To test manually, click here. Your user agent is not vulnerable if it fails to connect to the site.
To test manually, click here. Your user agent is not vulnerable if it fails to connect to the site.
Protocols | |
TLS 1.3 | No |
TLS 1.2 | Yes* |
TLS 1.1 | Yes* |
TLS 1.0 | Yes* |
SSL 3 | Yes* |
SSL 2 | No |
Cipher Suites (in order of preference) | ||
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f )
Forward Secrecy
|
128 | |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b )
Forward Secrecy
|
128 | |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030 )
Forward Secrecy
|
256 | |
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c )
Forward Secrecy
|
256 | |
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e )
Forward Secrecy
|
128 | |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027 )
Forward Secrecy
|
128 | |
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67 )
Forward Secrecy
|
128 | |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028 )
Forward Secrecy
|
256 | |
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b )
Forward Secrecy
|
256 | |
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 (0xa3 )
Forward Secrecy2
|
256 | |
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f )
Forward Secrecy
|
256 | |
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9 )
Forward Secrecy
|
256 | |
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8 )
Forward Secrecy
|
256 | |
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xccaa )
Forward Secrecy
|
256 | |
TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 (0xc0af )
Forward Secrecy
|
256 | |
TLS_ECDHE_ECDSA_WITH_AES_256_CCM (0xc0ad )
Forward Secrecy
|
256 | |
TLS_DHE_RSA_WITH_AES_256_CCM_8 (0xc0a3 )
Forward Secrecy
|
256 | |
TLS_DHE_RSA_WITH_AES_256_CCM (0xc09f )
Forward Secrecy
|
256 | |
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (0xa2 )
Forward Secrecy2
|
128 | |
TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 (0xc0ae )
Forward Secrecy
|
128 | |
TLS_ECDHE_ECDSA_WITH_AES_128_CCM (0xc0ac )
Forward Secrecy
|
128 | |
TLS_DHE_RSA_WITH_AES_128_CCM_8 (0xc0a2 )
Forward Secrecy
|
128 | |
TLS_DHE_RSA_WITH_AES_128_CCM (0xc09e )
Forward Secrecy
|
128 | |
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024 )
Forward Secrecy
|
256 | |
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 (0x6a )
Forward Secrecy2
|
256 | |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023 )
Forward Secrecy
|
128 | |
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x40 )
Forward Secrecy2
|
128 | |
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a )
Forward Secrecy
|
256 | |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014 )
Forward Secrecy
|
256 | |
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39 )
Forward Secrecy
|
256 | |
TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x38 )
Forward Secrecy2
|
256 | |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009 )
Forward Secrecy
|
128 | |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013 )
Forward Secrecy
|
128 | |
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33 )
Forward Secrecy
|
128 | |
TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x32 )
Forward Secrecy2
|
128 | |
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d ) WEAK |
256 | |
TLS_RSA_WITH_AES_256_CCM_8 (0xc0a1 ) WEAK |
256 | |
TLS_RSA_WITH_AES_256_CCM (0xc09d ) WEAK |
256 | |
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c ) WEAK |
128 | |
TLS_RSA_WITH_AES_128_CCM_8 (0xc0a0 ) WEAK |
128 | |
TLS_RSA_WITH_AES_128_CCM (0xc09c ) WEAK |
128 | |
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d ) WEAK |
256 | |
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c ) WEAK |
128 | |
TLS_RSA_WITH_AES_256_CBC_SHA (0x35 ) WEAK |
256 | |
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f ) WEAK |
128 | |
TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0xff ) |
- | |
(1) When a browser supports SSL 2, its SSL 2-only suites are shown only on the very first connection to this site. To see the suites, close all browser windows, then open this exact page directly. Don't refresh. | ||
(2) Cannot be used for Forward Secrecy because they require DSA keys, which are effectively limited to 1024 bits. |
Protocol Details | |
Server Name Indication (SNI) | Yes |
Secure Renegotiation | Yes |
TLS compression | No |
Session tickets | Yes |
OCSP stapling | No |
Signature algorithms | SHA512/RSA, SHA512/DSA, SHA512/ECDSA, SHA384/RSA, SHA384/DSA, SHA384/ECDSA, SHA256/RSA, SHA256/DSA, SHA256/ECDSA, SHA224/RSA, SHA224/DSA, SHA224/ECDSA, SHA1/RSA, SHA1/DSA, SHA1/ECDSA |
Named Groups | x25519, secp256r1, secp521r1, secp384r1 |
Next Protocol Negotiation | No |
Application Layer Protocol Negotiation | No |
SSL 2 handshake compatibility | No |
Mixed Content Tests | ||
Images | Passive | Testing... |
CSS | Active | Testing... |
Scripts | Active | Testing... |
XMLHttpRequest | Active | Testing... |
WebSockets | Active | Testing... |
Frames | Active | Testing... |
(1) These tests might cause a mixed content warning in your browser. That's expected. (2) If you see a failed test, try to reload the page. If the error persists, please get in touch. |
Related Functionality | ||
Upgrade Insecure Requests request header (more info) | Yes |