RubyGems - yawast - Versions diffs - 0.7.0.beta1 → 0.7.0.beta2 - Mend

yawast 0.7.0.beta1 → 0.7.0.beta2

Files changed (50) hide show

checksums.yaml +4 -4
data/.rubocop.yml +12 -0
data/CHANGELOG.md +5 -1
data/Gemfile +2 -2
data/README.md +8 -1
data/Rakefile +1 -1
data/bin/yawast +8 -0
data/lib/commands/cms.rb +2 -0
data/lib/commands/dns.rb +3 -3
data/lib/commands/head.rb +2 -0
data/lib/commands/scan.rb +2 -0
data/lib/commands/ssl.rb +2 -0
data/lib/commands/utils.rb +5 -3
data/lib/scanner/core.rb +34 -26
data/lib/scanner/generic.rb +33 -130
data/lib/scanner/plugins/applications/cms/generic.rb +20 -0
data/lib/scanner/plugins/applications/generic/password_reset.rb +180 -0
data/lib/scanner/plugins/dns/caa.rb +30 -12
data/lib/scanner/plugins/dns/generic.rb +38 -1
data/lib/scanner/plugins/http/directory_search.rb +14 -12
data/lib/scanner/plugins/http/file_presence.rb +21 -13
data/lib/scanner/plugins/http/generic.rb +95 -0
data/lib/scanner/plugins/servers/apache.rb +23 -23
data/lib/scanner/plugins/servers/generic.rb +25 -0
data/lib/scanner/plugins/servers/iis.rb +6 -6
data/lib/scanner/plugins/servers/nginx.rb +3 -1
data/lib/scanner/plugins/servers/python.rb +3 -1
data/lib/scanner/plugins/spider/spider.rb +7 -7
data/lib/scanner/plugins/ssl/ssl.rb +14 -14
data/lib/scanner/plugins/ssl/ssl_labs/analyze.rb +14 -13
data/lib/scanner/plugins/ssl/ssl_labs/info.rb +6 -4
data/lib/scanner/plugins/ssl/sweet32.rb +68 -63
data/lib/scanner/ssl.rb +33 -36
data/lib/scanner/ssl_labs.rb +373 -110
data/lib/scanner/vuln_scan.rb +27 -0
data/lib/shared/http.rb +31 -27
data/lib/shared/output.rb +7 -15
data/lib/shared/uri.rb +14 -14
data/lib/string_ext.rb +10 -4
data/lib/uri_ext.rb +1 -1
data/lib/util.rb +28 -0
data/lib/version.rb +3 -1
data/lib/yawast.rb +12 -2
data/test/data/ssl_labs_analyze_data_cam_hmhreservations_com.json +1933 -0
data/test/test_scan_cms.rb +2 -2
data/test/test_ssl_labs_analyze.rb +15 -0
data/yawast.gemspec +8 -5
metadata +75 -28
data/lib/scanner/cms.rb +0 -14
data/lib/scanner/php.rb +0 -19

data/lib/scanner/vuln_scan.rb ADDED Viewed

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+module Yawast
+  module Scanner
+    class VulnScan
+      def self.scan(uri, options, head)
+        puts 'Performing vulnerability scan (this will take a while)...'
+        # server specific checks
+        Yawast::Scanner::Plugins::Servers::Apache.check_all(uri)
+        Yawast::Scanner::Plugins::Servers::Iis.check_all(uri, head)
+        # checks for interesting files
+        Yawast::Scanner::Plugins::Http::FilePresence.check_all uri, options.files
+        # generic header checks
+        Yawast::Scanner::Plugins::Http::Generic.check_propfind(uri)
+        Yawast::Scanner::Plugins::Http::Generic.check_options(uri)
+        Yawast::Scanner::Plugins::Http::Generic.check_trace(uri)
+        # check for issues with the password reset form
+        Yawast::Scanner::Plugins::Applications::Generic::PasswordReset.setup
+        Yawast::Scanner::Plugins::Applications::Generic::PasswordReset.check_resp_user_enum
+      end
+    end
+  end
+end

data/lib/shared/http.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'securerandom'
 require 'json'
 require 'oj'
@@ -24,7 +26,7 @@ module Yawast
           req = get_http(uri)
           req.use_ssl = uri.scheme == 'https'
           req.head(uri, get_headers)
-        rescue
+        rescue # rubocop:disable Style/RescueStandardError
           # if we get here, the HEAD failed - but GET may work
           # so we silently fail back to using GET instead
           req = get_http(uri)
@@ -44,17 +46,16 @@ module Yawast
           body = res.read_body
           code = res.code
-          Yawast::Shared::Output.log_json 'debug', 'http_get', uri, Oj.dump(res)
-        rescue
+          Yawast::Shared::Output.log_json 'debug', 'http_get', uri, Oj.dump(res, Oj.default_options)
+        rescue # rubocop:disable Style/RescueStandardError, Lint/HandleExceptions
           # do nothing for now
         end
-        body
-        return {:body => body, :code => code}
+        {body: body, code: code}
       end
       def self.get(uri, headers = nil)
-        return get_with_code(uri, headers)[:body]
+        get_with_code(uri, headers)[:body]
       end
       def self.get_json(uri)
@@ -63,9 +64,9 @@ module Yawast
         begin
           req = get_http(uri)
           req.use_ssl = uri.scheme == 'https'
-          res = req.request_get(uri, 'User-Agent' => "YAWAST/#{Yawast::VERSION}")
+          res = req.request_get(uri, {'User-Agent' => "YAWAST/#{Yawast::VERSION}"})
           body = res.read_body
-        rescue
+        rescue # rubocop:disable Style/RescueStandardError, Lint/HandleExceptions
           # do nothing for now
         end
@@ -73,15 +74,18 @@ module Yawast
       end
       def self.put(uri, body, headers = nil)
+        ret = nil
         begin
           req = get_http(uri)
           req.use_ssl = uri.scheme == 'https'
           res = req.request_put(uri, body, get_headers(headers))
-        rescue
+          ret = res.read_body
+        rescue # rubocop:disable Style/RescueStandardError, Lint/HandleExceptions
           # do nothing for now
         end
-        res.read_body
+        ret
       end
       def self.get_status_code(uri)
@@ -89,17 +93,17 @@ module Yawast
         req.use_ssl = uri.scheme == 'https'
         res = req.head(uri, get_headers)
-        Yawast::Shared::Output.log_json 'debug', 'http_get_status_code', uri, Oj.dump(res)
+        Yawast::Shared::Output.log_json 'debug', 'http_get_status_code', uri, Oj.dump(res, Oj.default_options)
         res.code
       end
       def self.get_http(uri)
-        if @proxy
-          req = Net::HTTP.new(uri.host, uri.port, @proxy_host, @proxy_port)
-        else
-          req = Net::HTTP.new(uri.host, uri.port)
-        end
+        req = if @proxy
+                Net::HTTP.new(uri.host, uri.port, @proxy_host, @proxy_port)
+              else
+                Net::HTTP.new(uri.host, uri.port)
+              end
         req
       end
@@ -107,27 +111,27 @@ module Yawast
       def self.check_not_found(uri, file)
         fake_uri = uri.copy
-        if file
-          fake_uri.path = "/#{SecureRandom.hex}.html"
-        else
-          fake_uri.path = "/#{SecureRandom.hex}/"
-        end
+        fake_uri.path = if file
+                          "/#{SecureRandom.hex}.html"
+                        else
+                          "/#{SecureRandom.hex}/"
+                        end
         if Yawast::Shared::Http.get_status_code(fake_uri) != '404'
           # crazy 404 handling
           return false
         end
-        return true
+        true
       end
       # noinspection RubyStringKeysInHashInspection
       def self.get_headers(extra_headers = nil)
-        if @cookie == nil
-          headers = { 'User-Agent' => HTTP_UA }
-        else
-          headers = { 'User-Agent' => HTTP_UA, 'Cookie' => @cookie }
-        end
+        headers = if @cookie.nil?
+                    {'User-Agent' => HTTP_UA}
+                  else
+                    {'User-Agent' => HTTP_UA, 'Cookie' => @cookie}
+                  end
         headers.merge! extra_headers unless extra_headers.nil?

data/lib/shared/output.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 require 'json'
 require 'base64'
@@ -22,9 +24,7 @@ module Yawast
         else
           # this means that it's a file, or doesn't exist
           # so, let's see if it exists, if so, warn
-          if File.exist? @file
-            puts 'WARNING: Output file already exists; it will be replaced.'
-          end
+          puts 'WARNING: Output file already exists; it will be replaced.' if File.exist? @file
         end
         puts "Saving output to '#{@file}'"
@@ -56,9 +56,7 @@ module Yawast
         target = get_target super_parent, parent
-        if target[key].nil?
-          target[key] = []
-        end
+        target[key] = [] if target[key].nil?
         # add value, after checking if it's already included
         target[key].push encode_utf8(value.to_s) unless target[key].include? encode_utf8(value.to_s)
@@ -98,17 +96,13 @@ module Yawast
         end
         unless super_parent.nil?
-          if target[super_parent].nil?
-            target[super_parent] = {}
-          end
+          target[super_parent] = {} if target[super_parent].nil?
           target = target[super_parent]
         end
         unless parent.nil?
-          if target[parent].nil?
-            target[parent] = {}
-          end
+          target[parent] = {} if target[parent].nil?
           target = target[parent]
         end
@@ -122,9 +116,7 @@ module Yawast
             escape_hash(v)
           else
             if v.is_a?(String)
-              unless v.valid_encoding?
-                hash[k] = Base64.encode64 v
-              end
+              hash[k] = Base64.encode64 v unless v.valid_encoding?
             end
           end
         end

data/lib/shared/uri.rb CHANGED Viewed

@@ -1,39 +1,39 @@
+# frozen_string_literal: true
 require 'ipaddress'
 module Yawast
   module Shared
     class Uri
       def self.extract_uri(url)
-        #this might be buggy - actually, I know it is...
+        # this might be buggy - actually, I know it is...
         url = 'http://' + url unless url.include?('http://') || url.include?('https://')
-        #make sure the path is at least a slash
+        # make sure the path is at least a slash
         uri = URI.parse(url)
         uri.path = '/' if uri.path == ''
-        #this is buggy, but we don't handle files anyhow...
-        #if the path doesn't end in a slash, add one.
-        if uri.path[-1, 1] != '/'
-          uri.path.concat '/'
-        end
+        # this is buggy, but we don't handle files anyhow...
+        # if the path doesn't end in a slash, add one.
+        uri.path.concat '/' if uri.path[-1, 1] != '/'
-        #see if we can resolve the host
+        # see if we can resolve the host
         # we don't really need it, it just serves as validation
         begin
           dns = Resolv::DNS.new
           dns.getaddress(uri.host)
-        rescue => e
+        rescue => e # rubocop:disable Style/RescueStandardError
           if uri.host == 'localhost'
-            #do nothing, in this case, we just don't care.
+            # do nothing, in this case, we just don't care.
           elsif IPAddress.valid? uri.host
-            #in this case the host name is actually a IP, let it go through.
+            # in this case the host name is actually a IP, let it go through.
           else
-            #we've passed all the exceptions, if we are here, it's a problem
-            raise ArgumentError.new("Invalid URL (#{e.message})")
+            # we've passed all the exceptions, if we are here, it's a problem
+            raise ArgumentError, "Invalid URL (#{e.message})"
           end
         end
-        return uri
+        uri
       end
     end
   end

data/lib/string_ext.rb CHANGED Viewed

@@ -1,13 +1,19 @@
+# frozen_string_literal: true
 class String
-  #see if string is numeric
+  # see if string is numeric
   def is_number?
-    true if Float(self) rescue false
+    begin
+      true if Float(self)
+    rescue # rubocop:disable Style/RescueStandardError
+      false
+    end
   end
   def trim
-    trimmed = self.strip
+    trimmed = strip
-    if trimmed == nil
+    if trimmed.nil?
       self
     else
       trimmed

data/lib/uri_ext.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module URI
   def copy
-    URI.parse(self.to_s)
+    URI.parse(to_s)
   end
 end

data/lib/util.rb CHANGED Viewed

@@ -1,4 +1,7 @@
+# frozen_string_literal: true
 require 'colorize'
+require 'diffy'
 module Yawast
   class Utilities
@@ -25,5 +28,30 @@ module Yawast
       puts_msg('[I]'.green, msg)
       Yawast::Shared::Output.log_append_value 'messages', 'info', msg
     end
+    def self.puts_raw(msg = '')
+      puts msg
+      Yawast::Shared::Output.log_append_value 'messages', 'raw', msg if msg != ''
+    end
+    def self.prompt(msg)
+      puts
+      puts msg
+      print '> '
+      val = $stdin.gets.chomp.strip
+      Yawast::Shared::Output.log_append_value 'prompt', msg, val
+      val
+    end
+    def self.indent_text(msg)
+      msg.gsub!(/^/, "\t")
+    end
+    def self.diff_text(txt1, txt2)
+      indent_text(Diffy::Diff.new(txt1, txt2, {context: 1}).to_s(:color))
+    end
   end
 end

data/lib/version.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module Yawast
-  VERSION = '0.7.0.beta1'
+  VERSION = '0.7.0.beta2'
 end

data/lib/yawast.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 # Require all of the Ruby files in the given directory.
 #
 # path - The String relative path from here to the directory.
@@ -39,7 +41,7 @@ module Yawast
     puts ' Copyright (c) 2013-2019 Adam Caudill <adam@adamcaudill.com>'
     puts ' Support & Documentation: https://github.com/adamcaudill/yawast'
     puts " Ruby #{RUBY_VERSION}-p#{RUBY_PATCHLEVEL}; #{OpenSSL::OPENSSL_VERSION} (#{RUBY_PLATFORM})"
-    puts " Started at #{Time.now.strftime("%Y-%m-%d %H:%M:%S %Z")}"
+    puts " Started at #{Time.now.strftime('%Y-%m-%d %H:%M:%S %Z')}"
     begin
       version = Yawast::Shared::Http.get_json(URI('https://rubygems.org/api/v1/versions/yawast/latest.json'))['version']
@@ -48,12 +50,20 @@ module Yawast
         puts " Latest Version: YAWAST v#{version} is the officially supported version, please update.".blue
       end
     rescue
-      #we don't care, this is a best effort check
+      # we don't care, this is a best effort check
     end
     puts ''
   end
+  def self.options
+    @options
+  end
+  def self.options=(opts)
+    @options = opts
+  end
   STDOUT.sync = true
   trap 'SIGINT' do

data/test/data/ssl_labs_analyze_data_cam_hmhreservations_com.json ADDED Viewed

@@ -0,0 +1,1933 @@
+{
+  "host": "cam.hmhreservations.com",
+  "port": 443,
+  "protocol": "http",
+  "isPublic": false,
+  "status": "READY",
+  "startTime": 1552244041842,
+  "testTime": 1552244227179,
+  "engineVersion": "1.32.16",
+  "criteriaVersion": "2009p",
+  "endpoints": [
+    {
+      "ipAddress": "94.142.33.99",
+      "serverName": "ip94-142-33-99.zaindata.jo",
+      "statusMessage": "Ready",
+      "grade": "F",
+      "gradeTrustIgnored": "F",
+      "hasWarnings": false,
+      "isExceptional": false,
+      "progress": 100,
+      "duration": 185061,
+      "delegation": 1,
+      "details": {
+        "hostStartTime": 1552244041842,
+        "certChains": [
+          {
+            "id": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+            "certIds": [
+              "962e0c57fa39e3ce5356d3ec1ccb6a0c2a01a353b5c46aedaaee74bf1fd655bb",
+              "93a07898d89b2cca166ba6f1f8a14138ce43828e491b831926bc8247d391cc72",
+              "9f43d52e808c20aff69e02faac205aac684e6975213d6620fac64bde5fcab4bc"
+            ],
+            "trustPaths": [
+              {
+                "certIds": [
+                  "962e0c57fa39e3ce5356d3ec1ccb6a0c2a01a353b5c46aedaaee74bf1fd655bb",
+                  "93a07898d89b2cca166ba6f1f8a14138ce43828e491b831926bc8247d391cc72",
+                  "2ce1cb0bf9d2f9e102993fbe215152c3b2dd0cabde1c68e5319b839154dbb7f5"
+                ],
+                "trust": [
+                  {
+                    "rootStore": "Mozilla",
+                    "isTrusted": true
+                  }
+                ]
+              },
+              {
+                "certIds": [
+                  "962e0c57fa39e3ce5356d3ec1ccb6a0c2a01a353b5c46aedaaee74bf1fd655bb",
+                  "93a07898d89b2cca166ba6f1f8a14138ce43828e491b831926bc8247d391cc72",
+                  "9f43d52e808c20aff69e02faac205aac684e6975213d6620fac64bde5fcab4bc",
+                  "1465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb658"
+                ],
+                "trust": [
+                  {
+                    "rootStore": "Mozilla",
+                    "isTrusted": true
+                  }
+                ]
+              },
+              {
+                "certIds": [
+                  "962e0c57fa39e3ce5356d3ec1ccb6a0c2a01a353b5c46aedaaee74bf1fd655bb",
+                  "93a07898d89b2cca166ba6f1f8a14138ce43828e491b831926bc8247d391cc72",
+                  "2ce1cb0bf9d2f9e102993fbe215152c3b2dd0cabde1c68e5319b839154dbb7f5"
+                ],
+                "trust": [
+                  {
+                    "rootStore": "Apple",
+                    "isTrusted": true
+                  }
+                ]
+              },
+              {
+                "certIds": [
+                  "962e0c57fa39e3ce5356d3ec1ccb6a0c2a01a353b5c46aedaaee74bf1fd655bb",
+                  "93a07898d89b2cca166ba6f1f8a14138ce43828e491b831926bc8247d391cc72",
+                  "9f43d52e808c20aff69e02faac205aac684e6975213d6620fac64bde5fcab4bc",
+                  "1465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb658"
+                ],
+                "trust": [
+                  {
+                    "rootStore": "Apple",
+                    "isTrusted": true
+                  }
+                ]
+              },
+              {
+                "certIds": [
+                  "962e0c57fa39e3ce5356d3ec1ccb6a0c2a01a353b5c46aedaaee74bf1fd655bb",
+                  "93a07898d89b2cca166ba6f1f8a14138ce43828e491b831926bc8247d391cc72",
+                  "2ce1cb0bf9d2f9e102993fbe215152c3b2dd0cabde1c68e5319b839154dbb7f5"
+                ],
+                "trust": [
+                  {
+                    "rootStore": "Android",
+                    "isTrusted": true
+                  }
+                ]
+              },
+              {
+                "certIds": [
+                  "962e0c57fa39e3ce5356d3ec1ccb6a0c2a01a353b5c46aedaaee74bf1fd655bb",
+                  "93a07898d89b2cca166ba6f1f8a14138ce43828e491b831926bc8247d391cc72",
+                  "9f43d52e808c20aff69e02faac205aac684e6975213d6620fac64bde5fcab4bc",
+                  "1465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb658"
+                ],
+                "trust": [
+                  {
+                    "rootStore": "Android",
+                    "isTrusted": true
+                  }
+                ]
+              },
+              {
+                "certIds": [
+                  "962e0c57fa39e3ce5356d3ec1ccb6a0c2a01a353b5c46aedaaee74bf1fd655bb",
+                  "93a07898d89b2cca166ba6f1f8a14138ce43828e491b831926bc8247d391cc72",
+                  "2ce1cb0bf9d2f9e102993fbe215152c3b2dd0cabde1c68e5319b839154dbb7f5"
+                ],
+                "trust": [
+                  {
+                    "rootStore": "Java",
+                    "isTrusted": true
+                  }
+                ]
+              },
+              {
+                "certIds": [
+                  "962e0c57fa39e3ce5356d3ec1ccb6a0c2a01a353b5c46aedaaee74bf1fd655bb",
+                  "93a07898d89b2cca166ba6f1f8a14138ce43828e491b831926bc8247d391cc72",
+                  "9f43d52e808c20aff69e02faac205aac684e6975213d6620fac64bde5fcab4bc",
+                  "1465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb658"
+                ],
+                "trust": [
+                  {
+                    "rootStore": "Java",
+                    "isTrusted": true
+                  }
+                ]
+              },
+              {
+                "certIds": [
+                  "962e0c57fa39e3ce5356d3ec1ccb6a0c2a01a353b5c46aedaaee74bf1fd655bb",
+                  "93a07898d89b2cca166ba6f1f8a14138ce43828e491b831926bc8247d391cc72",
+                  "2ce1cb0bf9d2f9e102993fbe215152c3b2dd0cabde1c68e5319b839154dbb7f5"
+                ],
+                "trust": [
+                  {
+                    "rootStore": "Windows",
+                    "isTrusted": true
+                  }
+                ]
+              },
+              {
+                "certIds": [
+                  "962e0c57fa39e3ce5356d3ec1ccb6a0c2a01a353b5c46aedaaee74bf1fd655bb",
+                  "93a07898d89b2cca166ba6f1f8a14138ce43828e491b831926bc8247d391cc72",
+                  "9f43d52e808c20aff69e02faac205aac684e6975213d6620fac64bde5fcab4bc",
+                  "1465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb658"
+                ],
+                "trust": [
+                  {
+                    "rootStore": "Windows",
+                    "isTrusted": true
+                  }
+                ]
+              }
+            ],
+            "issues": 0,
+            "noSni": false
+          }
+        ],
+        "protocols": [
+          {
+            "id": 512,
+            "name": "SSL",
+            "version": "2.0",
+            "q": 0
+          },
+          {
+            "id": 768,
+            "name": "SSL",
+            "version": "3.0"
+          },
+          {
+            "id": 769,
+            "name": "TLS",
+            "version": "1.0"
+          },
+          {
+            "id": 771,
+            "name": "TLS",
+            "version": "1.2"
+          }
+        ],
+        "suites": [
+          {
+            "protocol": 512,
+            "list": [
+              {
+                "id": 65664,
+                "name": "SSL_CK_RC4_128_WITH_MD5",
+                "cipherStrength": 128,
+                "q": 0
+              },
+              {
+                "id": 458944,
+                "name": "SSL_CK_DES_192_EDE3_CBC_WITH_MD5",
+                "cipherStrength": 112,
+                "q": 0
+              }
+            ]
+          },
+          {
+            "protocol": 768,
+            "list": [
+              {
+                "id": 10,
+                "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
+                "cipherStrength": 112
+              },
+              {
+                "id": 5,
+                "name": "TLS_RSA_WITH_RC4_128_SHA",
+                "cipherStrength": 128,
+                "q": 0
+              },
+              {
+                "id": 4,
+                "name": "TLS_RSA_WITH_RC4_128_MD5",
+                "cipherStrength": 128,
+                "q": 0
+              }
+            ],
+            "preference": true
+          },
+          {
+            "protocol": 769,
+            "list": [
+              {
+                "id": 49172,
+                "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+                "cipherStrength": 256,
+                "kxType": "ECDH",
+                "kxStrength": 3072,
+                "namedGroupBits": 256,
+                "namedGroupId": 23,
+                "namedGroupName": "secp256r1"
+              },
+              {
+                "id": 49171,
+                "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+                "cipherStrength": 128,
+                "kxType": "ECDH",
+                "kxStrength": 3072,
+                "namedGroupBits": 256,
+                "namedGroupId": 23,
+                "namedGroupName": "secp256r1"
+              },
+              {
+                "id": 57,
+                "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
+                "cipherStrength": 256,
+                "kxType": "DH",
+                "kxStrength": 1024,
+                "dhBits": 128,
+                "dhP": 128,
+                "dhG": 128,
+                "dhYs": 128
+              },
+              {
+                "id": 51,
+                "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+                "cipherStrength": 128,
+                "kxType": "DH",
+                "kxStrength": 1024,
+                "dhBits": 128,
+                "dhP": 128,
+                "dhG": 128,
+                "dhYs": 128
+              },
+              {
+                "id": 53,
+                "name": "TLS_RSA_WITH_AES_256_CBC_SHA",
+                "cipherStrength": 256
+              },
+              {
+                "id": 47,
+                "name": "TLS_RSA_WITH_AES_128_CBC_SHA",
+                "cipherStrength": 128
+              },
+              {
+                "id": 10,
+                "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
+                "cipherStrength": 112
+              },
+              {
+                "id": 5,
+                "name": "TLS_RSA_WITH_RC4_128_SHA",
+                "cipherStrength": 128,
+                "q": 0
+              },
+              {
+                "id": 4,
+                "name": "TLS_RSA_WITH_RC4_128_MD5",
+                "cipherStrength": 128,
+                "q": 0
+              }
+            ],
+            "preference": true
+          },
+          {
+            "protocol": 771,
+            "list": [
+              {
+                "id": 49192,
+                "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+                "cipherStrength": 256,
+                "kxType": "ECDH",
+                "kxStrength": 3072,
+                "namedGroupBits": 256,
+                "namedGroupId": 23,
+                "namedGroupName": "secp256r1"
+              },
+              {
+                "id": 49191,
+                "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+                "cipherStrength": 128,
+                "kxType": "ECDH",
+                "kxStrength": 3072,
+                "namedGroupBits": 256,
+                "namedGroupId": 23,
+                "namedGroupName": "secp256r1"
+              },
+              {
+                "id": 49172,
+                "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+                "cipherStrength": 256,
+                "kxType": "ECDH",
+                "kxStrength": 3072,
+                "namedGroupBits": 256,
+                "namedGroupId": 23,
+                "namedGroupName": "secp256r1"
+              },
+              {
+                "id": 49171,
+                "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+                "cipherStrength": 128,
+                "kxType": "ECDH",
+                "kxStrength": 3072,
+                "namedGroupBits": 256,
+                "namedGroupId": 23,
+                "namedGroupName": "secp256r1"
+              },
+              {
+                "id": 159,
+                "name": "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
+                "cipherStrength": 256,
+                "kxType": "DH",
+                "kxStrength": 1024,
+                "dhBits": 128,
+                "dhP": 128,
+                "dhG": 128,
+                "dhYs": 128
+              },
+              {
+                "id": 158,
+                "name": "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
+                "cipherStrength": 128,
+                "kxType": "DH",
+                "kxStrength": 1024,
+                "dhBits": 128,
+                "dhP": 128,
+                "dhG": 128,
+                "dhYs": 128
+              },
+              {
+                "id": 57,
+                "name": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
+                "cipherStrength": 256,
+                "kxType": "DH",
+                "kxStrength": 1024,
+                "dhBits": 128,
+                "dhP": 128,
+                "dhG": 128,
+                "dhYs": 128
+              },
+              {
+                "id": 51,
+                "name": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+                "cipherStrength": 128,
+                "kxType": "DH",
+                "kxStrength": 1024,
+                "dhBits": 128,
+                "dhP": 128,
+                "dhG": 128,
+                "dhYs": 128
+              },
+              {
+                "id": 157,
+                "name": "TLS_RSA_WITH_AES_256_GCM_SHA384",
+                "cipherStrength": 256
+              },
+              {
+                "id": 156,
+                "name": "TLS_RSA_WITH_AES_128_GCM_SHA256",
+                "cipherStrength": 128
+              },
+              {
+                "id": 61,
+                "name": "TLS_RSA_WITH_AES_256_CBC_SHA256",
+                "cipherStrength": 256
+              },
+              {
+                "id": 60,
+                "name": "TLS_RSA_WITH_AES_128_CBC_SHA256",
+                "cipherStrength": 128
+              },
+              {
+                "id": 53,
+                "name": "TLS_RSA_WITH_AES_256_CBC_SHA",
+                "cipherStrength": 256
+              },
+              {
+                "id": 47,
+                "name": "TLS_RSA_WITH_AES_128_CBC_SHA",
+                "cipherStrength": 128
+              },
+              {
+                "id": 10,
+                "name": "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
+                "cipherStrength": 112
+              },
+              {
+                "id": 5,
+                "name": "TLS_RSA_WITH_RC4_128_SHA",
+                "cipherStrength": 128,
+                "q": 0
+              },
+              {
+                "id": 4,
+                "name": "TLS_RSA_WITH_RC4_128_MD5",
+                "cipherStrength": 128,
+                "q": 0
+              }
+            ],
+            "preference": true
+          }
+        ],
+        "namedGroups": {
+          "list": [
+            {
+              "id": 23,
+              "name": "secp256r1",
+              "bits": 256,
+              "namedGroupType": "EC"
+            },
+            {
+              "id": 24,
+              "name": "secp384r1",
+              "bits": 384,
+              "namedGroupType": "EC"
+            }
+          ],
+          "preference": true
+        },
+        "serverSignature": "Microsoft-IIS/7.5",
+        "prefixDelegation": false,
+        "nonPrefixDelegation": true,
+        "vulnBeast": true,
+        "sessionResumption": 2,
+        "compressionMethods": 0,
+        "supportsNpn": false,
+        "supportsAlpn": false,
+        "sessionTickets": 0,
+        "ocspStapling": true,
+        "staplingRevocationStatus": 2,
+        "sniRequired": false,
+        "httpStatusCode": 200,
+        "supportsRc4": true,
+        "rc4WithModern": false,
+        "rc4Only": false,
+        "forwardSecrecy": 4,
+        "supportsAead": true,
+        "protocolIntolerance": 0,
+        "miscIntolerance": 0,
+        "sims": {
+          "results": [
+            {
+              "client": {
+                "id": 56,
+                "name": "Android",
+                "version": "2.3.7",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 769,
+              "suiteId": 51,
+              "suiteName": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+              "kxType": "DH",
+              "kxStrength": 8192,
+              "dhBits": 1024,
+              "dhP": 128,
+              "dhG": 128,
+              "dhYs": 128,
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 58,
+                "name": "Android",
+                "version": "4.0.4",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 769,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 59,
+                "name": "Android",
+                "version": "4.1.1",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 769,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 60,
+                "name": "Android",
+                "version": "4.2.2",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 769,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 61,
+                "name": "Android",
+                "version": "4.3",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 769,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 62,
+                "name": "Android",
+                "version": "4.4.2",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49191,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 88,
+                "name": "Android",
+                "version": "5.0.0",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 129,
+                "name": "Android",
+                "version": "6.0",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 139,
+                "name": "Android",
+                "version": "7.0",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 94,
+                "name": "Baidu",
+                "version": "Jan 2015",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 769,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 91,
+                "name": "BingPreview",
+                "version": "Jan 2015",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 136,
+                "name": "Chrome",
+                "platform": "XP SP3",
+                "version": "49",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 152,
+                "name": "Chrome",
+                "platform": "Win 7",
+                "version": "69",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 153,
+                "name": "Chrome",
+                "platform": "Win 10",
+                "version": "70",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 84,
+                "name": "Firefox",
+                "platform": "Win 7",
+                "version": "31.3.0 ESR",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 132,
+                "name": "Firefox",
+                "platform": "Win 7",
+                "version": "47",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 137,
+                "name": "Firefox",
+                "platform": "XP SP3",
+                "version": "49",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 151,
+                "name": "Firefox",
+                "platform": "Win 7",
+                "version": "62",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 145,
+                "name": "Googlebot",
+                "version": "Feb 2018",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 100,
+                "name": "IE",
+                "platform": "XP",
+                "version": "6",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "protocolId": 768,
+              "suiteId": 10,
+              "suiteName": "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 19,
+                "name": "IE",
+                "platform": "Vista",
+                "version": "7",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 769,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 101,
+                "name": "IE",
+                "platform": "XP",
+                "version": "8",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 769,
+              "suiteId": 10,
+              "suiteName": "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 113,
+                "name": "IE",
+                "platform": "Win 7",
+                "version": "8-10",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 769,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 143,
+                "name": "IE",
+                "platform": "Win 7",
+                "version": "11",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 134,
+                "name": "IE",
+                "platform": "Win 8.1",
+                "version": "11",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 64,
+                "name": "IE",
+                "platform": "Win Phone 8.0",
+                "version": "10",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 769,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 65,
+                "name": "IE",
+                "platform": "Win Phone 8.1",
+                "version": "11",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49191,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 106,
+                "name": "IE",
+                "platform": "Win Phone 8.1 Update",
+                "version": "11",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 131,
+                "name": "IE",
+                "platform": "Win 10",
+                "version": "11",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 144,
+                "name": "Edge",
+                "platform": "Win 10",
+                "version": "15",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 120,
+                "name": "Edge",
+                "platform": "Win Phone 10",
+                "version": "13",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 25,
+                "name": "Java",
+                "version": "6u45",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "protocolId": 769,
+              "suiteId": 51,
+              "suiteName": "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+              "kxType": "DH",
+              "kxStrength": 8192,
+              "dhBits": 1024,
+              "dhP": -1,
+              "dhG": -1,
+              "dhYs": -1,
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 26,
+                "name": "Java",
+                "version": "7u25",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 769,
+              "suiteId": 49171,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 147,
+                "name": "Java",
+                "version": "8u161",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 27,
+                "name": "OpenSSL",
+                "version": "0.9.8y",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 769,
+              "suiteId": 57,
+              "suiteName": "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "DH",
+              "kxStrength": 8192,
+              "dhBits": 1024,
+              "dhP": 128,
+              "dhG": 128,
+              "dhYs": 128,
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 99,
+                "name": "OpenSSL",
+                "version": "1.0.1l",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 121,
+                "name": "OpenSSL",
+                "version": "1.0.2e",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 32,
+                "name": "Safari",
+                "platform": "OS X 10.6.8",
+                "version": "5.1.9",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 769,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 33,
+                "name": "Safari",
+                "platform": "iOS 6.0.1",
+                "version": "6",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 34,
+                "name": "Safari",
+                "platform": "OS X 10.8.4",
+                "version": "6.0.4",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 769,
+              "suiteId": 49172,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 63,
+                "name": "Safari",
+                "platform": "iOS 7.1",
+                "version": "7",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 35,
+                "name": "Safari",
+                "platform": "OS X 10.9",
+                "version": "7",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 85,
+                "name": "Safari",
+                "platform": "iOS 8.4",
+                "version": "8",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 87,
+                "name": "Safari",
+                "platform": "OS X 10.10",
+                "version": "8",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 114,
+                "name": "Safari",
+                "platform": "iOS 9",
+                "version": "9",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 111,
+                "name": "Safari",
+                "platform": "OS X 10.11",
+                "version": "9",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 140,
+                "name": "Safari",
+                "platform": "iOS 10",
+                "version": "10",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 138,
+                "name": "Safari",
+                "platform": "OS X 10.12",
+                "version": "10",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 112,
+                "name": "Apple ATS",
+                "platform": "iOS 9",
+                "version": "9",
+                "isReference": true
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 92,
+                "name": "Yahoo Slurp",
+                "version": "Jan 2015",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            },
+            {
+              "client": {
+                "id": 93,
+                "name": "YandexBot",
+                "version": "Jan 2015",
+                "isReference": false
+              },
+              "errorCode": 0,
+              "attempts": 1,
+              "certChainId": "2fd048b086e0cd5b1e9ec7689498ba13dd19161fdbd5bfe51205b9bdeccd467d",
+              "protocolId": 771,
+              "suiteId": 49192,
+              "suiteName": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+              "kxType": "ECDH",
+              "kxStrength": 3072,
+              "namedGroupBits": 256,
+              "namedGroupId": 23,
+              "namedGroupName": "secp256r1",
+              "keyAlg": "RSA",
+              "keySize": 2048,
+              "sigAlg": "SHA256withRSA"
+            }
+          ]
+        },
+        "heartbleed": false,
+        "heartbeat": false,
+        "openSslCcs": 1,
+        "openSSLLuckyMinus20": 1,
+        "ticketbleed": 1,
+        "bleichenbacher": 1,
+        "poodle": true,
+        "poodleTls": 1,
+        "fallbackScsv": false,
+        "freak": false,
+        "hasSct": 1,
+        "dhPrimes": [
+          "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece65381ffffffffffffffff"
+        ],
+        "dhUsesKnownPrimes": 2,
+        "dhYsReuse": true,
+        "ecdhParameterReuse": true,
+        "logjam": false,
+        "hstsPolicy": {
+          "LONG_MAX_AGE": 15552000,
+          "status": "absent",
+          "directives": {}
+        },
+        "hstsPreloads": [
+          {
+            "source": "Chrome",
+            "hostname": "cam.hmhreservations.com",
+            "status": "absent",
+            "sourceTime": 1552241761120
+          },
+          {
+            "source": "Edge",
+            "hostname": "cam.hmhreservations.com",
+            "status": "absent",
+            "sourceTime": 1552241101296
+          },
+          {
+            "source": "Firefox",
+            "hostname": "cam.hmhreservations.com",
+            "status": "absent",
+            "sourceTime": 1552241101296
+          },
+          {
+            "source": "IE",
+            "hostname": "cam.hmhreservations.com",
+            "status": "absent",
+            "sourceTime": 1552241101296
+          }
+        ],
+        "hpkpPolicy": {
+          "status": "absent",
+          "pins": [],
+          "matchedPins": [],
+          "directives": []
+        },
+        "hpkpRoPolicy": {
+          "status": "absent",
+          "pins": [],
+          "matchedPins": [],
+          "directives": []
+        },
+        "staticPkpPolicy": {
+          "status": "absent",
+          "pins": [],
+          "matchedPins": [],
+          "forbiddenPins": [],
+          "matchedForbiddenPins": []
+        },
+        "httpTransactions": [
+          {
+            "requestUrl": "https://cam.hmhreservations.com/",
+            "statusCode": 200,
+            "requestLine": "GET / HTTP/1.1",
+            "requestHeaders": [
+              "Host: cam.hmhreservations.com",
+              "User-Agent: SSL Labs (https://www.ssllabs.com/about/assessment.html); on behalf of XXX.XXX.XXX.XXX",
+              "Accept: */*",
+              "Connection: Close"
+            ],
+            "responseLine": "HTTP/1.1 200 OK",
+            "responseHeadersRaw": [
+              "Content-Type: text/html",
+              "Last-Modified: Tue, 30 Jan 2018 12:06:52 GMT",
+              "Accept-Ranges: bytes",
+              "ETag: \"65652d0c299d31:0\"",
+              "Server: Microsoft-IIS/7.5",
+              "Date: Sun, 10 Mar 2019 18:55:43 GMT",
+              "Connection: close",
+              "Content-Length: 689"
+            ],
+            "responseHeaders": [
+              {
+                "name": "Content-Type",
+                "value": "text/html"
+              },
+              {
+                "name": "Last-Modified",
+                "value": "Tue, 30 Jan 2018 12:06:52 GMT"
+              },
+              {
+                "name": "Accept-Ranges",
+                "value": "bytes"
+              },
+              {
+                "name": "ETag",
+                "value": "\"65652d0c299d31:0\""
+              },
+              {
+                "name": "Server",
+                "value": "Microsoft-IIS/7.5"
+              },
+              {
+                "name": "Date",
+                "value": "Sun, 10 Mar 2019 18:55:43 GMT"
+              },
+              {
+                "name": "Connection",
+                "value": "close"
+              },
+              {
+                "name": "Content-Length",
+                "value": "689"
+              }
+            ],
+            "fragileServer": false
+          }
+        ],
+        "drownHosts": [],
+        "drownErrors": false,
+        "drownVulnerable": false
+      }
+    }
+  ],
+  "certs": [
+    {
+      "id": "962e0c57fa39e3ce5356d3ec1ccb6a0c2a01a353b5c46aedaaee74bf1fd655bb",
+      "subject": "CN=*.hmhreservations.com, OU=Domain Control Validated",
+      "serialNumber": "4dfecc3cab75766d",
+      "commonNames": [
+        "*.hmhreservations.com"
+      ],
+      "altNames": [
+        "*.hmhreservations.com",
+        "hmhreservations.com"
+      ],
+      "notBefore": 1542015738000,
+      "notAfter": 1578737221000,
+      "issuerSubject": "CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/, O=\"Starfield Technologies, Inc.\", L=Scottsdale, ST=Arizona, C=US",
+      "sigAlg": "SHA256withRSA",
+      "revocationInfo": 3,
+      "crlURIs": [
+        "http://crl.starfieldtech.com/sfig2s1-134.crl"
+      ],
+      "ocspURIs": [
+        "http://ocsp.starfieldtech.com/"
+      ],
+      "revocationStatus": 2,
+      "crlRevocationStatus": 2,
+      "ocspRevocationStatus": 2,
+      "dnsCaa": false,
+      "mustStaple": false,
+      "sgc": 0,
+      "validationType": "D",
+      "issues": 0,
+      "sct": true,
+      "sha1Hash": "42781bc1b691b6f04de4e6106b08e235fe0579a9",
+      "sha256Hash": "962e0c57fa39e3ce5356d3ec1ccb6a0c2a01a353b5c46aedaaee74bf1fd655bb",
+      "pinSha256": "TUzLMgHxlsmfX4W4ivMCB3kixBIz3Pt28JhCeaN9ExI=",
+      "keyAlg": "RSA",
+      "keySize": 2048,
+      "keyStrength": 2048,
+      "keyKnownDebianInsecure": false,
+      "raw": "-----BEGIN CERTIFICATE-----\nMIIGdzCCBV+gAwIBAgIITf7MPKt1dm0wDQYJKoZIhvcNAQELBQAwgcYxCzAJBgNVBAYTAlVTMRAw\r\nDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQg\r\nVGVjaG5vbG9naWVzLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydHMuc3RhcmZpZWxkdGVjaC5j\r\nb20vcmVwb3NpdG9yeS8xNDAyBgNVBAMTK1N0YXJmaWVsZCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0\r\naG9yaXR5IC0gRzIwHhcNMTgxMTEyMDk0MjE4WhcNMjAwMTExMTAwNzAxWjBDMSEwHwYDVQQLExhE\r\nb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxHjAcBgNVBAMMFSouaG1ocmVzZXJ2YXRpb25zLmNvbTCC\r\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJmNDPULQMPbw1terijJ+W6jW8e1GreXz/od\r\nvAlhaykKILz/QhA8t4ImiNgK6PpKWcEbmAu/RCo9CFHgPV1/IGmzsSHkGu+D1EPzekQNq6nTY7RA\r\njCUWRJ3b+LSx+nArk7OOZLcT8aLJYylEPU4us8CE2Sc3Ii+c2UJgnhSFEpK2nMiS2skUzKPjYB9/\r\nfGG8vt6zB3ZyJNeL8EiejlM96colqJAtl31MTt2VECPYfBPujba7dUF5/NMH21FaKGU21gTrbxWW\r\nfgqzPyWnDH1Y02BzgBb1PU3NJSWaNx2cMnQU9k1qXdNGBkIxL2BjzSFwqnsSe6rxn4nHjKcPC5Rt\r\ncTsCAwEAAaOCAukwggLlMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF\r\nBwMCMA4GA1UdDwEB/wQEAwIFoDA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnN0YXJmaWVs\r\nZHRlY2guY29tL3NmaWcyczEtMTM0LmNybDBjBgNVHSAEXDBaME4GC2CGSAGG/W4BBxcBMD8wPQYI\r\nKwYBBQUHAgEWMWh0dHA6Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9y\r\neS8wCAYGZ4EMAQIBMIGCBggrBgEFBQcBAQR2MHQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnN0\r\nYXJmaWVsZHRlY2guY29tLzBGBggrBgEFBQcwAoY6aHR0cDovL2NlcnRpZmljYXRlcy5zdGFyZmll\r\nbGR0ZWNoLmNvbS9yZXBvc2l0b3J5L3NmaWcyLmNydDAfBgNVHSMEGDAWgBQlRYFoUCY4PTstLL7N\r\natm2PbNmYzA1BgNVHREELjAsghUqLmhtaHJlc2VydmF0aW9ucy5jb22CE2htaHJlc2VydmF0aW9u\r\ncy5jb20wHQYDVR0OBBYEFLFZ7QK7xBEOlQnVQTIl8PXzbPfJMIIBBAYKKwYBBAHWeQIEAgSB9QSB\r\n8gDwAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFnB0zjeQAABAMARzBFAiAk\r\nRzE4UlHd2FSSH1m5LsV+1tDwoIrL3wBerOR3pM49gQIhAIO4dKoboO9BTW1II5FQvPm7jhxctPbQ\r\nB3+qk17AOA7pAHYAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFnB0zkZwAABAMA\r\nRzBFAiEA3yat1vRxmzgkEHR7/GgSduZlBrxrlvXghtRx7QNO6iUCIDNgT+UoULKOVcfyNH9+hWlM\r\nHvTCkTYaEBLajeSD3jW0MA0GCSqGSIb3DQEBCwUAA4IBAQDOo8+jxW6lgueFGAy18hvTVpGlx/nL\r\nfB72wxPSieEOVtLR5MatPEf8onED3l0llTx2Jz5V7oMvDlUEaFAORNJ07FHs4+DSadAApnw6yhzc\r\nlg9BgRLaFtL4tgFtsOyjKqjoewGgcXYkIMSdGcH8w31Abd81+JCM+L6MWXnEH6XR661UEW1T+XWf\r\nhGM4gL/lR/dUgGNWoscalzO9LMzU7PnwDlIWCWkfHfRoQT5EmMmoErwfVHQDT8exzJNAiGiwvAiy\r\nJY3bdsaTrBCg6RxAOo1VG6ij4fRC1XltZCnBnLULLd2sxfxWqbZdmQvqvvKQvBiPiOmQ0SWHtLhE\r\nkNK+CiTH\r\n-----END CERTIFICATE-----\n"
+    },
+    {
+      "id": "93a07898d89b2cca166ba6f1f8a14138ce43828e491b831926bc8247d391cc72",
+      "subject": "CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/, O=\"Starfield Technologies, Inc.\", L=Scottsdale, ST=Arizona, C=US",
+      "serialNumber": "07",
+      "commonNames": [
+        "Starfield Secure Certificate Authority - G2"
+      ],
+      "notBefore": 1304406000000,
+      "notAfter": 1935558000000,
+      "issuerSubject": "CN=Starfield Root Certificate Authority - G2, O=\"Starfield Technologies, Inc.\", L=Scottsdale, ST=Arizona, C=US",
+      "sigAlg": "SHA256withRSA",
+      "revocationInfo": 3,
+      "crlURIs": [
+        "http://crl.starfieldtech.com/sfroot-g2.crl"
+      ],
+      "ocspURIs": [
+        "http://ocsp.starfieldtech.com/"
+      ],
+      "revocationStatus": 2,
+      "crlRevocationStatus": 2,
+      "ocspRevocationStatus": 2,
+      "mustStaple": false,
+      "sgc": 0,
+      "issues": 0,
+      "sct": false,
+      "sha1Hash": "7edc376dcfd45e6ddf082c160df6ac21835b95d4",
+      "sha256Hash": "93a07898d89b2cca166ba6f1f8a14138ce43828e491b831926bc8247d391cc72",
+      "pinSha256": "8kGWrpQHhmc0jwLo43RYo6bmqtHgsNxhARjM5yFCe/w=",
+      "keyAlg": "RSA",
+      "keySize": 2048,
+      "keyStrength": 2048,
+      "keyKnownDebianInsecure": false,
+      "raw": "-----BEGIN CERTIFICATE-----\nMIIFADCCA+igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT\r\nB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9s\r\nb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVsZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0\r\neSAtIEcyMB4XDTExMDUwMzA3MDAwMFoXDTMxMDUwMzA3MDAwMFowgcYxCzAJBgNVBAYTAlVTMRAw\r\nDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQg\r\nVGVjaG5vbG9naWVzLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydHMuc3RhcmZpZWxkdGVjaC5j\r\nb20vcmVwb3NpdG9yeS8xNDAyBgNVBAMTK1N0YXJmaWVsZCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0\r\naG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlkGZL7PlGcakgg77p\r\nbL9KyUhpgXVObST2yxcT+LBxWYR6ayuFpDS1FuXLzOlBcCykLtb6Mn3hqN6UEKwxwcDYav9ZJ6t2\r\n1vwLdGu4p64/xFT0tDFE3ZNWjKRMXpuJyySDm+JXfbfYEh/JhW300YDxUJuHrtQLEAX7J7oobRfp\r\nDtZNuTlVBv8KJAV+L8YdcmzUiymMV33a2etmGtNPp99/UsQwxaXJDgLFU793OGgGJMNmyDd+MB5F\r\ncSM1/5DYKp2N57CSTTx/KgqT3M0WRmX3YISLdkuRJ3MUkuDq7o8W6o0OPnYXv32JgIBEQ+ct4EMJ\r\nddo26K3biTr1XRKOIwSDAgMBAAGjggEsMIIBKDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE\r\nAwIBBjAdBgNVHQ4EFgQUJUWBaFAmOD07LSy+zWrZtj2zZmMwHwYDVR0jBBgwFoAUfAwyH6fZMH/E\r\nfWijYqihzqsHWycwOgYIKwYBBQUHAQEELjAsMCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5zdGFy\r\nZmllbGR0ZWNoLmNvbS8wOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zdGFyZmllbGR0ZWNo\r\nLmNvbS9zZnJvb3QtZzIuY3JsMEwGA1UdIARFMEMwQQYEVR0gADA5MDcGCCsGAQUFBwIBFitodHRw\r\nczovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IB\r\nAQBWZcr+8z8KqJOLGMfeQ2kTNCC+Tl94qGuc22pNQdvBE+zcMQAiXvcAngzgNGU0+bE6TkjIEoGI\r\nXFs+CFN69xpk37hQYcxTUUApS8L0rjpf5MqtJsxOYUPl/VemN3DOQyuwlMOS6eFfqhBJt2nk4NAf\r\nZKQrzR9voPiEJBjOeT2pkb9UGBOJmVQRDVXFJgt5T1ocbvlj2xSApAer+rKluYjdkf5lO6Sjeb6J\r\nTeHQsPTIFwwKlhR8Cbds4cLYVdQYoKpBaXAko7nv6VrcPuuUSvC33l8Odvr7+2kDRUBQ7nIMpBKG\r\ngc0T0U7EPMpODdIm8QC3tKai4W56gf0wrHofx1l7\r\n-----END CERTIFICATE-----\n"
+    },
+    {
+      "id": "9f43d52e808c20aff69e02faac205aac684e6975213d6620fac64bde5fcab4bc",
+      "subject": "CN=Starfield Root Certificate Authority - G2, O=\"Starfield Technologies, Inc.\", L=Scottsdale, ST=Arizona, C=US",
+      "serialNumber": "391484",
+      "commonNames": [
+        "Starfield Root Certificate Authority - G2"
+      ],
+      "notBefore": 1388559600000,
+      "notAfter": 1937890800000,
+      "issuerSubject": "OU=Starfield Class 2 Certification Authority, O=\"Starfield Technologies, Inc.\", C=US",
+      "sigAlg": "SHA256withRSA",
+      "revocationInfo": 3,
+      "crlURIs": [
+        "http://crl.starfieldtech.com/sfroot.crl"
+      ],
+      "ocspURIs": [
+        "http://ocsp.starfieldtech.com/"
+      ],
+      "revocationStatus": 2,
+      "crlRevocationStatus": 2,
+      "ocspRevocationStatus": 2,
+      "mustStaple": false,
+      "sgc": 0,
+      "issues": 0,
+      "sct": false,
+      "sha1Hash": "9565b778c8a50eb4fefd45c8a658dde2411ead0a",
+      "sha256Hash": "9f43d52e808c20aff69e02faac205aac684e6975213d6620fac64bde5fcab4bc",
+      "pinSha256": "gI1os/q0iEpflxrOfRBVDXqVoWN3Tz7Dav/7IT++THQ=",
+      "keyAlg": "RSA",
+      "keySize": 2048,
+      "keyStrength": 2048,
+      "keyKnownDebianInsecure": false,
+      "raw": "-----BEGIN CERTIFICATE-----\nMIIEoDCCA4igAwIBAgIDORSEMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNVBAYTAlVTMSUwIwYDVQQK\r\nExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTIwMAYDVQQLEylTdGFyZmllbGQgQ2xhc3Mg\r\nMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNDAxMDEwNzAwMDBaFw0zMTA1MzAwNzAwMDBa\r\nMIGPMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEl\r\nMCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UEAxMpU3RhcmZpZWxk\r\nIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw\r\nggEKAoIBAQC97cED/PaP/AKxb1ufSNmdeeKitwNhVhjDR7bXyj01LolD96Fpm96KGv0TIJy0SXcy\r\nKVb9ueyM3SL6ctwnYZfu9lqE7G4ZuYks3IRb1XT7a1/FiaUQUolGVfS4dRzmf+RUrkv4VXJXAhn4\r\nF3FZ6x4oB3TFnUi+bLT0pLDzZDd5ksDsRl5/4W1TTGKvzR8LY7s6nfv8eQCYYXTPJoJAY/OycmoZ\r\nDZnK1A51zDf7i4nBWfFif1+zX2Uw+Ke3TXZaHnZeNMDollaZirPwf6TNvdwyMXyRz+BfEfhrqklc\r\n0ZmU0aLjY1sJdrVWYuFLdB2W1CbUCARZ0JgODube/MPsH5DxAgMBAAGjggEpMIIBJTAPBgNVHRMB\r\nAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUfAwyH6fZMH/EfWijYqihzqsHWycw\r\nHwYDVR0jBBgwFoAUv1+30c7dH4b0W1Ws3NcQwg6piOcwOgYIKwYBBQUHAQEELjAsMCoGCCsGAQUF\r\nBzABhh5odHRwOi8vb2NzcC5zdGFyZmllbGR0ZWNoLmNvbS8wOAYDVR0fBDEwLzAtoCugKYYnaHR0\r\ncDovL2NybC5zdGFyZmllbGR0ZWNoLmNvbS9zZnJvb3QuY3JsMEwGA1UdIARFMEMwQQYEVR0gADA5\r\nMDcGCCsGAQUFBwIBFitodHRwczovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkv\r\nMA0GCSqGSIb3DQEBCwUAA4IBAQCFY8HZ3bn/qb2mGdy/EzoROCJUsawFEPt8s5Y/MYtm/4jz4b/7\r\nxx8A/0Zqi2EyyQFRdvuaxvogUchGxJjXeaPjBHI/i000U2fsMyx76JQBKHw6NFsCdxaNQCUzsLxs\r\nl9cFev+Mhc5voFMAF24ebL0i1wqIN/Z965lB7yfLjGBrTAF+ZVALT7iVmppuNP1zOjPxkdXzTi10\r\n6O/TkDXxBmhk1NAT/VLTxm3BOoox3QUmNUqMZbhSa4Hs0py1NBCXnD7GL+2OQkIkLulzmiX5EfHy\r\nI2nL5ZRpoNLcsPxEiawXqMzVN3cWxYC5DI9XAlWZhXtJ8C5boMJXU12i6KY3wwH6\r\n-----END CERTIFICATE-----\n"
+    },
+    {
+      "id": "2ce1cb0bf9d2f9e102993fbe215152c3b2dd0cabde1c68e5319b839154dbb7f5",
+      "subject": "CN=Starfield Root Certificate Authority - G2, O=\"Starfield Technologies, Inc.\", L=Scottsdale, ST=Arizona, C=US",
+      "serialNumber": "00",
+      "commonNames": [
+        "Starfield Root Certificate Authority - G2"
+      ],
+      "notBefore": 1251763200000,
+      "notAfter": 2145916799000,
+      "issuerSubject": "CN=Starfield Root Certificate Authority - G2, O=\"Starfield Technologies, Inc.\", L=Scottsdale, ST=Arizona, C=US",
+      "sigAlg": "SHA256withRSA",
+      "revocationInfo": 0,
+      "revocationStatus": 0,
+      "crlRevocationStatus": 0,
+      "ocspRevocationStatus": 0,
+      "mustStaple": false,
+      "sgc": 0,
+      "issues": 0,
+      "sct": false,
+      "sha1Hash": "b51c067cee2b0c3df855ab2d92f4fe39d4e70f0e",
+      "sha256Hash": "2ce1cb0bf9d2f9e102993fbe215152c3b2dd0cabde1c68e5319b839154dbb7f5",
+      "pinSha256": "gI1os/q0iEpflxrOfRBVDXqVoWN3Tz7Dav/7IT++THQ=",
+      "keyAlg": "RSA",
+      "keySize": 2048,
+      "keyStrength": 2048,
+      "keyKnownDebianInsecure": false,
+      "raw": "-----BEGIN CERTIFICATE-----\nMIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT\r\nB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9s\r\nb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVsZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0\r\neSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAw\r\nDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQg\r\nVGVjaG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZpY2F0ZSBB\r\ndXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3twQP89o/8ArFv\r\nW59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMgnLRJdzIpVv257IzdIvpy3Cdhl+72WoTs\r\nbhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNk\r\nN3mSwOxGXn/hbVNMYq/NHwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7Nf\r\nZTD4p7dNdloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0HZbU\r\nJtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC\r\nAQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0GCSqGSIb3DQEBCwUAA4IBAQARWfol\r\nTwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjUsHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx\r\n4mcujJUDJi5DnUox9g61DLu34jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUw\r\nF5okxBDgBPfg8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K\r\npL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1mMpYjn0q7pBZ\r\nc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0\r\n-----END CERTIFICATE-----\n"
+    },
+    {
+      "id": "1465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb658",
+      "subject": "OU=Starfield Class 2 Certification Authority, O=\"Starfield Technologies, Inc.\", C=US",
+      "serialNumber": "00",
+      "commonNames": [],
+      "notBefore": 1088530756000,
+      "notAfter": 2035215556000,
+      "issuerSubject": "OU=Starfield Class 2 Certification Authority, O=\"Starfield Technologies, Inc.\", C=US",
+      "sigAlg": "SHA1withRSA",
+      "revocationInfo": 0,
+      "revocationStatus": 0,
+      "crlRevocationStatus": 0,
+      "ocspRevocationStatus": 0,
+      "mustStaple": false,
+      "sgc": 0,
+      "issues": 256,
+      "sct": false,
+      "sha1Hash": "ad7e1c28b064ef8f6003402014c3d0e3370eb58a",
+      "sha256Hash": "1465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb658",
+      "pinSha256": "FfFKxFycfaIz00eRZOgTf+Ne4POK6FgYPwhBDqgqxLQ=",
+      "keyAlg": "RSA",
+      "keySize": 2048,
+      "keyStrength": 2048,
+      "keyKnownDebianInsecure": false,
+      "raw": "-----BEGIN CERTIFICATE-----\nMIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzElMCMGA1UEChMc\r\nU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZpZWxkIENsYXNzIDIg\r\nQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQwNjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBo\r\nMQswCQYDVQQGEwJVUzElMCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAG\r\nA1UECxMpU3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqG\r\nSIb3DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf8MOh2tTY\r\nbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN+lq2cwQlZut3f+dZxkqZ\r\nJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVm\r\nepsZGD3/cVE8MC5fvj13c7JdBmzDI1aaK4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSN\r\nF4Azbl5KXZnJHoe0nRrA1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HF\r\nMIHCMB0GA1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fRzt0f\r\nhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNo\r\nbm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBDbGFzcyAyIENlcnRpZmljYXRpb24g\r\nQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGs\r\nafPzWdqbAYcaT1epoXkJKtv3L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLM\r\nPUxA2IGvd56Deruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl\r\nxy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynpVSJYACPq4xJD\r\nKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEYWQPJIrSPnNVeKtelttQKbfi3\r\nQBFGmh95DmK/D5fs4C8fF5Q=\r\n-----END CERTIFICATE-----\n"
+    }
+  ]
+}