredningssentralen.no
SubjectAlternative Name
sar.hovedredningssentralen.no srt.hovedredningssentralen.no
Certificate authority issuers
Sectigo RSA Domain Validation Secure Server CA (Sectigo Limited from GB)
Certificate trusted
Ok via SAN and CN (same w/o SNI)
Certificate chain trusted
passed.
Is certificate Extended Validation
no
Days before expiry
347 >= 60 days
Valid from
2021-10-15 02:00
Valid until
2022-11-16 00:59
Chain
2
CRL distribution points
--
Online Certificate Status Protocol URL
http://ocsp.sectigo.com
OCSP stapling
not offered
cert mustStapleExtension
--
DNS CAArecord
--
certificate transparency
yes (certificate extension)

Server Preferences

order
server
Which protocol negotiated
Default protocol TLS1.2
negotiated
AES256-SHA (cbc)
order TLSv1 2
AES256-SHA

Perfect Forward Secrecy

PFS
offered
PFS s
ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
ECDHE curves
secp224r1 prime256v1 secp384r1 secp521r1

Ciphers

ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(0xc030)
ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
(0xc028)
ECDHE-RSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
(0xc014)
AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
(0x9d)
AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
(0x3d)
AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
(0x35)
ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(0xc02f)
ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
(0xc027)
ECDHE-RSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
(0xc013)
AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
(0x9c)
AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
(0x3c)
AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
(0x2f)

Browser Simulations

Android 2.3.7
No connection
Android 4.1.1
No connection
Android 4.3
No connection
Android 4.4.2
TLSv1.2 AES256-SHA
Android 5.0.0
TLSv1.2 AES256-SHA
Android 6.0
TLSv1.2 AES256-SHA
Android 7.0
TLSv1.2 AES256-SHA
Windows Chrome 51
TLSv1.2 AES256-SHA
Windows Chrome 57
TLSv1.2 AES256-SHA
Windows Firefox 47
TLSv1.2 AES256-SHA
Windows Firefox 53
TLSv1.2 AES256-SHA
Windows XP Internet Explorer 6
No connection
Windows Vista Internet Explorer 7
No connection
Windows XP Internet Explorer 8
No connection
Windows 7 Internet Explorer 8
No connection
Windows 7 Internet Explorer 11
TLSv1.2 AES256-SHA
Windows 8.1 Internet Explorer 11
TLSv1.2 AES256-SHA
Windows 8.1 update Internet Explorer 11
TLSv1.2 AES256-SHA
Windows 10 Internet Explorer 11
TLSv1.2 AES256-SHA
Windows 10 Edge 13
TLSv1.2 AES256-SHA
Windows Phone 10 Edge 13
TLSv1.2 AES256-SHA
Windows 7 Opera 17
TLSv1.2 AES256-SHA
MacOSX 10.6.8 Safari 5.1.9
No connection
iOS 7 Safari 7
TLSv1.2 AES256-SHA
MacOSX 10.11 Safari 9
TLSv1.2 AES256-SHA
MacOSX 10.12 Safari 10
TLSv1.2 AES256-SHA
iOS 9 App Transport Security 9
TLSv1.2 ECDHE-RSA-AES128-SHA
Windows 7 Tor 7.0.9
No connection
Java 6 update 45
No connection
Java 7 update 25
No connection
Java 8 update 31
TLSv1.2 AES128-SHA
OpenSSL 1.1.1
TLSv1.2 AES256-SHA
OpenSSL 1.0.2e
TLSv1.2 AES256-SHA