jcsai.org

Score 60/100

Web site information

Website image jcsai.org
Web Address
IP Address
Web Frameworks
animate.css
Web Servers
Apache
Font Scripts
Font Awesome
CMS
WordPress
Programming Languages
PHP

SEO data

Lighthouse

Performance
38/100
Accessibility
76/100
Best Practices
69/100
SEO
81/100
PWA
40/100

Web site external calls

fonts.googleapis.com
www.googletagmanager.com
mylivechat.com
fonts.gstatic.com
www.youtube.com
www.google-analytics.com
a7.mylivechat.com
googleads.g.doubleclick.net
static.doubleclick.net
www.google.com
yt3.ggpht.com
i.ytimg.com
rr2---sn-4g5ednsd.googlevideo.com
www.google.de

Protocols

SSLv2
not offered
SSLv3
not offered
TLS 1.0
offered (deprecated)
TLS 1.1
offered (deprecated)
TLS 1.2
offered
TLS 1.3
offered with final
ALPN
http/1.1

Vulnerabilities

heartbleed
not vulnerable, no heartbeat extension
CCS
not vulnerable
ticketbleed
not vulnerable
ROBOT
not vulnerable
SSL renegotiation
supported
SSL client renegotiation
not vulnerable
CRIME TLS
not vulnerable
BREACH
potentially VULNERABLE, deflate gzip HTTP compression detected - only supplied '/' tested
POODLE SSL
not vulnerable, no SSLv3
fallback SCSV
supported
SWEET32
not vulnerable
FREAK
not vulnerable
DROWN
not vulnerable on this host and port
DROWN hint
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=BECF56A259C199E046308AC90BF09AD601CA49FFCD0C474B093D62427B98B21B
LOGJAM-common primes
RFC3526/Oakley Group 14
LOGJAM
not vulnerable, no DH EXPORT ciphers,
BEAST
VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)
LUCKY13
potentially vulnerable, uses TLS CBC ciphers
winshock
not vulnerable
RC4
not vulnerable

Header Responses

Status code
200 OK ('/')
Clock skew
0 seconds from localtime
HTTP headerTime
1642192047
HSTS
not offered
HPKP
No support for HTTP Public Key Pinning
Cache-Control
public

Server Defaults

TLS extensions
'renegotiation info/#65281' 'server name/#0' 'EC point formats/#11' 'session ticket/#35' 'status request/#5' 'supported versions/#43' 'key share/#51' 'supported_groups/#10' 'max fragment length/#1' 'application layer protocol negotiation/#16' 'encrypt-then-mac/#22' 'extended master secret/#23'
TLS session ticket
valid for 300 seconds only (<daily)
SSL sessionID support
yes
Session Ticket Resumption
supported
Session ID Resumption
supported
TLS timestamp
random
certificate compression
none
clientAuth
none
cert numbers
1
Signature algorithm
SHA256 with RSA
Key size
RSA 2048 bits (exponent is 65537)
Key usage
Digital Signature, Key Encipherment
Extended key usage
TLS Web Server Authentication, TLS Web Client Authentication
Serial number
0372B55EA7A1335C024A17990289FD56D583
cert serialNumberLen
18
Fingerprint SHA1
987278D0F2E5DF4CCAC8129634DC7FD3A9F4284D
Fingerprint SHA256
BECF56A259C199E046308AC90BF09AD601CA49FFCD0C474B093D62427B98B21B
Certificate details
-----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgISA3K1XqehM1wCSheZAon9VtWDMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMjAxMDgxODU3MDhaFw0yMjA0MDgxODU3MDdaMBgxFjAUBgNVBAMT DXd3dy5qY3NhaS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT KfRvynMg5KO1znjXM2yuxLx3dgV0nXfU0bdvv1Y8PXjlYHR84PtkSHt1NAlGC6HM vSdtQisjh/7lhljtDhSfXPxxlRYFdVep+fPADfIt1aBj8wTdQIxNUH3ch7qoR5Of kXlUiyegQHZOFf9xMrhcmNAxkNAx3A+bCDeEJhGrIOjIYG8WhH6k3XRKiwEZYSzY k5Fkz4XJF6fV2pKqFf7IOS2PZIU+GKFLSnhdgt/HNDMCmhMJhUoPd2z+N0K0QP1f 1Typd1QMa/M0km4zmUrwje0XANT5/NOvzTx+w+ILYcJ3ovkzXkl5NXxwfqEdJ8Pd Tz9VCNJ+njtSLeWoGIQrAgMBAAGjggJkMIICYDAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O BBYEFBEzuOyQ3kxO/ZKnneL5afFmwpHeMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv MDMGA1UdEQQsMCqCCWpjc2FpLm9yZ4IObWFpbC5qY3NhaS5vcmeCDXd3dy5qY3Nh aS5vcmcwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggr BgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5 AgQCBIH2BIHzAPEAdgBByMqx3yJGShDGoToJQodeTjGLGwPr60vHaPCQYpYG9gAA AX47RCY0AAAEAwBHMEUCIFrCI30eaPhr68Kdygth4wTBk636gcda9HWVxjYAWANn AiEAqCrQ9iL85+vky1XAyElyKhxrZvcOw2qwmct4iOC1LAwAdwBGpVXrdfqRIDC1 oolp9PN9ESxBdL79SbiFq/L8cP5tRwAAAX47RCZTAAAEAwBIMEYCIQDu8jMZQ60u XDPYBOdms2jwj7tc7R0jh4FACEoFU79cPgIhAMyOUnrH5Gak1lnA+WkkKpkM2NVl L0NV5ULhb+t9MZLLMA0GCSqGSIb3DQEBCwUAA4IBAQBdDhpzpA6kusiL4qzjbXML ZDioKH+zA0dv2CRVqL2t2j5VdMoj8xbkyY57UFxpmzkIkKUlm4+iUZ7f/C0AwqYl SHd8ocZ5Lkg67CStKEgMtbOQobMqOq9tmh1PVbjvVPOT7IRlyDe5CpX0N3jEJnl5 Uj4FQACV6Yr1x066gdFnuAKNzis+/LGWS/tF9JDD/v9U+ZTCPe9Y+J/ggkCen1aj 09cAiO0Q6OL4FByai5nmev5aRkyhdW5exdEsX3xCD+6K6MXEbfFpV3JqQGj782tM BQuegg47DjqMZl8601q+Qc0NvmaGL2l2GSSDbpIo6NgoGkjB6j+tYxswZLmG1ZmT -----END CERTIFICATE-----
Common names
www.jcsai.org
Service Name Indication
www.firstagros.com
SubjectAlternative Name
jcsai.org mail.jcsai.org www.jcsai.org
Certificate trusted
Ok via SAN (SNI mandatory)
Certificate chain trusted
Some certificate trust checks failed -> Microsoft (chain incomplete) Linux (chain incomplete) , OK -> Mozilla Apple
Is certificate Extended Validation
no
cert expirationStatus
83 >= 30 days
Valid from
2022-01-08 18:57
Valid until
2022-04-08 18:57
cert extlifeSpan
certificate has no extended life time according to browser forum
cert eTLS
not present
cert crlDistributionPoints
--
Online Certificate Status Protocol URL
http://r3.o.lencr.org
OCSP stapling
offered
cert ocspRevoked
not revoked
cert mustStapleExtension
--
DNS CAArecord
--
certificate transparency
yes (certificate extension)
Chain
2
certs list ordering problem
no
Certificate authority issuers
R3 (Let's Encrypt from US)
intermediate cert
-----BEGIN CERTIFICATE----- MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG /kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX nLRbwHOoq7hHwg== -----END CERTIFICATE-----
intermediate cert fingerprintSHA256
67ADD1166B020AE61B8F5FC96813C04C2AA589960796865572A3C7E737613DFD
intermediate cert notBefore
2020-09-04 00:00
intermediate cert notAfter
2025-09-15 16:00
intermediate cert expiration
ok > 40 days
intermediate cert chain
R3 <-- ISRG Root X1
intermediate cert badOCSP
intermediate certificate(s) is/are ok

Server Preferences

order
NOT a cipher order configured
Which protocol negotiated
Default protocol TLS1.3
negotiated
TLS13-AES-256-GCM-SHA384, 253 bit ECDH (X25519) (limited sense as client will pick)
-tls1 xc014
TLSv1 xc014 ECDHE-RSA-AES256-SHA ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
-tls1 x39
TLSv1 x39 DHE-RSA-AES256-SHA DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
-tls1 x35
TLSv1 x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
-tls1 xc013
TLSv1 xc013 ECDHE-RSA-AES128-SHA ECDH 521 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
-tls1 x33
TLSv1 x33 DHE-RSA-AES128-SHA DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
-tls1 x2f
TLSv1 x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
supporteds TLSv1
ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA AES256-SHA ECDHE-RSA-AES128-SHA DHE-RSA-AES128-SHA AES128-SHA
-tls1 1 xc014
TLSv1.1 xc014 ECDHE-RSA-AES256-SHA ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
-tls1 1 x39
TLSv1.1 x39 DHE-RSA-AES256-SHA DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
-tls1 1 x35
TLSv1.1 x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
-tls1 1 xc013
TLSv1.1 xc013 ECDHE-RSA-AES128-SHA ECDH 521 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
-tls1 1 x33
TLSv1.1 x33 DHE-RSA-AES128-SHA DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
-tls1 1 x2f
TLSv1.1 x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
supporteds TLSv1 1
ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA AES256-SHA ECDHE-RSA-AES128-SHA DHE-RSA-AES128-SHA AES128-SHA
-tls1 2 xc030
TLSv1.2 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 521 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
-tls1 2 xc028
TLSv1.2 xc028 ECDHE-RSA-AES256-SHA384 ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
-tls1 2 xc014
TLSv1.2 xc014 ECDHE-RSA-AES256-SHA ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
-tls1 2 x9f
TLSv1.2 x9f DHE-RSA-AES256-GCM-SHA384 DH 2048 AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
-tls1 2 x6b
TLSv1.2 x6b DHE-RSA-AES256-SHA256 DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
-tls1 2 x39
TLSv1.2 x39 DHE-RSA-AES256-SHA DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
-tls1 2 x9d
TLSv1.2 x9d AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
-tls1 2 x3d
TLSv1.2 x3d AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
-tls1 2 x35
TLSv1.2 x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
-tls1 2 xc02f
TLSv1.2 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 521 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
-tls1 2 xc027
TLSv1.2 xc027 ECDHE-RSA-AES128-SHA256 ECDH 521 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
-tls1 2 xc013
TLSv1.2 xc013 ECDHE-RSA-AES128-SHA ECDH 521 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
-tls1 2 x9e
TLSv1.2 x9e DHE-RSA-AES128-GCM-SHA256 DH 2048 AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
-tls1 2 x67
TLSv1.2 x67 DHE-RSA-AES128-SHA256 DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
-tls1 2 x33
TLSv1.2 x33 DHE-RSA-AES128-SHA DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
-tls1 2 x9c
TLSv1.2 x9c AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
-tls1 2 x3c
TLSv1.2 x3c AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
-tls1 2 x2f
TLSv1.2 x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
supporteds TLSv1 2
ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA AES256-GCM-SHA384 AES256-SHA256 AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA AES128-GCM-SHA256 AES128-SHA256 AES128-SHA

Ciphers

Browser Simulations

Android 2.3.7
TLSv1.0 AES128-SHA
Android 4.1.1
TLSv1.0 ECDHE-RSA-AES256-SHA
Android 4.3
TLSv1.0 ECDHE-RSA-AES256-SHA
Android 4.4.2
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Android 5.0.0
TLSv1.2 ECDHE-RSA-AES256-SHA
Android 6.0
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Android 7.0
TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305
Windows Chrome 51
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows Chrome 57
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows Firefox 47
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows Firefox 53
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows XP Internet Explorer 6
No connection
Windows Vista Internet Explorer 7
TLSv1.0 AES128-SHA
Windows XP Internet Explorer 8
No connection
Windows 7 Internet Explorer 8
TLSv1.0 AES128-SHA
Windows 7 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-SHA384
Windows 8.1 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-SHA384
Windows 8.1 update Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-SHA384
Windows 10 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows 10 Edge 13
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows Phone 10 Edge 13
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows 7 Opera 17
TLSv1.2 ECDHE-RSA-AES256-SHA
MacOSX 10.6.8 Safari 5.1.9
TLSv1.0 ECDHE-RSA-AES128-SHA
iOS 7 Safari 7
TLSv1.2 ECDHE-RSA-AES256-SHA384
MacOSX 10.11 Safari 9
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
MacOSX 10.12 Safari 10
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
iOS 9 App Transport Security 9
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows 7 Tor 7.0.9
TLSv1.0 ECDHE-RSA-AES256-SHA
Java 6 update 45
TLSv1.0 AES128-SHA
Java 7 update 25
TLSv1.0 ECDHE-RSA-AES128-SHA
Java 8 update 31
TLSv1.2 ECDHE-RSA-AES128-SHA256
OpenSSL 1.1.1
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
OpenSSL 1.0.2e
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384