service.agrismart.co.nz

Score 88/100

Web site information

Website image service.agrismart.co.nz
IP Address
Web Servers
Apache
Font Scripts
Font Awesome
Programming Languages
PHP
Web Frameworks
Bootstrap
Operating Systems
Ubuntu
JavaScript Frameworks
jQuery

SEO data

title
Login to AgriSmart
viewport
width=device-width, initial-scale=1

Web site external calls

fonts.googleapis.com
maxcdn.bootstrapcdn.com
code.jquery.com
fonts.gstatic.com

Protocols

SSLv2
not offered
SSLv3
not offered
TLS 1.0
not offered
TLS 1.1
is not offered
TLS 1.2
offered
TLS 1.3
offered with final
ALPN
http/1.1

Vulnerabilities

heartbleed
not vulnerable, no heartbeat extension
CCS
not vulnerable
ticketbleed
not vulnerable
ROBOT
not vulnerable
SSL renegotiation
not vulnerable
SSL client renegotiation
not vulnerable
CRIME TLS
not vulnerable
BREACH
not vulnerable, no HTTP compression - only supplied '/' tested
POODLE SSL
not vulnerable
fallback SCSV
no protocol below TLS 1.2 offered
SWEET32
not vulnerable
FREAK
not vulnerable
DROWN
not vulnerable to DROWN on this host and port
DROWN
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=D46A37AB4AC3FEBEEF192A41A38FB6E277123407AB5F48129FD003D31D067420
LOGJAM-common primes
'RFC3526/Oakley Group 14'
LOGJAM
not vulnerable, no DH EXPORT ciphers,
BEAST
not vulnerable, no SSL3 or TLS1
LUCKY13
potentially vulnerable, uses TLS CBC ciphers
RC4
not vulnerable

Header Responses

Status code
302 Found ('/')
Clock skew
0 seconds from localtime
HSTS
not offered
HPKP
No support for HTTP Public Key Pinning
security headers
--

Server Defaults

TLS extensions
'renegotiation info/#65281' 'server name/#0' 'EC point formats/#11' 'session ticket/#35' 'supported versions/#43' 'key share/#51' 'supported_groups/#10' 'max fragment length/#1' 'application layer protocol negotiation/#16' 'encrypt-then-mac/#22' 'extended master secret/#23'
TLS session ticket
valid for 300 seconds only (<daily)
SSL sessionID support
yes
Session Ticket Resumption
supported
Session ID Resumption
supported
TLS timestamp
random
Signature algorithm
SHA256 with RSA
Key size
2048 bits
Key usage
Digital Signature, Key Encipherment
Extended key usage
cert_ext_keyusage
Serial number
077FDBE319B45316D10C0B1AD01A8153
Fingerprint SHA1
C48C60DE0AFAC4D04F219C39D195094651DDE5C1
Fingerprint SHA256
D46A37AB4AC3FEBEEF192A41A38FB6E277123407AB5F48129FD003D31D067420
Certificate details
-----BEGIN CERTIFICATE----- MIIGFzCCBP+gAwIBAgIQB3/b4xm0UxbRDAsa0BqBUzANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypS YXBpZFNTTCBUTFMgRFYgUlNBIE1peGVkIFNIQTI1NiAyMDIwIENBLTEwHhcNMjEw MzA4MDAwMDAwWhcNMjIwMzA4MjM1OTU5WjAiMSAwHgYDVQQDExdzZXJ2aWNlLmFn cmlzbWFydC5jby5uejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALuk 8Ff0ufJBvbMo+P9JZtpLwqtpnoWLIwzDr2STqTopLW6XCMzy5l8QbZj8vyNJj/Kr j3jLcbgqfXcwkcqQzMhzhJUsikPiRAGmrC3ZfyR/APilXl0plm4Cxonbw+CwUbNm MglAC1Nb/0BlrVrEGjzRVTbhlDsFGTJFM1+gik/c9fpmF5ITQoBjGR4+kEngB7Jw G4AJe/MN+ffuLb8eAkqp1+hXmUbMx60AthLO+Ovo1ERn4rPrbT1Tql3+33reHC7s 85/KzzFofSz0fAuWIsg/Pp+bEM+fNXcl4uS4ywbGOji77s6y1gH8FsMf3u7egtXG 58mP78Mxq5vAudCjFKMCAwEAAaOCAxAwggMMMB8GA1UdIwQYMBaAFKSN5b58eeRw I20uKTStI1jc9TF/MB0GA1UdDgQWBBTQ0uY8bDddT5DEA1o+YykgqvP8aDAiBgNV HREEGzAZghdzZXJ2aWNlLmFncmlzbWFydC5jby5uejAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGbBgNVHR8EgZMwgZAwRqBE oEKGQGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9SYXBpZFNTTFRMU0RWUlNBTWl4 ZWRTSEEyNTYyMDIwQ0EtMS5jcmwwRqBEoEKGQGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0 LmNvbS9SYXBpZFNTTFRMU0RWUlNBTWl4ZWRTSEEyNTYyMDIwQ0EtMS5jcmwwPgYD VR0gBDcwNTAzBgZngQwBAgEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdp Y2VydC5jb20vQ1BTMIGFBggrBgEFBQcBAQR5MHcwJAYIKwYBBQUHMAGGGGh0dHA6 Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBPBggrBgEFBQcwAoZDaHR0cDovL2NhY2VydHMu ZGlnaWNlcnQuY29tL1JhcGlkU1NMVExTRFZSU0FNaXhlZFNIQTI1NjIwMjBDQS0x LmNydDAJBgNVHRMEAjAAMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYARqVV63X6 kSAwtaKJafTzfREsQXS+/Um4havy/HD+bUcAAAF4EvVCMQAABAMARzBFAiEAioEa 5/FIEgvKEh8ceaSPczV9E2+nUTtUXMqtjxEKD/ACIHhRavdMf7CQjftdGVjUy+9d mHQBSVGI3EAt1gi/zPiuAHYAIkVFB1lVJFaWP6Ev8fdthuAjJmOtwEt/XcaDXG7i DwIAAAF4EvVCRwAABAMARzBFAiADKr0sAnWhB/+298CYdAehKPbNVZxNWQ7GSSZI 1tvKnQIhAI5MIf8Jo4RXN9vH2GyuO/28PDAl4Dz2XOFrXwbuWBYFMA0GCSqGSIb3 DQEBCwUAA4IBAQAB4UWpxIz0oU5bilLQNX2whNtkxBRol1EeZ+IBoFoozEsTvQyK 6qnCP4rYzmlrZa4WrRtKqcSZNzHyS3uF6kBTn1Y1W7y9WziXYYIArwEbMX3ZWbxs y4KovU7B49A6OrtPZPFAvjZru1JHyR6e/fWeMh4MBlhY75HCSlsaS6gN/lxSbJL7 w9fV+gAjQEzHHKpeRQXWSC9ksjGoDDElHsz4/K+O88vML0Q8I4bnKUamSd0xf9TQ m7Piw2X4/zCefa1g6q6N01i941MetwyFocBZXMjs2NATj0WI3tafKhS4kVaKYFrL p0PgABc9GiwwDTO80h6DZDolMTe/TVbF5ofZ -----END CERTIFICATE-----
Common names
service.agrismart.co.nz
Service Name Indication
service.agrismart.co.nz
SubjectAlternative Name
service.agrismart.co.nz
Certificate authority issuers
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 (DigiCert Inc from US)
Certificate trusted
Ok via SAN and CN (same w/o SNI)
Certificate chain trusted
passed.
Is certificate Extended Validation
no
Days before expiry
97 >= 60 days
Valid from
2021-03-08 01:00
Valid until
2022-03-09 00:59
Chain
2
CRL distribution points
http://crl3.digicert.com/RapidSSLTLSDVRSAMixedSHA2562020CA-1.crl http://crl4.digicert.com/RapidSSLTLSDVRSAMixedSHA2562020CA-1.crl
Online Certificate Status Protocol URL
http://ocsp.digicert.com
OCSP stapling
not offered
cert mustStapleExtension
--
DNS CAArecord
--
certificate transparency
yes (certificate extension)

Server Preferences

order
NOT cipher order configured
Which protocol negotiated
Default protocol TLS1.3
negotiated
TLS13-AES-256-GCM-SHA384, 253 bit ECDH (X25519) (limited sense as client will pick)
order
at (limited sense as client will pick)
order
at (limited sense as client will pick)
order
at (limited sense as client will pick)
order
at (limited sense as client will pick)
order TLSv1.2
ECDHE-RSA-AES256-GCM-SHA384 at TLSv1.2 (limited sense as client will pick)
order TLSv1.3
TLS13-AES-128-GCM-SHA256 at TLSv1.3 (limited sense as client will pick)

Perfect Forward Secrecy

PFS
offered
PFS s
DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA128-SHA256 DHE-RSA-CAMELLIA128-SHA DHE-RSA-CAMELLIA256-SHA256 DHE-RSA-CAMELLIA256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-CAMELLIA128-SHA256 ECDHE-RSA-CAMELLIA256-SHA384
ECDHE curves
prime256v1 secp384r1 secp521r1

Ciphers

ECDHE-RSA-AES256-GCM-SHA384 ECDH 521 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(0xc030)
ECDHE-RSA-AES256-SHA384 ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
(0xc028)
ECDHE-RSA-AES256-SHA ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
(0xc014)
DHE-RSA-AES256-GCM-SHA384 DH 2048 AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
(0x9f)
DHE-RSA-AES256-SHA256 DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
(0x6b)
DHE-RSA-AES256-SHA DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
(0x39)
ECDHE-RSA-CAMELLIA256-SHA384 ECDH 521 Camellia 256 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
(0xc077)
DHE-RSA-CAMELLIA256-SHA256 DH 2048 Camellia 256 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
(0xc4)
DHE-RSA-CAMELLIA256-SHA DH 2048 Camellia 256 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
(0x88)
AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
(0x9d)
AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
(0x3d)
AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
(0x35)
CAMELLIA256-SHA256 RSA Camellia 256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
(0xc0)
CAMELLIA256-SHA RSA Camellia 256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
(0x84)
ECDHE-RSA-AES128-GCM-SHA256 ECDH 521 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(0xc02f)
ECDHE-RSA-AES128-SHA256 ECDH 521 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
(0xc027)
ECDHE-RSA-AES128-SHA ECDH 521 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
(0xc013)
DHE-RSA-AES128-GCM-SHA256 DH 2048 AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
(0x9e)
DHE-RSA-AES128-SHA256 DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
(0x67)
DHE-RSA-AES128-SHA DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
(0x33)
ECDHE-RSA-CAMELLIA128-SHA256 ECDH 521 Camellia 128 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
(0xc076)
DHE-RSA-CAMELLIA128-SHA256 DH 2048 Camellia 128 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
(0xbe)
DHE-RSA-CAMELLIA128-SHA DH 2048 Camellia 128 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
(0x45)
AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
(0x9c)
AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
(0x3c)
AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
(0x2f)
CAMELLIA128-SHA256 RSA Camellia 128 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
(0xba)
CAMELLIA128-SHA RSA Camellia 128 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
(0x41)

Browser Simulations

Android 2.3.7
No connection
Android 4.1.1
No connection
Android 4.3
No connection
Android 4.4.2
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Android 5.0.0
TLSv1.2 ECDHE-RSA-AES256-SHA
Android 6.0
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Android 7.0
TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305
Windows Chrome 51
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows Chrome 57
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows Firefox 47
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows Firefox 53
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows XP Internet Explorer 6
No connection
Windows Vista Internet Explorer 7
No connection
Windows XP Internet Explorer 8
No connection
Windows 7 Internet Explorer 8
No connection
Windows 7 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-SHA384
Windows 8.1 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-SHA384
Windows 8.1 update Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-SHA384
Windows 10 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows 10 Edge 13
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows Phone 10 Edge 13
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows 7 Opera 17
TLSv1.2 ECDHE-RSA-AES256-SHA
MacOSX 10.6.8 Safari 5.1.9
No connection
iOS 7 Safari 7
TLSv1.2 ECDHE-RSA-AES256-SHA384
MacOSX 10.11 Safari 9
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
MacOSX 10.12 Safari 10
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
iOS 9 App Transport Security 9
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows 7 Tor 7.0.9
No connection
Java 6 update 45
No connection
Java 7 update 25
No connection
Java 8 update 31
TLSv1.2 ECDHE-RSA-AES128-SHA256
OpenSSL 1.1.1
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
OpenSSL 1.0.2e
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384