sexycelebs.cyou

Score 92/100

Web site information

Website image sexycelebs.cyou
Web Address
IP Address
CDN
CloudFlare

SEO data

title
Sexy Celebs
viewport
width=device-width, initial-scale=1, shrink-to-fit=no
description
Sexy, nude and topless celebrity actresses, supermodels, famous musicians and athletes
referrer
unsafe-url

Lighthouse

Performance
100/100
Accessibility
89/100
Best Practices
92/100
SEO
92/100
PWA
30/100

Protocols

SSLv2
not offered
SSLv3
not offered
TLS 1.0
offered (deprecated)
TLS 1.1
offered (deprecated)
TLS 1.2
offered
TLS 1.3
offered with final
ALPN HTTP2
h2
ALPN
http/1.1

Vulnerabilities

heartbleed
not vulnerable, no heartbeat extension
CCS
not vulnerable
ticketbleed
not vulnerable
ROBOT
not vulnerable, no RSA key transport cipher
SSL renegotiation
OpenSSL handshake didn't succeed
SSL client renegotiation
not vulnerable
CRIME TLS
not vulnerable
BREACH
potentially VULNERABLE, br gzip HTTP compression detected - only supplied '/' tested
POODLE SSL
not vulnerable, no SSLv3
fallback SCSV
supported
SWEET32
not vulnerable
FREAK
not vulnerable
DROWN
not vulnerable on this host and port
DROWN hint
no RSA certificate, can't be used with SSLv2 elsewhere
LOGJAM
not vulnerable, no DH EXPORT ciphers,
LOGJAM-common primes
no DH key with <= TLS 1.2
BEAST
VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)
LUCKY13
potentially vulnerable, uses TLS CBC ciphers
winshock
not vulnerable
RC4
not vulnerable

Header Responses

Status code
200 OK ('/')
Clock skew
0 seconds from localtime
HTTP headerTime
1642173501
HSTS
not offered
HPKP
No support for HTTP Public Key Pinning
Expect-CT
max-age=604800, report-uri='https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct'

Server Defaults

TLS extensions
'server name/#0' 'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'status request/#5' 'next protocol/#13172' 'key share/#51' 'supported versions/#43' 'extended master secret/#23' 'application layer protocol negotiation/#16' 'compress_certificate/#27'
TLS session ticket
valid for 64800 seconds only (<daily)
SSL sessionID support
yes
Session Ticket Resumption
not supported
Session ID Resumption
not supported
TLS timestamp
off by -1 seconds from your localtime
certificate compression
0002/Brotli
clientAuth
none
cert numbers
1
Signature algorithm
ECDSA with SHA256
Key size
EC 256 bits (curve P-256)
Key usage
Digital Signature
Extended key usage
TLS Web Server Authentication, TLS Web Client Authentication
Serial number
0ACC900EFD5BD22CE9A1E552C46F34BA
cert serialNumberLen
16
Fingerprint SHA1
D0BE1E986139C2C4DD50101BC17910475E6A3921
Fingerprint SHA256
636658F4B12E2E36A5145F74349DB19920CA3EF459F9FC0804F964AF7A1A9679
Certificate details
-----BEGIN CERTIFICATE----- MIIFPTCCBOOgAwIBAgIQCsyQDv1b0izpoeVSxG80ujAKBggqhkjOPQQDAjBKMQsw CQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UEAxMX Q2xvdWRmbGFyZSBJbmMgRUNDIENBLTMwHhcNMjIwMTExMDAwMDAwWhcNMjMwMTEw MjM1OTU5WjB1MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQG A1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEe MBwGA1UEAxMVc25pLmNsb3VkZmxhcmVzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZI zj0DAQcDQgAEgOheGmUBT8D8Gtk8yGai+60J0wO7xT/M4N8EcvnUpbe8zm+adQ9d fm+pVGTT5g8nrpO8IxgFvfC99FtoQq7Fn6OCA34wggN6MB8GA1UdIwQYMBaAFKXO N+rrsHUOlGeItEX62SQQh5YfMB0GA1UdDgQWBBQpsBenl7AGahyKubbjQIPuehwv WjBEBgNVHREEPTA7ghVzbmkuY2xvdWRmbGFyZXNzbC5jb22CESouc2V4eWNlbGVi cy5jeW91gg9zZXh5Y2VsZWJzLmN5b3UwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8v Y3JsMy5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMuY3JsMDegNaAz hjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMu Y3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93 d3cuZGlnaWNlcnQuY29tL0NQUzB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGG GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2Nh Y2VydHMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNFQ0NDQS0zLmNydDAMBgNV HRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgDoPtDaPvUGNTLn Vyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAX5KF7EqAAAEAwBHMEUCIHfbrcuD6DJu v3Adc1zz4ZPdqimOuXii5jCmD7q6MlYRAiEAqW4puJT6tVmdTRDidZx8KY0lsEuv 8m9W6O0c4hhFV7gAdwA1zxkbv7FsV78PrUxtQsu7ticgJlHqP+Eq76gDwzvWTAAA AX5KF7EhAAAEAwBIMEYCIQCeC6evJicqGykpYEBiIPer8rcMjC1W35wRo1jY3VvN MQIhAJpo0iIXYPPrFCZQS9wsFa1AiZnRVtDe6k49OdN+c+IVAHUAs3N3B+GEUPhj htYFqdwRCUp5LbFnDAuH3PADDnk2pZoAAAF+ShexRQAABAMARjBEAiBDmKI0PD6L TODxr0PMTwRno3MRibfrYBeugg1dC/0K/gIgBsA7AwPW0LS9eIclYXFu2X3/qdwe H3nUmgO2kea49+UwCgYIKoZIzj0EAwIDSAAwRQIhANHea843x9WVUfgRo0DlOlA+ QZqDVDcW8KAPWDR5+ZfsAiBYPzSCRUvieA50LHE8zn5lmXPT3c1Wy314jYbZ3Gxf Cg== -----END CERTIFICATE-----
Common names
sni.cloudflaressl.com
Service Name Indication
request w/o SNI didn't succeed, usual for EC certificates
SubjectAlternative Name
sni.cloudflaressl.com *.sexycelebs.cyou sexycelebs.cyou
Certificate trusted
Ok via SAN (SNI mandatory)
Certificate chain trusted
passed.
Is certificate Extended Validation
no
cert expirationStatus
361 >= 60 days
Valid from
2022-01-11 00:00
Valid until
2023-01-10 23:59
cert extlifeSpan
certificate has no extended life time according to browser forum
cert eTLS
not present
cert crlDistributionPoints
http://crl3.digicert.com/CloudflareIncECCCA-3.crl http://crl4.digicert.com/CloudflareIncECCCA-3.crl
Online Certificate Status Protocol URL
http://ocsp.digicert.com
OCSP stapling
offered
cert ocspRevoked
not revoked
cert mustStapleExtension
--
DNS CAArecord
--
certificate transparency
yes (certificate extension)
Chain
2
certs list ordering problem
no
Certificate authority issuers
Cloudflare Inc ECC CA-3 (Cloudflare, Inc. from US)
intermediate cert
-----BEGIN CERTIFICATE----- MIIDzTCCArWgAwIBAgIQCjeHZF5ftIwiTv0b7RQMPDANBgkqhkiG9w0BAQsFADBa MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIw MDEyNzEyNDgwOFoXDTI0MTIzMTIzNTk1OVowSjELMAkGA1UEBhMCVVMxGTAXBgNV BAoTEENsb3VkZmxhcmUsIEluYy4xIDAeBgNVBAMTF0Nsb3VkZmxhcmUgSW5jIEVD QyBDQS0zMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEua1NZpkUC0bsH4HRKlAe nQMVLzQSfS2WuIg4m4Vfj7+7Te9hRsTJc9QkT+DuHM5ss1FxL2ruTAUJd9NyYqSb 16OCAWgwggFkMB0GA1UdDgQWBBSlzjfq67B1DpRniLRF+tkkEIeWHzAfBgNVHSME GDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYI KwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5j b20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL09t bmlyb290MjAyNS5jcmwwbQYDVR0gBGYwZDA3BglghkgBhv1sAQEwKjAoBggrBgEF BQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzALBglghkgBhv1sAQIw CAYGZ4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEB AAUkHd0bsCrrmNaF4zlNXmtXnYJX/OvoMaJXkGUFvhZEOFp3ArnPEELG4ZKk40Un +ABHLGioVplTVI+tnkDB0A+21w0LOEhsUCxJkAZbZB2LzEgwLt4I4ptJIsCSDBFe lpKU1fwg3FZs5ZKTv3ocwDfjhUkV+ivhdDkYD7fa86JXWGBPzI6UAPxGezQxPk1H goE6y/SJXQ7vTQ1unBuCJN0yJV0ReFEQPaA1IwQvZW+cwdFD19Ae8zFnWSfda9J1 CZMRJCQUzym+5iPDuI9yP+kHyCREU3qzuWFloUwOxkgAyXVjBYdwRVKD05WdRerw 6DEdfgkfCv4+3ao8XnTSrLE= -----END CERTIFICATE-----
intermediate cert fingerprintSHA256
3ABBE63DAF756C5016B6B85F52015FD8E8ACBE277C5087B127A60563A841ED8A
intermediate cert notBefore
2020-01-27 12:48
intermediate cert notAfter
2024-12-31 23:59
intermediate cert expiration
ok > 40 days
intermediate cert chain
Cloudflare Inc ECC CA-3 <-- Baltimore CyberTrust Root
intermediate cert badOCSP
intermediate certificate(s) is/are ok

Server Preferences

order
server -- TLS 1.3 client determined
Which protocol negotiated
Default protocol TLS1.3
negotiated
TLS13-AES-256-GCM-SHA384, 253 bit ECDH (X25519)
order TLSv1
ECDHE-ECDSA-AES128-SHA
order TLSv1 1
ECDHE-ECDSA-AES128-SHA
order TLSv1 2
ECDHE-ECDSA-AES128-GCM-SHA256

Ciphers

Browser Simulations

Android 2.3.7
No connection
Android 4.1.1
TLSv1.0 ECDHE-ECDSA-AES128-SHA
Android 4.3
TLSv1.0 ECDHE-ECDSA-AES128-SHA
Android 4.4.2
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Android 5.0.0
TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD
Android 6.0
TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD
Android 7.0
TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305
Windows Chrome 51
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Windows Chrome 57
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Windows Firefox 47
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Windows Firefox 53
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Windows XP Internet Explorer 6
No connection
Windows Vista Internet Explorer 7
TLSv1.0 ECDHE-ECDSA-AES128-SHA
Windows XP Internet Explorer 8
No connection
Windows 7 Internet Explorer 8
TLSv1.0 ECDHE-ECDSA-AES128-SHA
Windows 7 Internet Explorer 11
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Windows 8.1 Internet Explorer 11
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Windows 8.1 update Internet Explorer 11
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Windows 10 Internet Explorer 11
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Windows 10 Edge 13
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Windows Phone 10 Edge 13
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Windows 7 Opera 17
TLSv1.2 ECDHE-ECDSA-AES128-SHA
MacOSX 10.6.8 Safari 5.1.9
TLSv1.0 ECDHE-ECDSA-AES128-SHA
iOS 7 Safari 7
TLSv1.2 ECDHE-ECDSA-AES128-SHA
MacOSX 10.11 Safari 9
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
MacOSX 10.12 Safari 10
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
iOS 9 App Transport Security 9
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
Windows 7 Tor 7.0.9
TLSv1.0 ECDHE-ECDSA-AES128-SHA
Java 6 update 45
No connection
Java 7 update 25
TLSv1.0 ECDHE-ECDSA-AES128-SHA
Java 8 update 31
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
OpenSSL 1.1.1
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
OpenSSL 1.0.2e
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256