server205.hostfactory.ch

Score 85/100

Web site information

Website image server205.hostfactory.ch
IP Address
Font Scripts
Google Font API
Web Servers
IIS
Web Frameworks
Microsoft ASP.NET
JavaScript Frameworks
jQuery
Operating Systems
Windows Server

SEO data

title
Hosting, Webhosting and Virtual Server by hostfactory.ch
robots
noindex

Web site external calls

ajax.googleapis.com
www.hostfactory.ch
fonts.googleapis.com
ocsp.usertrust.com
ocsp.sectigo.com
fonts.gstatic.com

Protocols

SSLv2
not offered
SSLv3
not offered
TLS 1.0
offered
TLS 1.1
offered
TLS 1.2
offered
TLS 1.3
not offered and downgraded to a weaker protocol
ALPN
not offered

Vulnerabilities

heartbleed
not vulnerable, no heartbeat extension
CCS
not vulnerable
ticketbleed
no session ticket extension
ROBOT
not vulnerable
SSL renegotiation
not vulnerable
SSL client renegotiation
not vulnerable
CRIME TLS
not vulnerable
BREACH
potentially VULNERABLE, uses gzip HTTP compression - only supplied '/' tested
POODLE SSL
not vulnerable
fallback SCSV
NOT supported
SWEET32
uses 64 bit block ciphers
FREAK
not vulnerable
DROWN
not vulnerable to DROWN on this host and port
DROWN
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=9564563CB7D7B59AF7489613903B2CB784BDC3D1C3CFD78BDD0F39C6F08A6A74
LOGJAM
not vulnerable, no DH EXPORT ciphers,
LOGJAM-common primes
no DH key
BEAST
VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)
LUCKY13
potentially vulnerable, uses TLS CBC ciphers
RC4
not vulnerable

Header Responses

Status code
200 OK ('/')
Clock skew
-1 seconds from localtime
HSTS
not offered
HPKP
No support for HTTP Public Key Pinning
security headers
--

Server Defaults

TLS extensions
'status request/#5' 'renegotiation info/#65281' 'extended master secret/#23'
TLS session ticket
No lifetime advertised
SSL sessionID support
yes
Session Ticket Resumption
not supported
Session ID Resumption
not supported
TLS timestamp
off by -3 seconds from your localtime
Signature algorithm
SHA256 with RSA
Key size
2048 bits
Key usage
Digital Signature, Key Encipherment
Extended key usage
cert_ext_keyusage
Serial number
CF39E1AFD74FE00201A76602BEEEE9F4
Fingerprint SHA1
865E06D7EA81718D051E8AB5819D2862D92AB694
Fingerprint SHA256
9564563CB7D7B59AF7489613903B2CB784BDC3D1C3CFD78BDD0F39C6F08A6A74
Certificate details
-----BEGIN CERTIFICATE----- MIIGOzCCBSOgAwIBAgIRAM854a/XT+ACAadmAr7u6fQwDQYJKoZIhvcNAQELBQAw gY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UE AxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD QTAeFw0yMTExMTEwMDAwMDBaFw0yMjEyMTIyMzU5NTlaMBsxGTAXBgNVBAMMECou aG9zdGZhY3RvcnkuY2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDr 7KVL2bz9NTHGR70ccweA5YvB1gvw+y9xdpqnp+/M9UJOuJkYnoXqkR7pzp2xXWxl xF/j+HjgFBFVZrIuAEGP+W6hz9oo5HIEqndbCMnad5iI/DT/GGNKZnsB8Gh3/90k oTxYmnFfLyfy0/KXu+y64oda477Mf//OwrBQP5UhhOU7oOlxilF4BUtAv22dONPh kxg4v2v4Hav8kVBJhaWE6stkNODeAOj6vQXjL5dRa/+jthRbMlSIxkCSi7hXZOWs BH8hXNka7qXX7nqQ3LYuT38I6KAShWMUFxiCdK6BvR91k3zsq+y+k0WbRekLMg5V AoHS6cbcK3e+ysJnj4dLAgMBAAGjggMDMIIC/zAfBgNVHSMEGDAWgBSNjF7EVK2K 4Xfpm/mbBeG4AY1h4TAdBgNVHQ4EFgQULpAlOAuryGeMCqD5gnJVYLJA4f0wDgYD VR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMEkGA1UdIARCMEAwNAYLKwYBBAGyMQECAgcwJTAjBggrBgEFBQcC ARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EMAQIBMIGEBggrBgEFBQcB AQR4MHYwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGln b1JTQURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUH MAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMCsGA1UdEQQkMCKCECouaG9zdGZh Y3RvcnkuY2iCDmhvc3RmYWN0b3J5LmNoMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFr AWkAdgBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiFq/L8cP5tRwAAAX0PKrDUAAAE AwBHMEUCIQDhlWuBsysJGvd6ZJ5iNEOh74FUEHvTY6ZNhAObSZalygIgW3+tcDeT CjXqLZ6YNO0gVJnO7+adyoOHipN2aZaRILYAdwDfpV6raIJPH2yt7rhfTj5a6s2i EqRqXo47EsAgRFwqcwAAAX0PKrB2AAAEAwBIMEYCIQCP62woZwL7tyWlnOsp+gzJ khWvw4Yt9i5vQVPFiuKbTQIhAPEgya5wYhR8Y5oKtWW5mOhr0lMU87lp5SUqT8tI XWOqAHYAKXm+8J45OSHwVnOfY6V35b5XfZxgCvj5TV0mXCVdx4QAAAF9DyqwdQAA BAMARzBFAiEAjoF3+vT0Yayn5vkdpD9HzRPcDVtMU/SLQzZ6Psfw7wYCIGB6EHH+ hIWxUhaWgY2wq0HNKOPb6yWtTtVCPf2oIs5rMA0GCSqGSIb3DQEBCwUAA4IBAQDH fKkMT3OBMSicRsUEB2rZXQvM19L/lwvpkJDQc/52lkBtLmWoeAuRhLQVW93dEusR oxmNWKXoa7P3x8SvCadS8wZsscY5PJIXjomaa+1kGmKr62CVUVloGEyIHNB/qz2L 1mYP+oRZxc1AxUvlCq+8M+lWrp/zkpC07qSvLzIRdJMjhPmSWtplU9Lxy+O9NA/N uv+tlW+6bSrPsW18iZGfG4nlIdRADLmDa4JPjHKYmXagjhTEFL6MarWhgxP3M9FZ qWoXLdjK0Y2g+T4AJJbRb5XdYjEA/DZ4p9/91Ima1m4+g7+A/j3riurq9UYOtNpM s2CSNfnJ9AZCvn54mQdP -----END CERTIFICATE-----
Common names
*.hostfactory.ch
Service Name Indication
*.hostfactory.ch
SubjectAlternative Name
*.hostfactory.ch hostfactory.ch
Certificate authority issuers
Sectigo RSA Domain Validation Secure Server CA (Sectigo Limited from GB)
Certificate trusted
Ok via SAN wildcard and CN wildcard (same w/o SNI)
Certificate chain trusted
passed.
Is certificate Extended Validation
no
Days before expiry
372 >= 60 days
Valid from
2021-11-11 01:00
Valid until
2022-12-13 00:59
Chain
2
CRL distribution points
--
Online Certificate Status Protocol URL
http://ocsp.sectigo.com
OCSP stapling
offered
cert mustStapleExtension
--
DNS CAArecord
--
certificate transparency
yes (certificate extension)

Server Preferences

order
server
Which protocol negotiated
Default protocol TLS1.2
negotiated
ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521) (cbc)
order TLSv1
ECDHE-RSA-AES256-SHA
order TLSv1 1
ECDHE-RSA-AES256-SHA
order TLSv1 2
ECDHE-RSA-AES256-SHA384

Perfect Forward Secrecy

PFS
offered
PFS s
ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
ECDHE curves
prime256v1 secp384r1 secp521r1

Ciphers

ECDHE-RSA-AES256-SHA384 ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
(0xc028)
ECDHE-RSA-AES256-SHA ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
(0xc014)
AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
(0x35)
ECDHE-RSA-AES128-SHA256 ECDH 521 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
(0xc027)
ECDHE-RSA-AES128-SHA ECDH 521 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
(0xc013)
AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
(0x2f)
DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA
(0x0a)

Browser Simulations

Android 2.3.7
TLSv1.0 AES128-SHA
Android 4.1.1
TLSv1.0 ECDHE-RSA-AES256-SHA
Android 4.3
TLSv1.0 ECDHE-RSA-AES256-SHA
Android 4.4.2
TLSv1.2 ECDHE-RSA-AES256-SHA
Android 5.0.0
TLSv1.2 ECDHE-RSA-AES256-SHA
Android 6.0
TLSv1.2 ECDHE-RSA-AES256-SHA
Android 7.0
TLSv1.2 ECDHE-RSA-AES256-SHA
Windows Chrome 51
TLSv1.2 ECDHE-RSA-AES256-SHA
Windows Chrome 57
TLSv1.2 ECDHE-RSA-AES256-SHA
Windows Firefox 47
TLSv1.2 ECDHE-RSA-AES256-SHA
Windows Firefox 53
TLSv1.2 ECDHE-RSA-AES256-SHA
Windows XP Internet Explorer 6
No connection
Windows Vista Internet Explorer 7
TLSv1.0 ECDHE-RSA-AES256-SHA
Windows XP Internet Explorer 8
TLSv1.0 DES-CBC3-SHA
Windows 7 Internet Explorer 8
TLSv1.0 ECDHE-RSA-AES256-SHA
Windows 7 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-SHA384
Windows 8.1 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-SHA384
Windows 8.1 update Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-SHA384
Windows 10 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-SHA384
Windows 10 Edge 13
TLSv1.2 ECDHE-RSA-AES256-SHA384
Windows Phone 10 Edge 13
TLSv1.2 ECDHE-RSA-AES256-SHA384
Windows 7 Opera 17
TLSv1.2 ECDHE-RSA-AES256-SHA
MacOSX 10.6.8 Safari 5.1.9
TLSv1.0 ECDHE-RSA-AES256-SHA
iOS 7 Safari 7
TLSv1.2 ECDHE-RSA-AES256-SHA384
MacOSX 10.11 Safari 9
TLSv1.2 ECDHE-RSA-AES256-SHA384
MacOSX 10.12 Safari 10
TLSv1.2 ECDHE-RSA-AES256-SHA384
iOS 9 App Transport Security 9
TLSv1.2 ECDHE-RSA-AES256-SHA384
Windows 7 Tor 7.0.9
TLSv1.0 ECDHE-RSA-AES256-SHA
Java 6 update 45
No connection
Java 7 update 25
TLSv1.0 ECDHE-RSA-AES128-SHA
Java 8 update 31
TLSv1.2 ECDHE-RSA-AES128-SHA256
OpenSSL 1.1.1
TLSv1.2 ECDHE-RSA-AES256-SHA384
OpenSSL 1.0.2e
TLSv1.2 ECDHE-RSA-AES256-SHA384