IM Observatory server report for timeweb.ru

Test started 2018-03-05 17:30:10 UTC .

Show client to server result | Permalink to this report | Retest

xmpp-server1.timeweb.ru:5269
Certificate is not trusted, grade capped to F. Ignoring trust: C.
Server does not support TLS 1.2. Grade capped to C.
Server supports SSL 3. Grade capped to B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
xmpp-server2.timeweb.ru:5269
Certificate is not trusted, grade capped to F. Ignoring trust: C.
Server does not support TLS 1.2. Grade capped to C.
Server supports SSL 3. Grade capped to B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.

Show all 2 SRV targets

xmpp-server1.timeweb.ru:5269
StartTLS
ALLOWED

xmpp-server2.timeweb.ru:5269
StartTLS
ALLOWED

Show all 2 SRV targets

SRV records _xmpp-server._tcp.timeweb.ru NO DNSSEC

Priority Weight Port Server
10 0 5269 xmpp-server1.timeweb.ru
20 0 5269 xmpp-server2.timeweb.ru

TLSA records

Show all 2 SRV targets

Certificates

Subject
commonName
*.timeweb.ru
countryName
RU
localityName
Saint-Petersburg
organizationalUnitName
TimeWeb Head Team
organizationName
TimeWeb Company Limited
stateOrProvinceName
Saint-Petersburg
Details
Error: certificate has expired.
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2015-12-24 00:00:00 UTC
Valid to
2017-02-21 23:59:59 UTC
CRL
http://tj.symcb.com/tj.crl
OCSP
http://tj.symcd.com
Valid for timeweb.ru
YES
9F:BC:AA:A8:19:C2:26:C4:C1:96:1A:12:B7:0B:13:49:B4:D2:84:A8
Subject Alternative Names
DNSName
*.timeweb.ru
DNSName
timeweb.ru Matches
Subject
commonName
thawte SSL CA - G2
countryName
US
organizationName
thawte, Inc.
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2013-10-31 00:00:00 UTC
Valid to
2023-10-30 23:59:59 UTC
CRL
http://t1.symcb.com/ThawtePCA.crl
OCSP
http://t2.symcb.com
2E:A7:1C:36:7D:17:8C:84:3F:D2:1D:B4:FD:B6:30:BA:54:A2:0D:C5
Subject
commonName
thawte Primary Root CA
countryName
US
organizationalUnitName
(c) 2006 thawte, Inc. - For authorized use only
organizationalUnitName
Certification Services Division
organizationName
thawte, Inc.
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-11-17 00:00:00 UTC
Valid to
2020-12-30 23:59:59 UTC
CRL
http://crl.thawte.com/ThawtePremiumServerCA.crl
1F:A4:90:D1:D4:95:79:42:CD:23:54:5F:6E:82:3D:00:00:79:6E:A2
Subject
commonName
thawte Primary Root CA
countryName
US
organizationalUnitName
(c) 2006 thawte, Inc. - For authorized use only
organizationalUnitName
Certification Services Division
organizationName
thawte, Inc.
Details
Warning: Certificate is unused.
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-11-17 00:00:00 UTC
Valid to
2036-07-16 23:59:59 UTC
91:C6:D6:EE:3E:8A:C8:63:84:E5:48:C2:99:29:5C:75:6C:81:7B:81

Protocols

SSLv2 No
SSLv3 Yes
TLSv1 Yes
TLSv1.1 No
TLSv1.2 No

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: Java sun.security.provider default 768-bit prime
Bitsize: 768
RC4-MD5 (0x10080) 128 No -
AES128-SHA (0x2f) 128 No -
RC4-SHA (0x5) 128 No -
EDH-RSA-DES-CBC3-SHA (0x16) WEAK 112 Yes Diffie-Hellman:
Group: Java sun.security.provider default 768-bit prime
Bitsize: 768
DES-CBC3-SHA (0xa) WEAK 112 No -
EDH-RSA-DES-CBC-SHA (0x15) VERY WEAK 56 Yes Diffie-Hellman:
Group: Java sun.security.provider default 768-bit prime
Bitsize: 768
DES-CBC-SHA (0x9) VERY WEAK 56 No -
EXP-EDH-RSA-DES-CBC-SHA (0x14) VERY WEAK 40 Yes Diffie-Hellman:
Group: Java sun.security.provider default 512-bit prime
Bitsize: 512
EXP-RC4-MD5 (0x20080) VERY WEAK 40 No -
EXP-DES-CBC-SHA (0x8) VERY WEAK 40 No -

Certificates

Subject
commonName
*.timeweb.ru
countryName
RU
localityName
Saint-Petersburg
organizationalUnitName
TimeWeb Head Team
organizationName
TimeWeb Company Limited
stateOrProvinceName
Saint-Petersburg
Details
Error: certificate has expired.
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2015-12-24 00:00:00 UTC
Valid to
2017-02-21 23:59:59 UTC
CRL
http://tj.symcb.com/tj.crl
OCSP
http://tj.symcd.com
9F:BC:AA:A8:19:C2:26:C4:C1:96:1A:12:B7:0B:13:49:B4:D2:84:A8
Subject Alternative Names
DNSName
*.timeweb.ru
DNSName
timeweb.ru
Subject
commonName
thawte SSL CA - G2
countryName
US
organizationName
thawte, Inc.
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2013-10-31 00:00:00 UTC
Valid to
2023-10-30 23:59:59 UTC
CRL
http://t1.symcb.com/ThawtePCA.crl
OCSP
http://t2.symcb.com
2E:A7:1C:36:7D:17:8C:84:3F:D2:1D:B4:FD:B6:30:BA:54:A2:0D:C5
Subject
commonName
thawte Primary Root CA
countryName
US
organizationalUnitName
(c) 2006 thawte, Inc. - For authorized use only
organizationalUnitName
Certification Services Division
organizationName
thawte, Inc.
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-11-17 00:00:00 UTC
Valid to
2020-12-30 23:59:59 UTC
CRL
http://crl.thawte.com/ThawtePremiumServerCA.crl
1F:A4:90:D1:D4:95:79:42:CD:23:54:5F:6E:82:3D:00:00:79:6E:A2
Subject
commonName
thawte Primary Root CA
countryName
US
organizationalUnitName
(c) 2006 thawte, Inc. - For authorized use only
organizationalUnitName
Certification Services Division
organizationName
thawte, Inc.
Details
Warning: Certificate is unused.
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-11-17 00:00:00 UTC
Valid to
2036-07-16 23:59:59 UTC
91:C6:D6:EE:3E:8A:C8:63:84:E5:48:C2:99:29:5C:75:6C:81:7B:81

Protocols

SSLv2 No
SSLv3 Yes
TLSv1 Yes
TLSv1.1 No
TLSv1.2 No

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: Java sun.security.provider default 768-bit prime
Bitsize: 768
RC4-MD5 (0x10080) 128 No -
AES128-SHA (0x2f) 128 No -
RC4-SHA (0x5) 128 No -
EDH-RSA-DES-CBC3-SHA (0x16) WEAK 112 Yes Diffie-Hellman:
Group: Java sun.security.provider default 768-bit prime
Bitsize: 768
DES-CBC3-SHA (0xa) WEAK 112 No -
EDH-RSA-DES-CBC-SHA (0x15) VERY WEAK 56 Yes Diffie-Hellman:
Group: Java sun.security.provider default 768-bit prime
Bitsize: 768
DES-CBC-SHA (0x9) VERY WEAK 56 No -
EXP-EDH-RSA-DES-CBC-SHA (0x14) VERY WEAK 40 Yes Diffie-Hellman:
Group: Java sun.security.provider default 512-bit prime
Bitsize: 512
EXP-RC4-MD5 (0x20080) VERY WEAK 40 No -
EXP-DES-CBC-SHA (0x8) VERY WEAK 40 No -

Show all 2 SRV targets

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=timeweb.ru&amp;type=server'><img src='https://xmpp.net/badge.php?domain=timeweb.ru' alt='xmpp.net score' /></a>