batmanapollo.ru

Score 87/100

Web site information

Web Address
batmanapollo.ru
IP Address
81.200.117.113
Font Scripts
Font Awesome
Analytics
Liveinternet
Web Servers
Nginx
Programming Languages
PHP
CMS
WordPress
JavaScript Frameworks
jQuery

SEO data

title
Я-ОПСУИМОЛОГ
viewport
width=device-width, initial-scale=1
description
Опсуимолог. Мысли. Слова. Действия. Власть. Дело. Отношения. Воспоминания. Восприятие. Воображение. Интелектуальное. Эмоциональное. Экзистенциональное.
robots
follow, index, max-snippet:-1, max-video-preview:-1, max-image-preview:large
twitter:card
summary_large_image
twitter:title
Я-ОПСУИМОЛОГ
twitter:description
Опсуимолог. Мысли. Слова. Действия. Власть. Дело. Отношения. Воспоминания. Восприятие. Воображение. Интелектуальное. Эмоциональное. Экзистенциональное.
twitter:label1
Автор
twitter:data1
Опсуимолог
twitter:label2
Время чтения
twitter:data2
Меньше минуты
generator
speculation-rules 1.5.0
msapplication-TileImage
https://batmanapollo.ru/wp-content/uploads/2019/10/cropped-halloween-3726901_960_720-1-270x270.png

Security Rating

Rating spec
SSL Labs's 'SSL Server Rating Guide' (version 2009q from 2020-01-30)
Rating doc
View Rating Documentation
Protocol support score
95
Protocol support score weighted
28
Key exchange score
90
Key exchange score weighted
27
Strength score
90
Strength score weighted
36
Final score
91
Overall grade
B
Grade cap reason 1
Grade capped to B. TLS 1.1 offered
Grade cap reason 2
Grade capped to B. TLS 1.0 offered
Grade cap reason 3
Grade capped to A. HSTS is not offered

Protocols

SSLv2
not offered
SSLv3
not offered
TLS 1.0
offered (deprecated)
TLS 1.1
offered (deprecated)
TLS 1.2
offered
TLS 1.3
offered with final
ALPN HTTP2
h2
ALPN
http/1.1

Vulnerabilities

heartbleed
not vulnerable, no heartbeat extension
CCS
not vulnerable
ticketbleed
not vulnerable
ROBOT
not vulnerable, no RSA key transport cipher
SSL renegotiation
supported
SSL client renegotiation
not vulnerable
CRIME TLS
not vulnerable
BREACH
potentially VULNERABLE, gzip HTTP compression detected - only supplied '/' tested
POODLE SSL
not vulnerable, no SSLv3
fallback SCSV
supported
SWEET32
not vulnerable
FREAK
not vulnerable
DROWN
not vulnerable on this host and port
DROWN hint
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=9453F8F6C44671C9CF1417FCDEDD1B31856ADA15812660018D083D96C24F636D
LOGJAM
not vulnerable, no DH EXPORT ciphers,
LOGJAM-common primes
no DH key with <= TLS 1.2
BEAST
VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)
LUCKY13
potentially vulnerable, uses TLS CBC ciphers
winshock
not vulnerable
RC4
not vulnerable

Header Responses

Status code
200 OK ('/')
Clock skew
0 seconds from localtime
HTTP headerTime
1746823005
HSTS
not offered
HPKP
No support for HTTP Public Key Pinning
Number of cookies
0 at '/'
security headers
--

Server Defaults

TLS extensions
'server name/#0' 'max fragment length/#1' 'supported_groups/#10' 'EC point formats/#11' 'application layer protocol negotiation/#16' 'encrypt-then-mac/#22' 'extended master secret/#23' 'session ticket/#35' 'supported versions/#43' 'key share/#51' 'next protocol/#13172' 'renegotiation info/#65281'
TLS session ticket
valid for 600 seconds only (<daily)
SSL sessionID support
yes
Session Ticket Resumption
supported
Session ID Resumption
supported
TLS timestamp
random
certificate compression
none
clientAuth
none
cert numbers
1
Signature algorithm
SHA256 with RSA
Key size
RSA 2048 bits (exponent is 65537)
Key usage
Digital Signature, Key Encipherment
Extended key usage
TLS Web Server Authentication, TLS Web Client Authentication
Serial number
068984CCC03CADF15C519193B5AEA8B6665D
cert serialNumberLen
18
Fingerprint SHA1
4E1E311C1B19E356C1257AEC75043903EF5BE654
Fingerprint SHA256
9453F8F6C44671C9CF1417FCDEDD1B31856ADA15812660018D083D96C24F636D
Certificate details
-----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgISBomEzMA8rfFcUZGTta6otmZdMA0GCSqGSIb3DQEBCwUAMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQDEwNSMTAwHhcNMjUwMzI5MDMwOTA4WhcNMjUwNjI3MDMwOTA3WjAaMRgwFgYDVQQDEw9iYXRtYW5hcG9sbG8ucnUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyUlBqZqMdRBE/85WPIo8oC4+iTS8hOpT4k4QimZt8RJjHYJsdfb7pkCurTLJFDP3wk+LxcJQHdImqiygwuoXQ5Y9ScBBbwn7nO30a0cY3o77TWoFTdfvbN4V8ekoyA2kDnujN0Yf1Cijdjh4VQEJkHyNmU4CaBTxAekgUGxjqgz5AD2lHng76Bk6I8XW4sRuG5ED7s2b13TR/gkRwN2xWnOAnLtmjv9OcVoN6kV5lm1FZiRX8bXTwsIllLqSqgYisxHS5gpa+03w9/wqF2jAtjUkTVxaoyiOppP4DUZqWhPSLcF2US1RaFM+tWtgOYpJUjQvts7E86wlmJn6I4PqNAgMBAAGjggJYMIICVDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFNrYH3hipnppqr17gbtK+wKEUayfMB8GA1UdIwQYMBaAFLu8w0el5LypxsOkcgwQjaI14cjoMFcGCCsGAQUFBwEBBEswSTAiBggrBgEFBQcwAYYWaHR0cDovL3IxMC5vLmxlbmNyLm9yZzAjBggrBgEFBQcwAoYXaHR0cDovL3IxMC5pLmxlbmNyLm9yZy8wLwYDVR0RBCgwJoIPYmF0bWFuYXBvbGxvLnJ1ghN3d3cuYmF0bWFuYXBvbGxvLnJ1MBMGA1UdIAQMMAowCAYGZ4EMAQIBMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6Ly9yMTAuYy5sZW5jci5vcmcvOTQuY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAzPsPaoVxCWX+lZtTzumyfCLphVwNl422qX5UwP5MDbAAAAGV4BV8HQAABAMARzBFAiEA3q8ZhvKyLgOrDEuW7oSK8HXPF3FHoglmQAsG6+TyYdkCIE6qzMiQP6tph+qbiQ+037D8as1DMXVDdLv2d2gkmSJ3AHYAzxFW7tUufK/zh1vZaS6b6RpxZ0qwF+ysAdJbd87MOwgAAAGV4BWEGgAABAMARzBFAiEAmHag/OUB0adjDmVuhLoFB94rEKGjr2oB+EFftDoks4ICIE7Q44URZYdjhpCe9Jt3nllCZDKHYlpIHP96IU+GJ8t6MA0GCSqGSIb3DQEBCwUAA4IBAQCS3ESSo5iuwXToa7bhe5q6/L6CTpZ0n8gIDH+xaPYrsvw6LYn5p9WhWUELT4Smdx5wlwRlgHbL7tH62CZ3Bs4SNvrhpNYu93vtlsEZnvYWEir4eqoGCdnbsVyWq9vN3ao3iF+PmoyyiJF25c23fDuA9QMS+OTwkt9D7l2Ck6xYMMEvEqVGffJqCyT1jVEAJjvAcB291GtfSuJAFTQC6wHj0IRD6Goxq2waXduM70EcNK2N5N0sfTDwRQwETXHm3SrGV2EX6QQcEeRaNS19nE4ImZpmB/PC+14PTV0cNASURQVXKbXchZuQ/erV/0RuEWjrb/lQWlt9qtQ8lfPtvJn/ -----END CERTIFICATE-----
Common names
batmanapollo.ru
Service Name Indication
batmanapollo.ru
SubjectAlternative Name
batmanapollo.ru www.batmanapollo.ru
Certificate trusted
Ok via SAN and CN (same w/o SNI)
Certificate chain trusted
passed.
Is certificate Extended Validation
no
cert expirationStatus
48 >= 30 days
Valid from
2025-03-29 03:09
Valid until
2025-06-27 03:09
cert extlifeSpan
certificate has no extended life time according to browser forum
cert eTLS
not present
cert crlDistributionPoints
http://r10.c.lencr.org/94.crl
Online Certificate Status Protocol URL
http://r10.o.lencr.org
OCSP stapling
not offered
cert mustStapleExtension
--
DNS CAArecord
--
certificate transparency
yes (certificate extension)
Chain
2
certs list ordering problem
no
Certificate authority issuers
R10 (Let's Encrypt from US)
intermediate cert
-----BEGIN CERTIFICATE----- MIIFBTCCAu2gAwIBAgIQS6hSk/eaL6JzBkuoBI110DANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yNDAzMTMwMDAwMDBaFw0yNzAzMTIyMzU5NTlaMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQDEwNSMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPV+XmxFQS7bRH/sknWHZGUCiMHT6I3wWd1bUYKb3dtVq/+vbOo76vACFLYlpaPAEvxVgD9on/jhFD68G14BQHlo9vH9fnuoE5CXVlt8KvGFs3Jijno/QHK20a/6tYvJWuQP/py1fEtVt/eA0YYbwX51TGu0mRzW4Y0YCF7qZlNrx06rxQTOr8IfM4FpOUurDTazgGzRYSespSdcitdrLCnF2YRVxvYXvGLe48E1KGAdlX5jgc3421H5KRmudKHMxFqHJV8LDmowfs/acbZp4/SItxhHFYyTr6717yW0QrPHTnj7JHwQdqzZq3DZb3EoEmUVQK7GH29/Xi8orIlQ2NAgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBS7vMNHpeS8qcbDpHIMEI2iNeHI6DAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0gBAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVuY3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAkrHnQTfreZ2B5s3iJeE6IOmQRJWjgVzPw139vaBw1bGWKCIL0vIozwzn1OZDjCQiHcFCktEJr59L9MhwTyAWsVrdAfYf+B9haxQnsHKNY67u4s5Lzzfdu6PUzeetUK29v+PsPmI2cJkxp+iN3epi4hKu9ZzUPSwMqtCceb7qPVxEbpYxY1p91n5PJKBLBX9eb9LU6l8zSxPWV7bK3lG4XaMJgnT9x3ies7msFtpKK5bDtotij/l0GaKeA97pb5uwD9KgWvaFXMIEt8jVTjLEvwRdvCn294GPDF08U8lAkIv7tghluaQh1QnlE4SEN4LOECj8dsIGJXpGUk3aU3KkJz9icKy+aUgA+2cP21uh6NcDIS3XyfaZQjmDQ993ChII8SXWupQZVBiIpcWO4RqZk3lr7Bz5MUCwzDIA359e57SSq5CCkY0N4B6Vulk7LktfwrdGNVI5BsC9qqxSwSKgRJeZ9wygIaehbHFHFhcBaMDKpiZlBHyzrsnnlFXCb5s8HKn5LsUgGvB24L7sGNZP2CX7dhHov+YhD+jozLW2p9W4959Bz2EiRmqDtmiXLnzqTpXbI+suyCsohKRg6Un0RC47+cpiVwHiXZAW+cn8eiNIjqbVgXLxKPpdzvvtTnOPlC7SQZSYmdunr3Bf9b77AiC/ZidstK36dRILKz7OA54= -----END CERTIFICATE-----
intermediate cert fingerprintSHA256
9D7C3F1AA6AD2B2EC0D5CF1E246F8D9AE6CBC9FD0755AD37BB974B1F2FB603F3
intermediate cert notBefore
2024-03-13 00:00
intermediate cert notAfter
2027-03-12 23:59
intermediate cert expiration
ok > 40 days
intermediate cert chain
R10 <-- ISRG Root X1
intermediate cert badOCSP
intermediate certificate(s) is/are ok

Server Preferences

order-tls1
server
order TLSv1
ECDHE-RSA-AES256-SHA
order-tls1 1
server
order TLSv1 1
ECDHE-RSA-AES256-SHA
order-tls1 2
server
order TLSv1 2
ECDHE-RSA-AES256-GCM-SHA384
order
server

Ciphers

Browser Simulations

Android 7.0
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-android 81
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-android 90
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-android X
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-android 11 12
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-android 13 14
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-chrome 101 win10
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-chromium 137 win11
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-firefox 100 win10
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-firefox 137 win11
TLSv1.3 TLS_AES_256_GCM_SHA384
Windows 7 Internet Explorer 8
TLSv1.0 ECDHE-RSA-AES256-SHA
Windows 7 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES128-SHA256
Windows 8.1 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES128-SHA256
clientsimulation-ie 11 winphone81
TLSv1.2 ECDHE-RSA-AES128-SHA256
Windows 10 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-edge 15 win10
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-edge 101 win10 21h2
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-edge 133 win11 23h2
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-safari 184 ios 184
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-safari 154 osx 1231
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-safari 184 osx 154
TLSv1.3 TLS_AES_256_GCM_SHA384
Java 7 update 25
TLSv1.0 ECDHE-RSA-AES128-SHA
clientsimulation-java 80442
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-java 1102
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-java 1703
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-java 2106
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-go 1178
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-libressl 336
TLSv1.3 TLS_AES_256_GCM_SHA384
OpenSSL 1.0.2e
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-openssl 111d
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-openssl 315
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-openssl 350
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-apple mail 16 0
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-thunderbird 91 9
TLSv1.3 TLS_AES_256_GCM_SHA384