JSON result object for "http://www.noname-ev.de/"

Note: This is not a stable API during the beta. Providing highlighted JSON instead of raw JSON data is therefore intentional.

{
  "mx_locations": [
    "Germany"
  ],
  "web_has_protocol_tls1_3": false,
  "reachable": true,
  "requests_count": 11,
  "requests": [
    {
      "headers": null,
      "referrer": null,
      "method": null,
      "url": "http://www.noname-ev.de/"
    },
    {
      "headers": null,
      "referrer": null,
      "method": null,
      "url": "https://www.noname-ev.de/"
    },
    {
      "headers": null,
      "referrer": null,
      "method": null,
      "url": "https://www.noname-ev.de/css/syntax.css"
    },
    {
      "headers": null,
      "referrer": null,
      "method": null,
      "url": "https://www.noname-ev.de/css/main.css"
    },
    {
      "headers": null,
      "referrer": null,
      "method": null,
      "url": "https://www.noname-ev.de/css/small.css"
    },
    {
      "headers": null,
      "referrer": null,
      "method": null,
      "url": "https://www.noname-ev.de/css/leaflet.css"
    },
    {
      "headers": null,
      "referrer": null,
      "method": null,
      "url": "https://www.noname-ev.de/leaflet/leaflet.js"
    },
    {
      "headers": null,
      "referrer": null,
      "method": null,
      "url": "https://www.noname-ev.de/js/turbolinks.js"
    },
    {
      "headers": null,
      "referrer": null,
      "method": null,
      "url": "https://www.noname-ev.de/img/bg.png"
    },
    {
      "headers": null,
      "referrer": null,
      "method": null,
      "url": "https://www.noname-ev.de/img/noname.svg"
    },
    {
      "headers": null,
      "referrer": null,
      "method": null,
      "url": "https://www.noname-ev.de/css/fonts/Lato-Regular.woff2"
    }
  ],
  "web_ciphers": {},
  "a_records": [
    "79.140.42.102"
  ],
  "mx_a_records": [
    [
      23,
      [
        "79.140.42.102"
      ]
    ]
  ],
  "leaks": [],
  "web_has_ssl": true,
  "web_has_hsts_header_sufficient_time": true,
  "final_url": "https://www.noname-ev.de/",
  "a_locations": [
    "Germany"
  ],
  "third_party_requests_count": 0,
  "mx_records": [
    [
      23,
      "eris.noname-ev.de"
    ]
  ],
  "headerchecks": {
    "x-xss-protection": {
      "value": "",
      "status": "MISSING"
    },
    "x-frame-options": {
      "value": "",
      "status": "MISSING"
    },
    "referrer-policy": {
      "value": "",
      "status": "MISSING"
    },
    "x-content-type-options": {
      "value": "nosniff",
      "status": "OK"
    },
    "content-security-policy": {
      "value": "default-src 'self'; script-src 'self' 'unsafe-inline' https://www.google.com/ https://noname-drink.appspot.com/stats; style-src 'self' 'unsafe-inline' https://www.google.com/ https://ajax.googleapis.com/; img-src 'self' data: https://*.tile.openstreetmap.org http://*.tile.openstreetmap.de; frame-src 'self' https://pizza.noname-ev.de",
      "status": "INFO"
    }
  },
  "mx_has_protocol_tls1_2": true,
  "web_has_hsts_header": true,
  "final_https_url": "https://www.noname-ev.de/",
  "web_cert_trusted_reason": "",
  "https": true,
  "mx_has_ssl": true,
  "third_parties": [],
  "profilecookies": [],
  "mx_has_protocol_tls1_1": true,
  "responses": null,
  "google_analytics_present": false,
  "mx_cert_trusted_reason": "Issuer: not trusted anymore (WoSign/StartCom)",
  "flashcookies_count": null,
  "mx_has_protocol_sslv3": false,
  "a_records_reverse": [
    [
      "eris.noname-ev.de"
    ]
  ],
  "web_pfs": true,
  "third_parties_count": 0,
  "final_url_is_https": true,
  "mx_ssl_finished": true,
  "web_ssl_finished": true,
  "web_vulnerabilities": {
    "beast": {
      "finding": "BEAST: VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2",
      "cve": "CVE-2011-3389",
      "severity": "LOW"
    },
    "breach": {
      "finding": "BREACH: potentially VULNERABLE, uses gzip HTTP compression.  - only supplied '/' tested ( Can be ignored for static pages or if no secrets in the page)",
      "cve": "CVE-2013-3587",
      "severity": "HIGH"
    },
    "cbc_tls1": {
      "finding": "BEAST: CBC ciphers for TLS1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA",
      "cve": "CVE-2011-3389",
      "severity": "MEDIUM"
    },
    "lucky13": {
      "finding": "potentially vulnerable to LUCKY13, uses cipher block chaining (CBC) ciphers with TLS. Check patches",
      "cve": "CVE-2013-0169",
      "severity": "LOW"
    }
  },
  "web_has_protocol_tls1": true,
  "mx_pfs": true,
  "mx_has_protocol_tls1": true,
  "cookies_count": 0,
  "flashcookies": [],
  "web_cert_trusted": true,
  "web_has_protocol_tls1_2": true,
  "cookie_stats": {
    "third_party_short": 0,
    "third_party_flash": 0,
    "third_party_track_uniq": 0,
    "third_party_track": 0,
    "first_party_long": 0,
    "third_party_long": 0,
    "third_party_track_domains": [],
    "first_party_flash": 0,
    "first_party_short": 0
  },
  "mixed_content": false,
  "web_has_hsts_preload_header": true,
  "openwpm_final_url": "https://www.noname-ev.de/",
  "success": true,
  "mx_vulnerabilities": {
    "beast": {
      "finding": "BEAST: VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2",
      "cve": "CVE-2011-3389",
      "severity": "LOW"
    },
    "cbc_tls1": {
      "finding": "BEAST: CBC ciphers for TLS1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA AECDH-AES256-SHA ADH-AES256-SHA ADH-CAMELLIA256-SHA AES256-SHA CAMELLIA256-SHA ECDHE-RSA-AES128-SHA DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA DHE-RSA-CAMELLIA128-SHA AECDH-AES128-SHA ADH-AES128-SHA ADH-SEED-SHA ADH-CAMELLIA128-SHA AES128-SHA SEED-SHA CAMELLIA128-SHA",
      "cve": "CVE-2011-3389",
      "severity": "MEDIUM"
    },
    "LOGJAM_common primes": {
      "finding": "common prime 'Postfix' detected",
      "cve": "CVE-2015-4000",
      "severity": "LOW"
    },
    "sec_client_renego": {
      "finding": "Secure Client-Initiated Renegotiation : VULNERABLE, potential DoS threat",
      "cve": "CVE-2009-3555",
      "severity": "MEDIUM"
    },
    "lucky13": {
      "finding": "potentially vulnerable to LUCKY13, uses cipher block chaining (CBC) ciphers with TLS. Check patches",
      "cve": "CVE-2013-0169",
      "severity": "LOW"
    }
  },
  "web_has_protocol_sslv3": false,
  "tracker_requests": [],
  "initial_url": "http://www.noname-ev.de/",
  "mx_ciphers": {
    "std_aNULL": {
      "finding": "Anonymous NULL Ciphers (no authentication) offered - ugly",
      "severity": "CRITICAL"
    },
    "std_128Bit": {
      "finding": "Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) offered - bad",
      "severity": "HIGH"
    }
  },
  "web_has_hsts_preload": true,
  "mx_cert_trusted": false,
  "redirected_to_https": true,
  "web_has_hpkp_header": false,
  "web_has_protocol_tls1_1": true,
  "mx_has_protocol_tls1_3": true,
  "mx_a_records_reverse": [
    [
      23,
      [
        [
          "eris.noname-ev.de"
        ]
      ]
    ]
  ],
  "cname_records": []
}