updated: Thursday, 17 October 2019, 06:58:54


Validity

Valid fromWednesday, 20 December 2017, 17:02:02
Valid untilTuesday, 18 December 2018, 20:18:03
Trust Store 'Apple - OS X 10.9.2'unable to get local issuer certificate
Trust Store 'Microsoft - 04/2014'unable to get local issuer certificate
Trust Store 'Mozilla NSS - 01/2014'unable to get local issuer certificate
Trust Store 'Java 6 - Update 65'unable to get local issuer certificate
OCSPServer did not send back an OCSP response

Vulnerability

Heartbleed (CVE-2014-0160)NOT vulnerable (ok)
Session Resumption With TLS Ticketsyes
Session Resumption With Session IDsno
Session Renegotiation Can Be Client Initiatedno
TLS compressionno
Renegotiation (CVE 2009-3555)NOT vulnerable (ok)
CRIME, TLS (CVE-2012-4929)NOT vulnerable (ok)

Server

SSL Report Fornstand.com (88.198.63.92:443)
OCSP staplingno
HSTSno
Servernginx/1.1.19
Application (None)
Default negotiated protocolTLSv1.2
Default negotiated cipherECDHE-RSA-AES256-GCM-SHA384
Default server key size2048 bit
TLS server extensionsserver name, renegotiation info, EC point formats, session ticket, heartbeat
Session Tickets RFC 5077300 seconds
SPDY/NPNnot offered

Certificate

Common Namewww.neventum.com
Alternative nameswww.neventum.com, neventum.com, www.nferias.com, www.nfeiras.com, images.neventum.com, www.nadmin.neventum.com, hostesses.ntradeshows.com, www.nstands.com.br, www.nmessen.com, www.neventum.es, www.nfiere.com, www.nsalons.com, azafatas.nferias.com, www.neventum.fr, hostess.nfiere.com, www.neventum.de, hostessen.nmessen.com, www.nrequest.neventum.com, www.ntradeshows.com, www.ncatering.com, www.nstands.fr, hotesses.nsalons.com, www.neventum.it, www.neventum.com.br, promotoras.nfeiras.com, static.neventum.com, www.nstands.com, www.nstand.com, www.nstand.it, www.nmessebau.com
KeyrsaEncryption, 2048 bit
OrganizationNeventum SL
State/ProvinceBarcelona
CountryES
LocalityBarcelona
IssuerGo Daddy Secure Certificate Authority - G2, US
Signature algorithmsha256WithRSAEncryption
Revocation CRLCRL (http://crl.godaddy.com/gdig2s3-10.crl)
Revocation OCSPOCSP (http://ocsp.godaddy.com/)

Protocols

SSL 2NOT offered (ok)
SSL 3offered
TLS 1.0offered (ok)
TLS 1.1offered (ok)
TLS 1.2offered (ok)

Standard cipher lists

Null CipherNOT offered (ok)
Anonymous NULL CipherNOT offered (ok)
Anonymous DH CipherNOT offered (ok)
40 Bit encryptionNOT offered (ok)
56 Bit encryptionNOT offered (ok)
DES CipherNOT offered (ok)
Triple DES Cipheroffered
Medium grade encryptionnot offered
High grade encryptionoffered (ok)
Labels in table: strong strong, default for protocol weak vulnerable

TLS 1.2TLS 1.1TLS 1.0SSL 3SSL 2
ECDHE-RSA-AES256-SHA256256256256
ECDHE-RSA-AES256-GCM-SHA384256
DHE-RSA-CAMELLIA256-SHA256256256256
DHE-RSA-AES256-SHA256256256256
AES256-SHA256256256256
CAMELLIA256-SHA256256256256
EDH-RSA-DES-CBC3-SHA168168168168
ECDHE-RSA-DES-CBC3-SHA168168168168
DES-CBC3-SHA168168168168
DHE-RSA-CAMELLIA128-SHA128128128128
CAMELLIA128-SHA128128128128
DHE-RSA-AES128-SHA128128128128
AES128-SHA128128128128
ECDHE-RSA-AES128-SHA128128128128
ECDHE-RSA-AES256-SHA384256
AES256-SHA256256
DHE-RSA-AES256-GCM-SHA384256
AES256-GCM-SHA384256
DHE-RSA-AES256-SHA256256
AES128-SHA256128
ECDHE-RSA-AES128-GCM-SHA256128
DHE-RSA-AES128-SHA256128
AES128-GCM-SHA256128
DHE-RSA-AES128-GCM-SHA256128
ECDHE-RSA-AES128-SHA256128
NULL-MD5
NULL-SHA
NULL-SHA256
PSK-AES256-CBC-SHA
PSK-AES128-CBC-SHA
PSK-3DES-EDE-CBC-SHA
IDEA-CBC-SHA
EXP-RC2-CBC-MD5
PSK-RC4-SHA
EXP-DES-CBC-SHA
EXP-ADH-DES-CBC-SHA
EDH-RSA-DES-CBC-SHA
EXP-EDH-DSS-DES-CBC-SHA
EXP-ADH-RC4-MD5
EXP-EDH-RSA-DES-CBC-SHA
EXP-RC4-MD5
SRP-DSS-3DES-EDE-CBC-SHA
EDH-DSS-DES-CBC3-SHA
SRP-RSA-AES-256-CBC-SHA
SRP-RSA-AES-128-CBC-SHA
RC2-CBC-MD5
IDEA-CBC-MD5
DES-CBC-MD5
DES-CBC3-MD5
SRP-RSA-3DES-EDE-CBC-SHA
SRP-DSS-AES-256-CBC-SHA
SEED-SHA
RC4-SHA
SRP-3DES-EDE-CBC-SHA
SRP-AES-128-CBC-SHA
SRP-DSS-AES-128-CBC-SHA
SRP-AES-256-CBC-SHA
RC4-MD5
EDH-DSS-DES-CBC-SHA
DHE-DSS-AES128-SHA
DHE-DSS-AES128-SHA256
DHE-DSS-AES128-GCM-SHA256
DES-CBC-SHA
AECDH-NULL-SHA
AECDH-RC4-SHA
DHE-DSS-AES256-GCM-SHA384
DHE-DSS-AES256-SHA
DHE-DSS-SEED-SHA
DHE-RSA-SEED-SHA
DHE-DSS-CAMELLIA256-SHA
DHE-DSS-CAMELLIA128-SHA
DHE-DSS-AES256-SHA256
AECDH-DES-CBC3-SHA
AECDH-AES256-SHA
ADH-AES256-SHA
ADH-AES256-SHA256
ADH-AES256-GCM-SHA384
ADH-AES128-SHA256
ADH-AES128-SHA
ADH-CAMELLIA128-SHA
ADH-CAMELLIA256-SHA
ADH-SEED-SHA
AECDH-AES128-SHA
ADH-RC4-MD5
ADH-DES-CBC3-SHA
ADH-DES-CBC-SHA
ECDH-ECDSA-AES128-GCM-SHA256
ECDH-ECDSA-AES128-SHA
ECDHE-ECDSA-AES128-SHA256
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES128-SHA
ECDHE-ECDSA-AES128-GCM-SHA256
ECDH-RSA-NULL-SHA
ECDH-RSA-RC4-SHA
ECDHE-ECDSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-NULL-SHA
ECDHE-RSA-RC4-SHA
ECDHE-ECDSA-RC4-SHA
ECDHE-ECDSA-NULL-SHA
ECDHE-ECDSA-DES-CBC3-SHA
ECDH-RSA-DES-CBC3-SHA
ECDH-RSA-AES256-SHA384
ECDH-ECDSA-AES256-SHA384
ECDH-ECDSA-DES-CBC3-SHA
ECDH-ECDSA-AES256-SHA
ECDH-ECDSA-AES256-GCM-SHA384
ECDH-ECDSA-AES128-SHA256
ECDH-ECDSA-NULL-SHA
ECDH-ECDSA-RC4-SHA
ECDH-RSA-AES256-GCM-SHA384
ECDH-RSA-AES256-SHA
ECDH-RSA-AES128-SHA256
ECDH-RSA-AES128-SHA
ECDH-RSA-AES128-GCM-SHA256
ADH-AES128-GCM-SHA256
Server did not send back an OCSP response
OCSP
Server did not send back an OCSP response
https://raymii.org/s/tutorials/OCSP_Stapling_on_nginx.html
unable to get local issuer certificate
Apple - OS X 10.9.2
unable to get local issuer certificate
Java 6 - Update 65
unable to get local issuer certificate
Microsoft - 04/2014
unable to get local issuer certificate
Mozilla NSS - 01/2014
Certificate Not Matches Server Hostname
nstand.com (88.198.63.92:443)
Not valid for 'nstand.com'