SSL/TLS Capabilities of Your Browser
User Agent: CCBot/2.0 (https://commoncrawl.org/faq/)
Protocol Support
Please wait, checking protocol support...
CVE-2020-0601 (CurveBall) Vulnerability
Please wait, checking if your user agent is vulnerable...
For more information about the CVE-2020-0601 (CurveBall) Vulnerability, please go to
CVE-2020-0601.
To test manually, click here. Your user agent is not vulnerable if it fails to connect to the site.
To test manually, click here. Your user agent is not vulnerable if it fails to connect to the site.
Logjam Vulnerability
Please wait, checking if your user agent is vulnerable...
For more information about the Logjam attack, please go to
weakdh.org.
To test manually, click here. Your user agent is not vulnerable if it fails to connect to the site.
To test manually, click here. Your user agent is not vulnerable if it fails to connect to the site.
FREAK Vulnerability
Please wait, checking if your user agent is vulnerable...
For more information about the FREAK attack, please go to
www.freakattack.com.
To test manually, click here. Your user agent is not vulnerable if it fails to connect to the site.
To test manually, click here. Your user agent is not vulnerable if it fails to connect to the site.
POODLE Vulnerability
Please wait, checking if your user agent is vulnerable...
For more information about the POODLE attack, please read this blog post.
SSL 2 Protocol Support
Your user agent supports SSL 2. You should upgrade.
SSL 2 is a very old, obsolete, and insecure version of the SSL protocol. You can usually disable this protocol
version in configuration, but modern clients don't support it at all. This really means that you should upgrade your software
to a better version.
iOS and OS X TLS Authentication Vulnerability
Please wait, checking if your user agent is vulnerable...
To test manually, click here. If your
user agent refuses to connect, you are not vulnerable. This test requires a connection to the SSL Labs
server on port 10443. A strict outbound firewall might interfere. You should test Safari running on
iOS or OS X. Chrome and Firefox are not vulnerable, even when running on a vulnerable operating system.
MORE »
Protocol Features
Protocols | |
TLS 1.3 | Yes |
TLS 1.2 | Yes* |
TLS 1.1 | Yes* |
TLS 1.0 | Yes* |
SSL 3 | Yes* |
SSL 2 | No |
Cipher Suites (in order of preference) | ||
TLS_AES_256_GCM_SHA384 (0x1302 )
Forward Secrecy
|
256 | |
TLS_AES_128_GCM_SHA256 (0x1301 )
Forward Secrecy
|
128 | |
TLS_CHACHA20_POLY1305_SHA256 (0x1303 )
Forward Secrecy
|
256 | |
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c )
Forward Secrecy
|
256 | |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b )
Forward Secrecy
|
128 | |
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9 )
Forward Secrecy
|
256 | |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030 )
Forward Secrecy
|
256 | |
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8 )
Forward Secrecy
|
256 | |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f )
Forward Secrecy
|
128 | |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014 ) WEAK
|
256 | |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013 ) WEAK
|
128 | |
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d ) WEAK
|
256 | |
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c ) WEAK
|
128 | |
TLS_RSA_WITH_AES_256_CBC_SHA (0x35 ) WEAK
|
256 | |
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f ) WEAK
|
128 | |
(1) When a browser supports SSL 2, its SSL 2-only suites are shown only on the very first connection to this site. To see the suites, close all browser windows, then open this exact page directly. Don't refresh. |
Protocol Details | |
Server Name Indication (SNI) | Yes |
Secure Renegotiation | Yes |
TLS compression | No |
Session tickets | No |
OCSP stapling | Yes |
Signature algorithms | SHA256/ECDSA, SHA384/ECDSA, SHA512/ECDSA, RSA_PSS_SHA256, RSA_PSS_SHA384, RSA_PSS_SHA512, Unknown (0x8)/Unknown (0x9), Unknown (0x8)/Unknown (0xa), Unknown (0x8)/Unknown (0xb), SHA256/RSA, SHA384/RSA, SHA512/RSA, SHA256/DSA, SHA224/ECDSA, SHA224/RSA, SHA224/DSA, SHA1/ECDSA, SHA1/RSA, SHA1/DSA |
Named Groups | x25519, secp256r1, secp384r1, secp521r1, x448, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192 |
Next Protocol Negotiation | No |
Application Layer Protocol Negotiation | Yes h2 http/1.1 |
SSL 2 handshake compatibility | No |
Mixed Content Handling
Mixed Content Tests | ||
Images | Passive | Testing... |
CSS | Active | Testing... |
Scripts | Active | Testing... |
XMLHttpRequest | Active | Testing... |
WebSockets | Active | Testing... |
Frames | Active | Testing... |
(1) These tests might cause a mixed content warning in your browser. That's expected. (2) If you see a failed test, try to reload the page. If the error persists, please get in touch. |
Related Functionality | ||
Upgrade Insecure Requests request header (more info) | No |