reg.jdeiut.ir

Score 91/100

Web site information

Website image reg.jdeiut.ir
Web Address
IP Address
Web Servers
IIS
Operating Systems
Windows Server

SEO data

Lighthouse

Performance
97/100
Accessibility
92/100
Best Practices
77/100
SEO
85/100
PWA
30/100

Protocols

SSLv2
not offered
SSLv3
not offered
TLS 1.0
offered (deprecated)
TLS 1.1
offered (deprecated)
TLS 1.2
offered
TLS 1.3
not offered + downgraded to weaker protocol
ALPN HTTP2
h2
ALPN
http/1.1

Vulnerabilities

heartbleed
not vulnerable, no heartbeat extension
CCS
not vulnerable
ticketbleed
no session ticket extension
ROBOT
not vulnerable
SSL renegotiation
OpenSSL handshake didn't succeed
SSL client renegotiation
not vulnerable
CRIME TLS
not vulnerable
BREACH
potentially VULNERABLE, gzip HTTP compression detected - only supplied '/' tested
POODLE SSL
not vulnerable, no SSLv3
fallback SCSV
NOT supported. Pls rerun with POODLE SSL check
SWEET32
uses 64 bit block ciphers
FREAK
not vulnerable
DROWN
not vulnerable on this host and port
DROWN hint
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=6E1E50300FAE82700FCCA0A223E5602F31A309AEF073CD12C473C894ECA19D3E
LOGJAM
not vulnerable, no DH EXPORT ciphers,
LOGJAM-common primes
--
BEAST
VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)
LUCKY13
potentially vulnerable, uses TLS CBC ciphers
winshock
not vulnerable
RC4
not vulnerable

Header Responses

Status code
200 OK ('/')
Clock skew
-1 seconds from localtime
HTTP headerTime
1642192895
HSTS
not offered
HPKP
No support for HTTP Public Key Pinning
Cache-Control
private

Server Defaults

TLS extensions
'status request/#5' 'renegotiation info/#65281' 'server name/#0' 'application layer protocol negotiation/#16' 'extended master secret/#23'
TLS session ticket
no -- no lifetime advertised
SSL sessionID support
yes
Session Ticket Resumption
not supported
Session ID Resumption
not supported
TLS timestamp
off by -1 seconds from your localtime
cert compression
N/A
clientAuth
none
cert numbers
1
Signature algorithm
SHA256 with RSA
Key size
RSA 2048 bits (exponent is 65537)
Key usage
Digital Signature, Key Encipherment
Extended key usage
TLS Web Server Authentication, TLS Web Client Authentication
Serial number
0BCC9EAD0F949F37302152880A9F5623
cert serialNumberLen
16
Fingerprint SHA1
5F757B8D0F26D54580C135E7DC79818CE7DC0D6E
Fingerprint SHA256
6E1E50300FAE82700FCCA0A223E5602F31A309AEF073CD12C473C894ECA19D3E
Certificate details
-----BEGIN CERTIFICATE----- MIIGWjCCBUKgAwIBAgIQC8yerQ+UnzcwIVKICp9WIzANBgkqhkiG9w0BAQsFADCB hTELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEpMCcG A1UEAxMgQ2VydHVtIERvbWFpbiBWYWxpZGF0aW9uIENBIFNIQTIwHhcNMjExMDEw MTAxNjE1WhcNMjIxMDEwMTAxNjE0WjAYMRYwFAYDVQQDDA1yZWcuamRlaXV0Lmly MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiu2cGiDHV0+qzKOST5C 2OX7YjsPa/s4wltXNNtYMECbM5V23T3zM+rIW4PY88uJuDj6cowIrFVPUO+j+owZ pkJ4mTQactEm2qbmzpuhLF2JWMlTR4cPusi1V+xAW2X9S3oaz09avoBSwcyCQ5tn u0bP1TGpQEfL51YCs7s47kNZnQe9dSQNaQ8y6gbcpnI0+BdM20rOH9K31PjCZTaw SCRKTYbT6lVQVWTXlwubCfqWoOAmj3CAp16kN7ssJnL8R91ySWRCl40CeWz70w0f Rm7RFrUl/yy8DNakOh71VcoOOcqr0KqsLKmjZZyuOaKoF+lzL8yRiw50k1AV6WCr 5wIDAQABo4IDMDCCAywwDAYDVR0TAQH/BAIwADAyBgNVHR8EKzApMCegJaAjhiFo dHRwOi8vY3JsLmNlcnR1bS5wbC9kdmNhc2hhMi5jcmwwcQYIKwYBBQUHAQEEZTBj MCsGCCsGAQUFBzABhh9odHRwOi8vZHZjYXNoYTIub2NzcC1jZXJ0dW0uY29tMDQG CCsGAQUFBzAChihodHRwOi8vcmVwb3NpdG9yeS5jZXJ0dW0ucGwvZHZjYXNoYTIu Y2VyMB8GA1UdIwQYMBaAFOUxrb86EZb0g7xQPNS3kJuQ7t4lMB0GA1UdDgQWBBQu QMzpOw8ywzl0QTE6Gh7XyBD9+zAdBgNVHRIEFjAUgRJkdmNhc2hhMkBjZXJ0dW0u cGwwSwYDVR0gBEQwQjAIBgZngQwBAgEwNgYLKoRoAYb2dwIFAQMwJzAlBggrBgEF BQcCARYZaHR0cHM6Ly93d3cuY2VydHVtLnBsL0NQUzAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMBgGA1UdEQQRMA+CDXJlZy5q ZGVpdXQuaXIwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AFWB1MIWkDYBSuoL m1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABfGmz+gQAAAQDAEcwRQIhALt4MkvyXv4V kKH8kmx+Yov4QrV1f/uUnRIxVibXMgeEAiBF7atcXQ5DM/KGIBweoGlFBSQRLPKX vd5Ted/R5todNAB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw/m1HAAAB fGmz+d0AAAQDAEcwRQIhAKcqdCFVLs0HaMZOEhzFj08ChDmbgImHhIzm+xFYFkoi AiBDAsdcaSDfWyKek5ypyh18GsIjfwe/yWC3+YQWLL3+QAB2ACl5vvCeOTkh8FZz n2Old+W+V32cYAr4+U1dJlwlXceEAAABfGmz+q0AAAQDAEcwRQIgFCt33ZHfD8NU QODdxP+u0rxNbFRBX5haG7E2UGD7wIcCIQDsHmupNHx4y5cZS7p2xvJFWB4Uwoe0 ebWwKAU7owKusTANBgkqhkiG9w0BAQsFAAOCAQEANNXKksHW6n37LL7Rgg2Xwhkj Y2Abvzvgn9PBfBfWy6AAFYQL4hAU7jsuY067wxDIO+FCEceyFvqkSC88G9/T5+8L Gn05PHxzaNfHmL00iiT7pzSJXxKAPsbQQh0UOQ1MRj/7dT5T8H2xllBhdU3g76x5 wotl5HfN105Q7/fXuyIZzUJhbAl+sfLamEPmr9JuTmTJAeA1Jl9zlvndg/e1vr97 VKBVx/4zseZQWE+LUAjGolF0lLvNKTXEFmMZIhS/k+wfqMt2qzL/CYQuivVgJ3zD jGJfDxumaJt47AnKzN/iOGyY5CydJcm6Qpxq6FV73lUhhgWVMexIqgmX59tRwQ== -----END CERTIFICATE-----
Common names
reg.jdeiut.ir
Service Name Indication
request w/o SNI didn't succeed
SubjectAlternative Name
reg.jdeiut.ir
Certificate trusted
Ok via SAN and CN (SNI mandatory)
Certificate chain trusted
passed.
Is certificate Extended Validation
no
cert expirationStatus
268 >= 60 days
Valid from
2021-10-10 10:16
Valid until
2022-10-10 10:16
cert extlifeSpan
certificate has no extended life time according to browser forum
cert eTLS
not present
cert crlDistributionPoints
http://crl.certum.pl/dvcasha2.crl
Online Certificate Status Protocol URL
http://dvcasha2.ocsp-certum.com
OCSP stapling
offered
cert ocspRevoked
not revoked
cert mustStapleExtension
--
DNS CAArecord
--
certificate transparency
yes (certificate extension)
Chain
2
certs list ordering problem
no
Certificate authority issuers
Certum Domain Validation CA SHA2 (Unizeto Technologies S.A. from PL)
intermediate cert
-----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgIQJt3SK0bJxE1aaU05gH5yrTANBgkqhkiG9w0BAQsFADB+ MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5B LjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIwIAYD VQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMB4XDTE0MDkxMTEyMDAwMFoX DTI3MDYwOTEwNDYzOVowgYUxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRv IFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlv biBBdXRob3JpdHkxKTAnBgNVBAMTIENlcnR1bSBEb21haW4gVmFsaWRhdGlvbiBD QSBTSEEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSVj343kIAfZ VNHRBPYX4j5H+8N0JbjEvxISvOBw0TkFwhez94JwoE4H/hAq/9sNRl4klKOLRZ8Y m85CxK7bgzO8wru0MLanN4d4e0jLJSyCuwpIEmB2ieyOzI8eUkjphgJawrCKfIU9 2f9gTzNspqGgheHXU/LqJz1lqXLBCIPMsCWcEUYk4D70p+/tUbFlk0K09uaGChB5 MjZYsmuo3NV6Hp0U7kDnskZMvZopwuz4MMFiAiriHINi0IU2GoPeEoQpZe/SMr4x YEKoz/jd6tBWRx29dpYkE+e+2Zkr+jBk8Yo4eqbhKpYCsJ262I9tTnqUaX2wk6p0 5ZOQE/qimQIDAQABo4IBPjCCATowDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU 5TGtvzoRlvSDvFA81LeQm5Du3iUwHwYDVR0jBBgwFoAUCHbNywf/JPbFze27kLzi hDdGdfcwDgYDVR0PAQH/BAQDAgEGMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9j cmwuY2VydHVtLnBsL2N0bmNhLmNybDBrBggrBgEFBQcBAQRfMF0wKAYIKwYBBQUH MAGGHGh0dHA6Ly9zdWJjYS5vY3NwLWNlcnR1bS5jb20wMQYIKwYBBQUHMAKGJWh0 dHA6Ly9yZXBvc2l0b3J5LmNlcnR1bS5wbC9jdG5jYS5jZXIwOQYDVR0gBDIwMDAu BgRVHSAAMCYwJAYIKwYBBQUHAgEWGGh0dHA6Ly93d3cuY2VydHVtLnBsL0NQUzAN BgkqhkiG9w0BAQsFAAOCAQEAur/w4d1NK0JDZFjfZPP/gBpfVr47qbJ291R6TDDB mSRLctLK1PoIxpDeiBLt+JD5/KmE/ZLyeOXbySJXq0EwQmsLn9dzM/sBZxxCXI8n Z8duBwONDpbLCgPMPviHPDUwzRiM1XHdzd1hsBOjZEZO/nFOa2XpFATyP6i9DDY9 Kl2eB/LCT5DFXk0YN9EnKICkNuXKk2plDviTua9SWEt6cdi68+/S8/ail+RdFAKa y+WutpPhI5+bP0b37o6hAFtmwx5oI4YPXXe6U635UvtwFcV16895rUl88nZirkQv xV9RNCVBahIKX46uEMRDiTX97P8x5uweh+k6fClQRUGjFA== -----END CERTIFICATE-----
intermediate cert fingerprintSHA256
129FB5DE501E24041CD14A81075FD1CDE257408D4A353E636912E38BDDA2D3FB
intermediate cert notBefore
2014-09-11 12:00
intermediate cert notAfter
2027-06-09 10:46
intermediate cert expiration
ok > 40 days
intermediate cert chain
Certum Domain Validation CA SHA2 <-- Certum Trusted Network CA
intermediate cert badOCSP
intermediate certificate(s) is/are ok

Server Preferences

order
server
Which protocol negotiated
Default protocol TLS1.2
negotiated
ECDHE-RSA-AES256-GCM-SHA384, 384 bit ECDH (P-384)
order TLSv1
ECDHE-RSA-AES256-SHA
order TLSv1 1
ECDHE-RSA-AES256-SHA
order TLSv1 2
ECDHE-RSA-AES256-GCM-SHA384

Ciphers

Browser Simulations

Android 2.3.7
No connection
Android 4.1.1
TLSv1.0 ECDHE-RSA-AES256-SHA
Android 4.3
TLSv1.0 ECDHE-RSA-AES256-SHA
Android 4.4.2
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Android 5.0.0
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Android 6.0
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Android 7.0
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows Chrome 51
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows Chrome 57
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows Firefox 47
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows Firefox 53
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows XP Internet Explorer 6
No connection
Windows Vista Internet Explorer 7
TLSv1.0 ECDHE-RSA-AES256-SHA
Windows XP Internet Explorer 8
No connection
Windows 7 Internet Explorer 8
TLSv1.0 ECDHE-RSA-AES256-SHA
Windows 7 Internet Explorer 11
TLSv1.2 DHE-RSA-AES256-GCM-SHA384
Windows 8.1 Internet Explorer 11
TLSv1.2 DHE-RSA-AES256-GCM-SHA384
Windows 8.1 update Internet Explorer 11
TLSv1.2 DHE-RSA-AES256-GCM-SHA384
Windows 10 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows 10 Edge 13
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows Phone 10 Edge 13
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows 7 Opera 17
TLSv1.2 ECDHE-RSA-AES128-SHA256
MacOSX 10.6.8 Safari 5.1.9
TLSv1.0 ECDHE-RSA-AES256-SHA
iOS 7 Safari 7
TLSv1.2 ECDHE-RSA-AES256-SHA384
MacOSX 10.11 Safari 9
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
MacOSX 10.12 Safari 10
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
iOS 9 App Transport Security 9
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
Windows 7 Tor 7.0.9
TLSv1.0 ECDHE-RSA-AES256-SHA
Java 6 update 45
No connection
Java 7 update 25
TLSv1.0 ECDHE-RSA-AES128-SHA
Java 8 update 31
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
OpenSSL 1.1.1
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
OpenSSL 1.0.2e
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384