be-bio-hotels.de

Score 94/100

Web site information

Web Address
be-bio-hotels.de
IP Address
153.92.201.177
Web Servers
Apache
Font Scripts
Font Awesome
Tag Managers
Google Tag Manager
CMS
WordPress
JavaScript Frameworks
jQuery
Mobile Frameworks
jQuery Mobile
Programming Languages
PHP

SEO data

title
Biohotels ▷ BE BIO Hotels | Bio erleben | Bio genießen | Bio entspannen | Nordsee Biohotels Schleswig-Holstein
robots
max-image-preview:large
google-site-verification
0HW3wCsqZSaWOE-Khq_hy7BLfq18VWA0WXIgdHoOMLg
keywords
biohotels,biohotels deutschland,biohotels nordsee
generator
WordPress 6.4.4
viewport
width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0
msapplication-TileImage
https://be-bio-hotels.de/wp-content/uploads/2020/05/cropped-Favicon-270x270.jpg

Protocols

SSLv2
not offered
SSLv3
not offered
TLS 1.0
not offered
TLS 1.1
not offered
TLS 1.2
offered
TLS 1.3
offered with final
ALPN HTTP2
h2
ALPN
http/1.1

Vulnerabilities

heartbleed
not vulnerable, no heartbeat extension
CCS
not vulnerable
ticketbleed
not vulnerable
ROBOT
not vulnerable
SSL renegotiation
supported
SSL client renegotiation
not vulnerable
CRIME TLS
not vulnerable
BREACH
potentially VULNERABLE, gzip HTTP compression detected - only supplied '/' tested
POODLE SSL
not vulnerable, no SSLv3
fallback SCSV
no protocol below TLS 1.2 offered
SWEET32
not vulnerable
FREAK
not vulnerable
DROWN
not vulnerable on this host and port
DROWN hint
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=CA56F79BC6089383500E9B12D57767B628D5AE1FB6F3FEDCA9F7E2C58C1DEEA7
LOGJAM-common primes
RFC5114/2048-bit DSA group with 224-bit prime order subgroup
LOGJAM
not vulnerable, no DH EXPORT ciphers,
BEAST
not vulnerable, no SSL3 or TLS1
LUCKY13
potentially vulnerable, uses TLS CBC ciphers
RC4
not vulnerable

Header Responses

Status code
200 OK ('/')
Clock skew
0 seconds from localtime
HSTS
not offered
HPKP
No support for HTTP Public Key Pinning
Number of cookies
0 at '/'
Upgrade
h2,h2c
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Pragma
no-cache

Server Defaults

TLS extensions
'renegotiation info/#65281' 'server name/#0' 'EC point formats/#11' 'session ticket/#35' 'supported versions/#43' 'key share/#51' 'supported_groups/#10' 'max fragment length/#1' 'application layer protocol negotiation/#16' 'encrypt-then-mac/#22' 'extended master secret/#23'
TLS session ticket
valid for 300 seconds only (<daily)
SSL sessionID support
yes
Session Ticket Resumption
supported
Session ID Resumption
supported
TLS timestamp
random
cert numbers
1
Signature algorithm
SHA256 with RSA
Key size
RSA 2048 bits
Key usage
Digital Signature, Key Encipherment
Extended key usage
TLS Web Server Authentication, TLS Web Client Authentication
Serial number
03B0BEA1779BA3DDE032085538384BA24876
cert serialNumberLen
18
Fingerprint SHA1
1EA6A6C5EDC9D771D3C0A06BBF5D047409CE9C71
Fingerprint SHA256
CA56F79BC6089383500E9B12D57767B628D5AE1FB6F3FEDCA9F7E2C58C1DEEA7
Certificate details
-----BEGIN CERTIFICATE----- MIIE7TCCA9WgAwIBAgISA7C+oXebo93gMghVODhLokh2MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMDMyMjUzMTBaFw0yNDA2MDEyMjUzMDlaMBsxGTAXBgNVBAMT EGJlLWJpby1ob3RlbHMuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCockvRHObB4NSkr4Vv8a8dogxsveuBXUutAhl0teeIkIqe3unEA+WefuRomjVR jvnXzJa/GXFYiwkPrKZI1MillkCe4wneNbuvFtIMVaXVh81xX7cW+xBPBP5YZ0Ux Nb7Qf7fC0rLricVP/G2XJsjROJ2qHEuALrrDrWVtCUFefA267A8Crh67wFS3Quk+ HTbSqOlOJKHVx/x4CQFd5+XmoUnBRmFQreFIf9vsfXojKGYPq1oT8XXrkfX0RW2Z Zax3UqNTSchASbVDI7fCqaf/Tem8JYjQ++LEfUFv5Tr+lxTqHg9j77cGMDEOukgf LPwBCamWoYYZ8Xi9Dwzryj2DAgMBAAGjggISMIICDjAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFHqEHiCCnAENTZOIjyM8Tz0f259UMB8GA1UdIwQYMBaAFBQusxe3WFbL rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v cmcvMBsGA1UdEQQUMBKCEGJlLWJpby1ob3RlbHMuZGUwEwYDVR0gBAwwCjAIBgZn gQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdQA7U3d1Pi25gE6LMFsG/kA7 Z9hPw/THvQANLXJv4frUFwAAAY4GvFgOAAAEAwBGMEQCIHeR3/3STOHvbrItuPYZ cKNA8k/NnjwirFWyAR1n7HH2AiApNK1Wx50+4egHc0b+zVQxQo7v5/LzDc1AVviD HK0ueAB3AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjga8WgYA AAQDAEgwRgIhAMLa3mds8JKJ6x7x740bp5FPY+zFBHuqA2tsCfhw0KyRAiEAvQYl 8KOYwly9dz170ph+2zWsubYmMhWiOMvyatM+668wDQYJKoZIhvcNAQELBQADggEB AI2J4jQlwtHaffh8+ww+6o5JvhIpsamBWnmm3xrOUv7IRfWuuBBYcySr4YAR0CSX ejVh7KUDh+tBa1tQT3kIuIvRFvLWCcTRHeqKXX/68T2Bq4PONeLkmoAs+PAvK2KA y75HjcZliEUJUS+CrmKMzlSNOpGZfo4izF5HfGkhXmpDWoiCsSqVRjItnnSJujW4 MwE1ghYLUtGTT02pX4uNfmd77dX+aM3kSt3t/ESReN+FEayg6fEFNvldsn1CmN1z QJbOyeFGVwPV1hH6aNtmcSTH+6UqvdqTCsLk5iVGsRTDqouopl+A0B2s4G3RO0Im dgiVMnUz9JqUtpjT7Y9U5R0= -----END CERTIFICATE-----
Common names
be-bio-hotels.de
Service Name Indication
*.webspaceconfig.de
SubjectAlternative Name
be-bio-hotels.de
Certificate authority issuers
R3 (Let's Encrypt from US)
Certificate trusted
Ok via SAN (SNI mandatory)
Certificate chain trusted
passed.
Is certificate Extended Validation
no
cert eTLS
not present
cert expirationStatus
40 >= 30 days
Valid from
2024-03-03 22:53
Valid until
2024-06-01 22:53
cert validityPeriod
No finding
Chain
2
certs list ordering problem
no
cert crlDistributionPoints
--
Online Certificate Status Protocol URL
http://r3.o.lencr.org
OCSP stapling
not offered
cert mustStapleExtension
--
DNS CAArecord
--
certificate transparency
yes (certificate extension)

Server Preferences

order
server
Which protocol negotiated
Default protocol TLS1.3
negotiated
TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519)
order TLSv1 2
ECDHE-RSA-AES256-GCM-SHA384

Perfect Forward Secrecy

PFS
offered
PFS s
DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
PFS ECDHE curves
prime256v1 secp384r1 secp521r1

Ciphers

ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(0xc030)
ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
(0xc028)
ECDHE-RSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
(0xc014)
DHE-RSA-AES256-GCM-SHA384 DH 2048 AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
(0x9f)
DHE-RSA-AES256-SHA256 DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
(0x6b)
DHE-RSA-AES256-SHA DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
(0x39)
AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
(0x9d)
AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
(0x3d)
AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
(0x35)
ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(0xc02f)
ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
(0xc027)
ECDHE-RSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
(0xc013)
DHE-RSA-AES128-GCM-SHA256 DH 2048 AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
(0x9e)
DHE-RSA-AES128-SHA256 DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
(0x67)
DHE-RSA-AES128-SHA DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
(0x33)
AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
(0x9c)
AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
(0x3c)
AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
(0x2f)

Browser Simulations

Android 4.4.2
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Android 5.0.0
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Android 6.0
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Android 7.0
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-android 81
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-android 90
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-android X
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-chrome 74 win10
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-chrome 79 win10
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-firefox 66 win81
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-firefox 71 win10
TLSv1.3 TLS_AES_256_GCM_SHA384
Windows XP Internet Explorer 6
No connection
Windows 7 Internet Explorer 8
No connection
Windows XP Internet Explorer 8
No connection
Windows 7 Internet Explorer 11
TLSv1.2 DHE-RSA-AES256-GCM-SHA384
Windows 8.1 Internet Explorer 11
TLSv1.2 DHE-RSA-AES256-GCM-SHA384
clientsimulation-ie 11 winphone81
TLSv1.2 ECDHE-RSA-AES128-SHA256
Windows 10 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-edge 15 win10
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-edge 17 win10
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-opera 66 win10
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-safari 9 ios9
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
MacOSX 10.11 Safari 9
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
MacOSX 10.12 Safari 10
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-safari 121 ios 122
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-safari 130 osx 10146
TLSv1.3 TLS_AES_256_GCM_SHA384
iOS 9 App Transport Security 9
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Java 6 update 45
No connection
Java 7 update 25
No connection
clientsimulation-java 8u161
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-java1102
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-java1201
TLSv1.3 TLS_AES_256_GCM_SHA384
OpenSSL 1.0.2e
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-openssl 110l
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
clientsimulation-openssl 111d
TLSv1.3 TLS_AES_256_GCM_SHA384
clientsimulation-thunderbird 68 3 1
TLSv1.3 TLS_AES_256_GCM_SHA384