thegymrebels.com

Score 90/100

Web site information

Website image thegymrebels.com
Web Address
thegymrebels.com
IP Address
154.49.142.7
Advertising Networks
Google AdSense
Font Scripts
Google Font API
Web Servers
LiteSpeed
Programming Languages
PHP
JavaScript Frameworks
React
CMS
WordPress

SEO data

title
Gym Rebels - Helping you build the perfect Fitness Lifestyle!
description
Here at Gym Rebels, we strive to equip you with the knowledge needed to excel on your fitness journey.
robots
max-image-preview:large
generator
WordPress 6.5.2
twitter:card
summary_large_image
twitter:title
Gym Rebels - Helping you build the perfect Fitness Lifestyle!
twitter:description
Here at Gym Rebels, we strive to equip you with the knowledge needed to excel on your fitness journey.
twitter:image
https://thegymrebels.com/wp-content/uploads/2023/05/cropped-The-Gym-Rebel-Logo-01.jpg
viewport
width=device-width, initial-scale=1
msapplication-TileImage
https://thegymrebels.com/wp-content/uploads/2023/06/cropped-The-Gym-Rebel-Logo-bg-1-270x270.png

Protocols

SSLv2
not offered
SSLv3
not offered
TLS 1.0
not offered
TLS 1.1
not offered
TLS 1.2
offered
TLS 1.3
offered with final
ALPN HTTP2
h2
ALPN
http/1.1

Vulnerabilities

heartbleed
not vulnerable, no heartbeat extension
CCS
not vulnerable
ticketbleed
not vulnerable
ROBOT
VULNERABLE
SSL renegotiation
supported
SSL client renegotiation
not vulnerable
CRIME TLS
not vulnerable
BREACH
potentially VULNERABLE, br HTTP compression detected - only supplied '/' tested
POODLE SSL
not vulnerable, no SSLv3
fallback SCSV
no protocol below TLS 1.2 offered
SWEET32
not vulnerable
FREAK
not vulnerable
DROWN
not vulnerable on this host and port
DROWN hint
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=795E24D1092C3465CDF7E1D9D27AED9314FB9547138FE23EF4A8A3175E6B1965
LOGJAM
not vulnerable, no DH EXPORT ciphers,
LOGJAM-common primes
no DH key with <= TLS 1.2
BEAST
not vulnerable, no SSL3 or TLS1
LUCKY13
potentially vulnerable, uses TLS CBC ciphers
RC4
not vulnerable

Header Responses

Status code
200 OK ('/')
Clock skew
0 seconds from localtime
HSTS
not offered
HPKP
No support for HTTP Public Key Pinning
Number of cookies
0 at '/'
Content-Security-Policy
upgrade-insecure-requests
X-UA-Compatible
IE=edge

Server Defaults

TLS extensions
'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'status request/#5' 'key share/#51' 'supported versions/#43' 'extended master secret/#23' 'application layer protocol negotiation/#16'
TLS session ticket
valid for 215999 seconds (>daily)
SSL sessionID support
yes
Session Ticket Resumption
supported
Session ID Resumption
supported
TLS timestamp
off by -5 seconds from your localtime
cert numbers
1
Signature algorithm
SHA256 with RSA
Key size
RSA 4096 bits
Key usage
Digital Signature, Key Encipherment
Extended key usage
TLS Web Server Authentication, TLS Web Client Authentication
Serial number
03C2DDD633866621E31F3F26830DBC2C0722
cert serialNumberLen
18
Fingerprint SHA1
DA8A132EF83B5B9D345B4A4BFF4613868A864903
Fingerprint SHA256
795E24D1092C3465CDF7E1D9D27AED9314FB9547138FE23EF4A8A3175E6B1965
Certificate details
-----BEGIN CERTIFICATE----- MIIGAzCCBOugAwIBAgISA8Ld1jOGZiHjHz8mgw28LAciMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMTkwNDIyMTFaFw0yNDA2MTcwNDIyMTBaMBsxGTAXBgNVBAMT EHRoZWd5bXJlYmVscy5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC AQCzTDEs0wrEs8wOON1CSjqYBoJ7/hWFtXuO4XmFj8g/g7I3saiPNsSu7gXg+Ua/ xArxF0WNSu9WgWYoAPEmDB7puByOVp/wF8mhFygDfslFZoSTbNAAJ6BdXOUyLwzo iZb6ZLzBzyKgIedwofQHm9fQHXxB8aAqeEb4ZQwtm9bdK/G8Y6mPtn6tznX9YvDb xPwospOWvPaET16GgepPsaA0kV0QCW02PYkhKI2x0l5xu/JAiQyUt+BtUul0woUf CtH32e5Jvup6ES0+6NXBnEw1RabE9a2TKM0VFDDQvssuOh2AaLUyJ5WCtD040WSS jy/Xqd+xNhxd21797mxIJG8xGTe2GzzfqpiStLSuIWUGtt94IXEahuMYFAsnwPhI zDrEcgvu8vCPGnrMJyimWttNdfvcPdUXVStVFIRBgh6EOIhu8mNS1FtOvblkEuHr w1atgH2ut/JMvxEWVncB5ZUy/d5XwOi7ZoaWSLGcWSWSVoz0DnAzaflHWC4pXlWW SAH0e9YSGstbOzmCuAg9KBoOk4U2rCkFSIvvtD0LsiJv2793dv5jfB3qNqpVEwrV 4kr/76l7VV1MB3RA3RVgF+GuiLtjBR1dlJFg+9JWk7Ab0tVhzQaSP5chU3x87IH3 Do4aiLn8RrBNYzsTKXt0Bg7xQyKefcj7nixesMtz4H58+QIDAQABo4ICKDCCAiQw DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRes9XdNFVDihnEQAmnjZRW/XALADAfBgNV HSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYI KwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0 cDovL3IzLmkubGVuY3Iub3JnLzAxBgNVHREEKjAoghB0aGVneW1yZWJlbHMuY29t ghR3d3cudGhlZ3ltcmViZWxzLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQG CisGAQQB1nkCBAIEgfUEgfIA8AB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7 v6s52IRzAAABjlUo9lUAAAQDAEYwRAIgFKjNq7jrZyWLaiWQmUsLrtzO9AGiFXcO mFsNkNz6WhMCIDxlBX2u5XPy9+/Ibr/9E1yzAHZUxplApke8G6bz8pcZAHcA7s3Q ZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGOVSj4TgAABAMASDBGAiEA oSKyaPWlMhZ1YS7xOg7jR+hbSytn2G1+2SCGt/pXKnICIQDz7RNsQbX9+QnjhwsX sN+6v+ImVgcOk9Y9z5N6rlmdczANBgkqhkiG9w0BAQsFAAOCAQEAb6Kco0qKx8ic FdvCxnDySlgD2A+KakjbW1tjPLL3VSM7Ek5/bFktKtsMdGV5JaD7ys+Hez1sqQzA D4e5VMDbGwQDxPJwkYE71XSPdcc7qsDwkDz6h6cqzf4llepGatdfdRZX02SXcIOA yP4kAPEEWz6WN0rKnq7B5UV2DcPWPnnBsFRQDNYDmUYHHPxD9XK897t1pnw6osG/ JTZgy6rMs5GwrdVIqpNdwJpoTLFtsgIcZlpETkTZ0Yn1fIojnrFO7ZxEt1iqNMyn aCBtOa7XfGqR6S20C/WcUIu79LXtC7v/BOIEH8UFRQKMhPNjmQGDDypxeyzTTICw 0HstbpioYg== -----END CERTIFICATE-----
Common names
thegymrebels.com
Service Name Indication
*.hstgr.io
SubjectAlternative Name
thegymrebels.com www.thegymrebels.com
Certificate authority issuers
R3 (Let's Encrypt from US)
Certificate trusted
Ok via SAN (SNI mandatory)
Certificate chain trusted
passed.
Is certificate Extended Validation
no
cert eTLS
not present
cert expirationStatus
52 >= 30 days
Valid from
2024-03-19 04:22
Valid until
2024-06-17 04:22
cert validityPeriod
No finding
Chain
2
certs list ordering problem
no
cert crlDistributionPoints
--
Online Certificate Status Protocol URL
http://r3.o.lencr.org
OCSP stapling
offered
cert ocspRevoked
not revoked
cert mustStapleExtension
--
DNS CAArecord
issue=comodoca.com, issue=digicert.com, issue=globalsign.com, issue=letsencrypt.org, issue=sectigo.com, issuewild=comodoca.com, issuewild=digicert.com, issuewild=globalsign.com, issuewild=letsencrypt.org, issuewild=sectigo.com
certificate transparency
yes (certificate extension)

Server Preferences

order
server -- TLS 1.3 client determined
Which protocol negotiated
Default protocol TLS1.3
negotiated
TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519)
order TLSv1 2
ECDHE-RSA-AES128-GCM-SHA256

Perfect Forward Secrecy

PFS
offered
PFS s
ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA
PFS ECDHE curves
prime256v1 secp384r1

Ciphers