JSON result object for "http://www.apotheke-osterburg.de/"

Note: This is not a stable API during the beta. Providing highlighted JSON instead of raw JSON data is therefore intentional. 

{
  "web_ciphers": {
    "std_128Bit": {
      "severity": "HIGH",
      "finding": "Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) offered - bad"
    },
    "std_EXPORT": {
      "severity": "CRITICAL",
      "finding": "Export ciphers (w/o ADH+NULL)              offered - ugly"
    },
    "std_3DES": {
      "severity": "MEDIUM",
      "finding": "Triple DES Ciphers (Medium)                offered - not too bad"
    },
    "std_DES+64Bit": {
      "severity": "CRITICAL",
      "finding": "LOW: 64 Bit + DES encryption (w/o export)  offered - ugly"
    }
  },
  "web_has_hsts_preload": false,
  "mx_has_protocol_tls1_3": false,
  "mx_a_records_reverse": [
    [
      10,
      [
        [
          "edv-hafen.de"
        ]
      ]
    ]
  ],
  "openwpm_final_url": "http://www.apotheke-osterburg.de/",
  "mx_cert_trusted_reason": "certificate does not match supplied URIAll certificate trust checks failed: (self signed).",
  "headerchecks": {
    "referrer-policy": {
      "status": "MISSING",
      "value": ""
    },
    "x-frame-options": {
      "status": "MISSING",
      "value": ""
    },
    "x-content-type-options": {
      "status": "MISSING",
      "value": ""
    },
    "x-xss-protection": {
      "status": "MISSING",
      "value": ""
    },
    "content-security-policy": {
      "status": "MISSING",
      "value": ""
    }
  },
  "web_has_hsts_preload_header": false,
  "mx_has_ssl": true,
  "mx_has_protocol_tls1_2": true,
  "mx_locations": [
    "Germany"
  ],
  "mixed_content": false,
  "third_party_requests_count": 0,
  "final_url": "http://www.apotheke-osterburg.de/",
  "requests": [
    {
      "referrer": null,
      "headers": null,
      "method": null,
      "url": "http://www.apotheke-osterburg.de/"
    }
  ],
  "mx_cert_trusted": false,
  "a_records": [
    "85.214.158.95"
  ],
  "final_url_is_https": false,
  "cookie_stats": {
    "third_party_track": 0,
    "third_party_long": 0,
    "first_party_short": 0,
    "third_party_flash": 0,
    "third_party_short": 0,
    "first_party_long": 0,
    "third_party_track_domains": [],
    "first_party_flash": 0,
    "third_party_track_uniq": 0
  },
  "redirected_to_https": false,
  "mx_ssl_finished": true,
  "google_analytics_present": false,
  "profilecookies": [],
  "mx_has_protocol_tls1": true,
  "mx_has_protocol_sslv2": true,
  "web_has_protocol_sslv2": true,
  "web_has_protocol_tls1_1": true,
  "cname_records": [],
  "mx_has_protocol_sslv3": true,
  "a_records_reverse": [
    [
      "edv-hafen.de"
    ]
  ],
  "a_locations": [
    "Germany"
  ],
  "web_has_hpkp_header": false,
  "mx_a_records": [
    [
      10,
      [
        "85.214.158.95"
      ]
    ]
  ],
  "https": false,
  "success": true,
  "cookies_count": 0,
  "web_cert_trusted": false,
  "web_has_protocol_sslv3": true,
  "flashcookies_count": null,
  "web_cert_trusted_reason": "certificate does not match supplied URI (same w/o SNI)All certificate trust checks failed: (self signed).",
  "web_has_protocol_tls1_2": true,
  "web_vulnerabilities": {
    "beast": {
      "cve": "CVE-2011-3389",
      "severity": "LOW",
      "finding": "BEAST: VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2"
    },
    "lucky13": {
      "cve": "CVE-2013-0169",
      "severity": "LOW",
      "finding": "potentially vulnerable to LUCKY13, uses cipher block chaining (CBC) ciphers with TLS. Check patches"
    },
    "freak": {
      "cve": "CVE-2015-0204",
      "severity": "CRITICAL",
      "finding": "FREAK: VULNERABLE, uses EXPORT RSA ciphers"
    },
    "drown": {
      "cve": "CVE-2016-0800, CVE-2016-0703",
      "severity": "HIGH",
      "finding": "SSLv2 offered, but could not detect a cipher (CVE-2015-3197. Make sure you don't use this certificate elsewhere, see https://censys.io/ipv4?q=55BE8CCC111FBC871825F921B6AFD8232A398770204CA4A272681388759FAC0D"
    },
    "cbc_ssl3": {
      "cve": "CVE-2011-3389",
      "severity": "MEDIUM",
      "finding": "BEAST: CBC ciphers for SSL3: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA AES256-SHA CAMELLIA256-SHA ECDHE-RSA-AES128-SHA DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA DHE-RSA-CAMELLIA128-SHA AES128-SHA SEED-SHA CAMELLIA128-SHA ECDHE-RSA-DES-CBC3-SHA EDH-RSA-DES-CBC3-SHA DES-CBC3-SHA EDH-RSA-DES-CBC-SHA DES-CBC-SHA EXP-EDH-RSA-DES-CBC-SHA EXP-DES-CBC-SHA EXP-RC2-CBC-MD5"
    },
    "rc4": {
      "cve": "CVE-2013-2566, CVE-2015-2808",
      "severity": "HIGH",
      "finding": "RC4: VULNERABLE, Detected ciphers: ECDHE-RSA-RC4-SHA RC4-SHA RC4-MD5 EXP-RC4-MD5"
    },
    "sweet32": {
      "cve": "CVE-2016-2183, CVE-2016-6329",
      "severity": "LOW",
      "finding": "SWEET32, uses 64 bit block ciphers"
    },
    "logjam": {
      "cve": "CVE-2015-4000",
      "severity": "HIGH",
      "finding": "LOGJAM: VULNERABLE, uses DH EXPORT ciphers"
    },
    "LOGJAM_common primes": {
      "cve": "CVE-2015-4000",
      "severity": "HIGH",
      "finding": "common prime 'mod_ssl 2.2.x/1024-bit MODP group with safe prime modulus' detected"
    },
    "cbc_tls1": {
      "cve": "CVE-2011-3389",
      "severity": "MEDIUM",
      "finding": "BEAST: CBC ciphers for TLS1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA AES256-SHA CAMELLIA256-SHA ECDHE-RSA-AES128-SHA DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA DHE-RSA-CAMELLIA128-SHA AES128-SHA SEED-SHA CAMELLIA128-SHA ECDHE-RSA-DES-CBC3-SHA EDH-RSA-DES-CBC3-SHA DES-CBC3-SHA EDH-RSA-DES-CBC-SHA DES-CBC-SHA EXP-EDH-RSA-DES-CBC-SHA EXP-DES-CBC-SHA EXP-RC2-CBC-MD5"
    },
    "poodle_ssl": {
      "cve": "CVE-2014-3566",
      "severity": "HIGH",
      "finding": "POODLE, SSL: VULNERABLE, uses SSLv3+CBC"
    }
  },
  "leaks": [],
  "reachable": true,
  "web_has_protocol_tls1": true,
  "mx_has_protocol_tls1_1": true,
  "same_content_via_https": true,
  "mx_ciphers": {
    "std_128Bit": {
      "severity": "HIGH",
      "finding": "Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) offered - bad"
    },
    "std_aNULL": {
      "severity": "CRITICAL",
      "finding": "Anonymous NULL Ciphers (no authentication) offered - ugly"
    },
    "std_3DES": {
      "severity": "MEDIUM",
      "finding": "Triple DES Ciphers (Medium)                offered - not too bad"
    },
    "std_EXPORT": {
      "severity": "CRITICAL",
      "finding": "Export ciphers (w/o ADH+NULL)              offered - ugly"
    },
    "std_DES+64Bit": {
      "severity": "CRITICAL",
      "finding": "LOW: 64 Bit + DES encryption (w/o export)  offered - ugly"
    }
  },
  "tracker_requests": [],
  "flashcookies": [],
  "mx_pfs": true,
  "third_parties": [],
  "web_has_protocol_tls1_3": false,
  "third_parties_count": 0,
  "web_pfs": true,
  "web_ssl_finished": true,
  "web_has_hsts_header": false,
  "mx_records": [
    [
      10,
      "mail.apotheke-osterburg.de"
    ]
  ],
  "web_has_ssl": true,
  "initial_url": "http://www.apotheke-osterburg.de/",
  "mx_vulnerabilities": {
    "cbc_ssl3": {
      "cve": "CVE-2011-3389",
      "severity": "MEDIUM",
      "finding": "BEAST: CBC ciphers for SSL3: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA AECDH-AES256-SHA ADH-AES256-SHA ADH-CAMELLIA256-SHA AES256-SHA CAMELLIA256-SHA ECDHE-RSA-AES128-SHA DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA DHE-RSA-CAMELLIA128-SHA AECDH-AES128-SHA ADH-AES128-SHA ADH-SEED-SHA ADH-CAMELLIA128-SHA AES128-SHA SEED-SHA CAMELLIA128-SHA ECDHE-RSA-DES-CBC3-SHA EDH-RSA-DES-CBC3-SHA AECDH-DES-CBC3-SHA ADH-DES-CBC3-SHA DES-CBC3-SHA EDH-RSA-DES-CBC-SHA ADH-DES-CBC-SHA DES-CBC-SHA EXP-EDH-RSA-DES-CBC-SHA EXP-ADH-DES-CBC-SHA EXP-DES-CBC-SHA EXP-RC2-CBC-MD5"
    },
    "drown": {
      "cve": "CVE-2016-0800, CVE-2016-0703",
      "severity": "CRITICAL",
      "finding": "VULNERABLE, SSLv2 offered with 6 ciphers. Make sure you don't use this certificate elsewhere, see https://censys.io/ipv4?q=55BE8CCC111FBC871825F921B6AFD8232A398770204CA4A272681388759FAC0D"
    },
    "lucky13": {
      "cve": "CVE-2013-0169",
      "severity": "LOW",
      "finding": "potentially vulnerable to LUCKY13, uses cipher block chaining (CBC) ciphers with TLS. Check patches"
    },
    "sweet32": {
      "cve": "CVE-2016-2183, CVE-2016-6329",
      "severity": "LOW",
      "finding": "SWEET32, uses 64 bit block ciphers"
    },
    "logjam": {
      "cve": "CVE-2015-4000",
      "severity": "HIGH",
      "finding": "LOGJAM: VULNERABLE, uses DH EXPORT ciphers"
    },
    "beast": {
      "cve": "CVE-2011-3389",
      "severity": "LOW",
      "finding": "BEAST: VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2"
    },
    "rc4": {
      "cve": "CVE-2013-2566, CVE-2015-2808",
      "severity": "HIGH",
      "finding": "RC4: VULNERABLE, Detected ciphers: ECDHE-RSA-RC4-SHA AECDH-RC4-SHA ADH-RC4-MD5 RC4-SHA RC4-MD5 RC4-MD5 EXP-ADH-RC4-MD5 EXP-RC4-MD5 EXP-RC4-MD5"
    },
    "freak": {
      "cve": "CVE-2015-0204",
      "severity": "CRITICAL",
      "finding": "FREAK: VULNERABLE, uses EXPORT RSA ciphers"
    },
    "cbc_tls1": {
      "cve": "CVE-2011-3389",
      "severity": "MEDIUM",
      "finding": "BEAST: CBC ciphers for TLS1: ECDHE-RSA-AES256-SHA DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA AECDH-AES256-SHA ADH-AES256-SHA ADH-CAMELLIA256-SHA AES256-SHA CAMELLIA256-SHA ECDHE-RSA-AES128-SHA DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA DHE-RSA-CAMELLIA128-SHA AECDH-AES128-SHA ADH-AES128-SHA ADH-SEED-SHA ADH-CAMELLIA128-SHA AES128-SHA SEED-SHA CAMELLIA128-SHA ECDHE-RSA-DES-CBC3-SHA EDH-RSA-DES-CBC3-SHA AECDH-DES-CBC3-SHA ADH-DES-CBC3-SHA DES-CBC3-SHA EDH-RSA-DES-CBC-SHA ADH-DES-CBC-SHA DES-CBC-SHA EXP-EDH-RSA-DES-CBC-SHA EXP-ADH-DES-CBC-SHA EXP-DES-CBC-SHA EXP-RC2-CBC-MD5"
    },
    "sec_client_renego": {
      "cve": "CVE-2009-3555",
      "severity": "MEDIUM",
      "finding": "Secure Client-Initiated Renegotiation : VULNERABLE, potential DoS threat"
    },
    "LOGJAM_common primes": {
      "cve": "CVE-2015-4000",
      "severity": "HIGH",
      "finding": "common prime 'Postfix' detected"
    },
    "poodle_ssl": {
      "cve": "CVE-2014-3566",
      "severity": "HIGH",
      "finding": "POODLE, SSL: VULNERABLE, uses SSLv3+CBC"
    }
  },
  "responses": null,
  "requests_count": 1,
  "final_https_url": "https://www.apotheke-osterburg.de/"
}
All times are shown in UTC (GMT+0).

About

PrivacyScore is a website scanning tool that allows anyone to benchmark security and privacy features of websites. Rankings are public and can be configured to one's preferences. PrivacyScore helps users, activists, and data protection authorities.

Feedback

We are curious to receive your feedback. Please do not hesitate to contact us if you observe any errors. Site owners can request to exclude their sites from future scans.

Beta Status

PrivacyScore is currently in public beta. While we're giving our very best, we currently cannot guarantee the accuracy of the displayed results and rankings.
 

Privacy Policy · Imprint / Impressum