updated: Thursday, 28 November 2019, 03:34:48


Validity

Valid fromTuesday, 04 April 2017, 10:02:16
Valid untilTuesday, 21 August 2018, 15:11:06
Trust Store 'Microsoft - 04/2014'ok
Trust Store 'Mozilla NSS - 01/2014'ok (not EV)
Trust Store 'Apple - OS X 10.9.2'ok
Trust Store 'Java 6 - Update 65'certificate has expired
OCSPServer did not send back an OCSP response

Vulnerability

Heartbleed (CVE-2014-0160)NOT vulnerable (ok)
Session Resumption With TLS Ticketsyes
Session Resumption With Session IDs5 / 5
Session Renegotiation Can Be Client Initiatedyes
TLS compressionno
Renegotiation (CVE 2009-3555)Patched Server detected (0,1), probably ok
CRIME, TLS (CVE-2012-4929)NOT vulnerable (ok)

Server

SSL Report Forpremierwealth.com (93.93.226.229:443)
OCSP staplingno
HSTSno
Serversquid/2.6.STABLE23
Application (None)
Default negotiated protocolTLSv1.2
Default negotiated cipherDHE-RSA-AES256-GCM-SHA384
Default server key size2048 bit
TLS server extensionsrenegotiation info, session ticket, heartbeat
Session Tickets RFC 5077300 seconds
SPDY/NPNnot offered

Certificate

Common Name011.practiceweb.co.uk
Alternative names011.practiceweb.co.uk, macdonaldpartnership.macdonaldgroup.uk, resources.jeffcotedonnison.co.uk, resources.lloyddowson.co.uk, www.accounttaxltd.com, www.ajlife.co.uk, www.bellbarr.co.uk, www.bgyifa.com, www.blackaddersfs.co.uk, www.brookwood.co.uk, www.camerons-uk.com, www.cdfp-ifa.co.uk, www.chesapeake.co.uk, www.davidfishel.com, www.grants-acc.co.uk, www.hoffmanconsultants.co.uk, www.hulbertwest.co.uk, www.kayemiddleton.co.uk, www.kelmanson.com, www.kench-financial.co.uk, www.ksm-associates.co.uk, www.langtonsliverpool.com, www.malthouse.com, www.mathspartnership.co.uk, www.mcshanewright.co.uk, www.mlco.co.uk, www.morrisowen.com, www.nickleeson.co.uk, www.portergarland.co.uk, www.premierwealth.com, www.probityconsulting.co.uk, www.pwsfc.co.uk, www.ramonlee.co.uk, www.rbsca.com, www.stonebridgestewart.co.uk, www.suretax.co.uk, www.whiteleysaccountants.co.uk
KeyrsaEncryption, 2048 bit
OrganizationPracticeWEB Limited
State/ProvinceBristol
CountryGB
LocalityBristol
IssuerGlobalSign Organization Validation CA - SHA256 - G2, BE
Signature algorithmsha256WithRSAEncryption
Revocation CRLCRL (http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl)
Revocation OCSPOCSP (http://ocsp2.globalsign.com/gsorganizationvalsha2g2)

Protocols

SSL 2NOT offered (ok)
SSL 3NOT offered (ok)
TLS 1.0offered (ok)
TLS 1.1offered (ok)
TLS 1.2offered (ok)

Standard cipher lists

Null CipherNOT offered (ok)
Anonymous NULL CipherNOT offered (ok)
Anonymous DH CipherNOT offered (ok)
40 Bit encryptionNOT offered (ok)
56 Bit encryptionNOT offered (ok)
DES CipherNOT offered (ok)
Triple DES Cipheroffered
Medium grade encryptionnot offered
High grade encryptionoffered (ok)
Labels in table: strong strong, default for protocol weak vulnerable

TLS 1.2TLS 1.1TLS 1.0SSL 3SSL 2
ECDHE-RSA-AES256-SHA384
ECDHE-RSA-DES-CBC3-SHA
ECDHE-RSA-AES256-SHA
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-SHA
ECDHE-RSA-AES128-SHA256
ECDHE-RSA-NULL-SHA
ECDHE-RSA-RC4-SHA
EXP-ADH-DES-CBC-SHA
EXP-ADH-RC4-MD5
EDH-RSA-DES-CBC-SHA
EDH-DSS-DES-CBC3-SHA
EDH-DSS-DES-CBC-SHA
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-RC4-SHA
ECDH-RSA-RC4-SHA
ECDHE-ECDSA-AES128-GCM-SHA256
ECDH-RSA-NULL-SHA
ECDH-RSA-DES-CBC3-SHA
ECDH-RSA-AES256-SHA
ECDH-RSA-AES256-SHA384
ECDHE-ECDSA-AES128-SHA
ECDHE-ECDSA-AES128-SHA256
ECDHE-ECDSA-DES-CBC3-SHA
ECDHE-ECDSA-NULL-SHA
ECDHE-ECDSA-AES256-SHA384
ECDHE-ECDSA-AES256-SHA
ECDHE-ECDSA-AES256-GCM-SHA384
EXP-DES-CBC-SHA
EXP-EDH-DSS-DES-CBC-SHA
SRP-DSS-AES-128-CBC-SHA
SRP-DSS-AES-256-CBC-SHA
SRP-DSS-3DES-EDE-CBC-SHA
SRP-AES-256-CBC-SHA
SRP-3DES-EDE-CBC-SHA
SRP-AES-128-CBC-SHA
SRP-RSA-3DES-EDE-CBC-SHA
SRP-RSA-AES-128-CBC-SHA
IDEA-CBC-MD5
RC2-CBC-MD5
DES-CBC3-MD5
DES-CBC-MD5
SRP-RSA-AES-256-CBC-SHA
SEED-SHA
RC4-SHA
IDEA-CBC-SHA
NULL-MD5
EXP-RC4-MD5
EXP-RC2-CBC-MD5
EXP-EDH-RSA-DES-CBC-SHA
NULL-SHA
NULL-SHA256
PSK-RC4-SHA
RC4-MD5
PSK-AES256-CBC-SHA
PSK-AES128-CBC-SHA
PSK-3DES-EDE-CBC-SHA
ECDH-RSA-AES256-GCM-SHA384
ECDH-RSA-AES128-SHA256
ADH-AES128-SHA
ADH-AES128-SHA256
ADH-AES128-GCM-SHA256
EDH-RSA-DES-CBC3-SHA
DHE-RSA-CAMELLIA128-SHA
DHE-RSA-CAMELLIA256-SHA
ADH-AES256-GCM-SHA384
ADH-AES256-SHA
ADH-DES-CBC-SHA
ADH-DES-CBC3-SHA
ADH-CAMELLIA256-SHA
ADH-CAMELLIA128-SHA
ADH-AES256-SHA256
DHE-RSA-AES256-SHA256
DHE-RSA-AES256-SHA
AES256-SHA
AES256-SHA256
AES256-GCM-SHA384
AES128-SHA256
AES128-SHA
CAMELLIA128-SHA
CAMELLIA256-SHA
DHE-RSA-AES128-SHA256
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES128-SHA
DHE-RSA-AES128-GCM-SHA256
DES-CBC3-SHA
ADH-RC4-MD5
ADH-SEED-SHA
ECDH-ECDSA-AES128-SHA256
ECDH-ECDSA-AES256-GCM-SHA384
ECDH-ECDSA-AES128-SHA
ECDH-ECDSA-AES128-GCM-SHA256
DHE-DSS-SEED-SHA
DHE-RSA-SEED-SHA
ECDH-ECDSA-AES256-SHA
ECDH-ECDSA-AES256-SHA384
ECDH-RSA-AES128-GCM-SHA256
ECDH-RSA-AES128-SHA
ECDH-ECDSA-RC4-SHA
ECDH-ECDSA-NULL-SHA
ECDH-ECDSA-DES-CBC3-SHA
DHE-DSS-CAMELLIA256-SHA
DHE-DSS-CAMELLIA128-SHA
AECDH-NULL-SHA
AECDH-RC4-SHA
AECDH-DES-CBC3-SHA
AECDH-AES256-SHA
AECDH-AES128-SHA
DES-CBC-SHA
DHE-DSS-AES128-GCM-SHA256
DHE-DSS-AES256-SHA
DHE-DSS-AES256-SHA256
DHE-DSS-AES256-GCM-SHA384
DHE-DSS-AES128-SHA256
DHE-DSS-AES128-SHA
AES128-GCM-SHA256
Trusted By Apple - OS X 10.9.2
premierwealth.com (93.93.226.229:443)
Trusted By Apple - OS X 10.9.2
Trusted By Microsoft - 04/2014
premierwealth.com (93.93.226.229:443)
Trusted By Microsoft - 04/2014
Trusted By Mozilla NSS - 01/2014
premierwealth.com (93.93.226.229:443)
Trusted By Mozilla NSS - 01/2014
Server did not send back an OCSP response
OCSP
Server did not send back an OCSP response
https://raymii.org/s/tutorials/OCSP_Stapling_on_nginx.html
certificate has expired
Java 6 - Update 65
Certificate Not Matches Server Hostname
premierwealth.com (93.93.226.229:443)
Not valid for 'premierwealth.com'
Session Renegotiation Can Be Client Initiated
premierwealth.com (93.93.226.229:443)