www.htmlyse.com - Home

Test DNS, SSL/TLS, HTTP and HTML

Test results for openssl.com

Scanned on: Thu Oct 25 11:43:36 2018 GMT. Tested in 129 seconds

DNS Report

DNSSEC                 not offered
Zone transfer (AXFR)   allowed (not OK)
CAA Record             not offered
SPF Record             not offered
DMARC Record           not offered
MTA-STS                not offered
TLSRPT Record          not offered

Raw DNS Records

Name TTL Type Data
openssl.com 3600 SOA auth.openssl.com hostmaster @ openssl.com 2018100201 3600 900 3600000 3600
openssl.com 3600 NS ns.openssl.com, IPv4: 185.9.166.108, IPv6: 2a03:4bc0:2900:a501:0:0:2:1
openssl.com 3600 NS primary.lp.se, IPv4: 185.231.103.67, IPv6: 2a0c:5700:3133:652:0:0:0:43
openssl.com 3600 A 194.97.150.234
openssl.com 3600 AAAA 2001:608:c00:180:0:0:1:ea
openssl.com 3600 MX 10 mta.openssl.com

SSL/TLS Report

 Further IP addresses:   2001:608:c00:180::1:ea 
 A record via            supplied IP "194.97.150.234"
 rDNS (194.97.150.234):  dev.openssl.org. www-origin.openssl.org. openssl.org.
 Service detected:       HTTP


 SSL/TLS protocols 
 SSLv2      not offered (OK)
 SSLv3      not offered (OK)
 TLS 1      offered
 TLS 1.1    offered
 TLS 1.2    offered (OK)
 TLS 1.3    not offered -- downgraded
 NPN/SPDY   not offered
 ALPN/HTTP2 http/1.1 (offered)

 SSL/TLS server implementation bugs 

 No bugs found.

 Cipher categories 

 NULL ciphers (no encryption)                  not offered (OK) -- NULL:eNULL
 Anonymous NULL Ciphers (no authentication)    not offered (OK) -- aNULL:ADH
 Export ciphers (w/o ADH+NULL)                 not offered (OK) -- EXPORT:!ADH:!NULL
 LOW: 64 Bit + DES encryption (w/o export)     not offered (OK) -- LOW:DES:!ADH:!EXP:!NULL
 Weak 128 Bit ciphers (SEED, IDEA, RC[2,4])    offered (NOT ok) -- MEDIUM:!aNULL:!AES:!CAMELLIA:!ARIA:!CHACHA20:!3DES
 Triple DES Ciphers (Medium)                   not offered (OK) -- 3DES:!aNULL:!ADH
 High encryption (AES+Camellia, no AEAD)       offered (OK) -- HIGH:!NULL:!aNULL:!DES:!3DES:!AESGCM:!CHACHA20:!AESGCM:!CamelliaGCM:!AESCCM8:!AESCCM
 Strong encryption (AEAD ciphers)              offered (OK) -- AESGCM:CHACHA20:AESGCM:CamelliaGCM:AESCCM8:AESCCM


 Robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 

 PFS is offered (OK)          ECDHE-RSA-AES256-GCM-SHA384 
                              ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA 
                              DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 
                              DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA 
                              ECDHE-RSA-AES128-GCM-SHA256 
                              ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA 
                              DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 
                              DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA 
                              DHE-RSA-CAMELLIA128-SHA 
 Elliptic curves offered:     sect283k1 sect283r1 sect409k1 sect409r1 sect571k1 
                              sect571r1 secp256k1 prime256v1 secp384r1 
                              secp521r1 brainpoolP256r1 brainpoolP384r1 
                              brainpoolP512r1 


 Server preferences 

 Has server cipher order?     yes (OK)
 Negotiated protocol          TLSv1.2
 Negotiated cipher            ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Cipher order
    TLSv1:     ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA DHE-RSA-AES256-SHA 
               DHE-RSA-CAMELLIA256-SHA DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA 
               DHE-RSA-CAMELLIA128-SHA 
    TLSv1.1:   ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA DHE-RSA-AES256-SHA 
               DHE-RSA-CAMELLIA256-SHA DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA 
               DHE-RSA-CAMELLIA128-SHA 
    TLSv1.2:   ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256 
               ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES128-SHA256 
               ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA 
               DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 
               DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA 
               DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 
               DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA DHE-RSA-CAMELLIA128-SHA 


 Server defaults (Server Hello) 

 TLS extensions (standard)    "server name/#0" "renegotiation info/#65281"
                              "EC point formats/#11" "session ticket/#35"
                              "heartbeat/#15"
                              "application layer protocol negotiation/#16"
 Session Ticket RFC 5077 hint 300 seconds, session tickets keys seems to be rotated < daily
 SSL Session ID support       yes
 Session Resumption           Tickets: yes, ID: yes
 TLS clock skew               Random values, no fingerprinting possible 
 Signature Algorithm          SHA256 with RSA
 Server key size              RSA 2048 bits
 Server key usage             Digital Signature, Key Encipherment
 Server extended key usage    TLS Web Server Authentication, TLS Web Client Authentication
 Serial / Fingerprints        037C71E36882054AF73CBA7199D43411B903 / SHA1 6DFB3756F2D55A0ABCA69323F5667DF34BC87F7C
                              SHA256 891EF484125F87E6628EEF7CA08F2F9DA5BB081DF165001AE187B07F92ADFEFF
 Common Name (CN)             openssl.org
 subjectAltName (SAN)         api.openssl.org beta.openssl.org ftp.openssl.org
                              git.openssl.org license.openssl.org openssl.com
                              openssl.org opensslfoundation.com
                              opensslservices.com status.openssl.org
                              wiki.openssl.org www-origin.openssl.org
                              www.openssl.com www.openssl.org
                              www.opensslfoundation.com www.opensslservices.com
 Issuer                       Let's Encrypt Authority X3 (Let's Encrypt from US)
 Trust (hostname)             Ok via SAN (same w/o SNI)
 Chain of trust               Ok   
 EV cert (experimental)       no 
 Certificate Validity (UTC)   54 >= 30 days (2018-09-19 20:39 --> 2018-12-18 19:39)
 # of certificates provided   2
 Certificate Revocation List  --
 OCSP URI                     http://ocsp.int-x3.letsencrypt.org
 OCSP stapling                not offered
 OCSP must staple extension   --
 DNS CAA RR (experimental)    not offered
 Certificate Transparency     yes (certificate extension)


 HTTP header response @ "/" 

 HTTP Status Code             301 Moved Permanently, redirecting to "https://www.openssl.org/community/contacts.html"
 HTTP clock skew              +1 sec from localtime
 Strict Transport Security    365 days=31536000 s, includeSubDomains, preload
 Public Key Pinning           --
 Server banner                Apache/2.4.18 (Ubuntu)
 Application banner           --
 Cookie(s)                    (none issued at "/") -- maybe better try target URL of 30x
 Security headers             --
 Reverse Proxy banner         --


 SSL/TLS vulnerabilities 

 Heartbleed (CVE-2014-0160)                not vulnerable (OK), timed out
 CCS (CVE-2014-0224)                       not vulnerable (OK)
 Ticketbleed (CVE-2016-9244), experiment.  not vulnerable (OK)
 ROBOT                                     Server does not support any cipher suites that use RSA key transport
 Secure Renegotiation (CVE-2009-3555)      not vulnerable (OK)
 Secure Client-Initiated Renegotiation     not vulnerable (OK)
 CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
 BREACH (CVE-2013-3587)                    no HTTP compression (OK)  - only supplied "/" tested
 POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)
 TLS_FALLBACK_SCSV (RFC 7507)              Downgrade attack prevention supported (OK)
 SWEET32 (CVE-2016-2183, CVE-2016-6329)    not vulnerable (OK)
 FREAK (CVE-2015-0204)                     not vulnerable (OK)
 DROWN (CVE-2016-0800, CVE-2016-0703)      not vulnerable on this host and port (OK)
                                           make sure you don't use this certificate elsewhere with SSLv2 enabled services
                                           https://censys.io/ipv4?q=891EF484125F87E6628EEF7CA08F2F9DA5BB081DF165001AE187B07F92ADFEFF
                                           could help you to find out
 LOGJAM (CVE-2015-4000), experimental      Common prime with 2048 bits detected: 
                                           RFC3526/Oakley Group 14,
                                           but no DH EXPORT ciphers
 BEAST (CVE-2011-3389)                     TLS1: ECDHE-RSA-AES256-SHA
                                                 ECDHE-RSA-AES128-SHA
                                                 DHE-RSA-AES256-SHA
                                                 DHE-RSA-CAMELLIA256-SHA
                                                 DHE-RSA-AES128-SHA
                                                 DHE-RSA-SEED-SHA
                                                 DHE-RSA-CAMELLIA128-SHA 
                                           VULNERABLE -- but also supports higher protocols  TLSv1.1 TLSv1.2 (likely mitigated)
 LUCKY13 (CVE-2013-0169), experimental     potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches
 RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)


 Tested 364 ciphers, ordered by encryption strength 

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (RFC)
-----------------------------------------------------------------------------------------------------------------------------
 xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH 256   AESGCM      256      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384              
 xc028   ECDHE-RSA-AES256-SHA384           ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384              
 xc014   ECDHE-RSA-AES256-SHA              ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA                 
 x9f     DHE-RSA-AES256-GCM-SHA384         DH 2048    AESGCM      256      TLS_DHE_RSA_WITH_AES_256_GCM_SHA384                
 x6b     DHE-RSA-AES256-SHA256             DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA256                
 x39     DHE-RSA-AES256-SHA                DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA                   
 x88     DHE-RSA-CAMELLIA256-SHA           DH 2048    Camellia    256      TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA              
 xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH 256   AESGCM      128      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256              
 xc027   ECDHE-RSA-AES128-SHA256           ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256              
 xc013   ECDHE-RSA-AES128-SHA              ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA                 
 x9e     DHE-RSA-AES128-GCM-SHA256         DH 2048    AESGCM      128      TLS_DHE_RSA_WITH_AES_128_GCM_SHA256                
 x67     DHE-RSA-AES128-SHA256             DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA256                
 x33     DHE-RSA-AES128-SHA                DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA                   
 x9a     DHE-RSA-SEED-SHA                  DH 2048    SEED        128      TLS_DHE_RSA_WITH_SEED_CBC_SHA                      
 x45     DHE-RSA-CAMELLIA128-SHA           DH 2048    Camellia    128      TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA              


 Ciphers per protocol, ordered by encryption strength 

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (RFC)
-----------------------------------------------------------------------------------------------------------------------------
TLS 1.3  
TLS 1.2  
 xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH 256   AESGCM      256      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384              
 xc028   ECDHE-RSA-AES256-SHA384           ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384              
 xc014   ECDHE-RSA-AES256-SHA              ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA                 
 x9f     DHE-RSA-AES256-GCM-SHA384         DH 2048    AESGCM      256      TLS_DHE_RSA_WITH_AES_256_GCM_SHA384                
 x6b     DHE-RSA-AES256-SHA256             DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA256                
 x39     DHE-RSA-AES256-SHA                DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA                   
 x88     DHE-RSA-CAMELLIA256-SHA           DH 2048    Camellia    256      TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA              
 xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH 256   AESGCM      128      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256              
 xc027   ECDHE-RSA-AES128-SHA256           ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256              
 xc013   ECDHE-RSA-AES128-SHA              ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA                 
 x9e     DHE-RSA-AES128-GCM-SHA256         DH 2048    AESGCM      128      TLS_DHE_RSA_WITH_AES_128_GCM_SHA256                
 x67     DHE-RSA-AES128-SHA256             DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA256                
 x33     DHE-RSA-AES128-SHA                DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA                   
 x9a     DHE-RSA-SEED-SHA                  DH 2048    SEED        128      TLS_DHE_RSA_WITH_SEED_CBC_SHA                      
 x45     DHE-RSA-CAMELLIA128-SHA           DH 2048    Camellia    128      TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA              
TLS 1.1  
 xc014   ECDHE-RSA-AES256-SHA              ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA                 
 x39     DHE-RSA-AES256-SHA                DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA                   
 x88     DHE-RSA-CAMELLIA256-SHA           DH 2048    Camellia    256      TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA              
 xc013   ECDHE-RSA-AES128-SHA              ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA                 
 x33     DHE-RSA-AES128-SHA                DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA                   
 x9a     DHE-RSA-SEED-SHA                  DH 2048    SEED        128      TLS_DHE_RSA_WITH_SEED_CBC_SHA                      
 x45     DHE-RSA-CAMELLIA128-SHA           DH 2048    Camellia    128      TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA              
TLS 1  
 xc014   ECDHE-RSA-AES256-SHA              ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA                 
 x39     DHE-RSA-AES256-SHA                DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA                   
 x88     DHE-RSA-CAMELLIA256-SHA           DH 2048    Camellia    256      TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA              
 xc013   ECDHE-RSA-AES128-SHA              ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA                 
 x33     DHE-RSA-AES128-SHA                DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA                   
 x9a     DHE-RSA-SEED-SHA                  DH 2048    SEED        128      TLS_DHE_RSA_WITH_SEED_CBC_SHA                      
 x45     DHE-RSA-CAMELLIA128-SHA           DH 2048    Camellia    128      TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA              
SSLv3  
SSLv2  

 Client simulations 

 Android 2.3.7                TLSv1.0 DHE-RSA-AES128-SHA, 2048 bit DH
 Android 4.0.4                TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Android 4.1.1                TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Android 4.2.2                TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Android 4.3                  TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Android 4.4.2                TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Android 5.0.0                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Android 6.0                  TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Android 7.0                  TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Chrome 27 Win 7              TLSv1.1 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Chrome 28 Win 7              TLSv1.1 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Chrome 29 Win 7              TLSv1.1 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Chrome 30 Win 7              TLSv1.2 ECDHE-RSA-AES128-SHA256, 256 bit ECDH (P-256)
 Chrome 31 Win 7              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 32 Win 7              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 33 Win 7              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 34 OS X               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 35 Win 7              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 36 Win 7              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 37 OS X               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 39 OS X               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 40 OS X               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 42 OS X               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 43 OS X               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 45 OS X               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 47 OS X               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 48 OS X               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 49 Win 7              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 49 XP SP3             TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 50 Win 7              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 51 Win 7              TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Chrome 57 Win 7              TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Chrome 65 Win 7              TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Chrome 69 Win 7              TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Chrome 70 Win 10             TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Firefox 10.0.12 ESR Win 7    TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Firefox 17.0.7 ESR Win 7     TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Firefox 21 Fedora 19         TLSv1.0 DHE-RSA-AES256-SHA, 2048 bit DH
 Firefox 21 Win 7             TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Firefox 22 Win 7             TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Firefox 24.2.0 ESR Win 7     TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Firefox 24 Win 7             TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Firefox 26 Win 8             TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Firefox 27 Win 8             TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 29 OS X              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 30 OS X              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 31.3.0 ESR Win 7     TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 31 OS X              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 32 OS X              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 34 OS X              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 35 OS X              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 37 OS X              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 39 OS X              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 41 OS X              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 42 OS X              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 44 OS X              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 45 Win 7             TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 46 Win 7             TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 47 Win 7             TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 49 Win 7             TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Firefox 49 XP SP3            TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Firefox 53 Win 7             TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Firefox 59 Win 7             TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Firefox 62 Win 7             TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 IE 6 XP                      No connection
 IE 7 Vista                   TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 IE 8-10 Win 7                TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 IE 8 Win 7                   TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 IE 8 XP                      No connection
 IE 9 Win 7                   TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 IE 10 Win Phone 8.0          TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 IE 11 Win 7                  TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
 IE 11 Win 8.1                TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
 IE 11 Win Phone 8.1          TLSv1.2 ECDHE-RSA-AES128-SHA256, 256 bit ECDH (P-256)
 IE 11 Win Phone 8.1 Update   TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
 IE 11 Win 10                 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 IE 11 Win 10 Preview         TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Edge 12 Win 10               TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Edge 13 Win 10               TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Edge 13 Win Phone 10         TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Edge 15 Win 10               TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Opera 12.15 Win 7            TLSv1.0 DHE-RSA-AES256-SHA, 2048 bit DH
 Opera 15 Win 7               TLSv1.1 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Opera 16 Win 7               TLSv1.1 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Opera 17 Win 7               TLSv1.2 ECDHE-RSA-AES128-SHA256, 256 bit ECDH (P-256)
 Safari 5.1.9 OS X 10.6.8     TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Safari 5 iOS 5.1.1           TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
 Safari 6.0.4 OS X 10.8.4     TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Safari 6 iOS 6.0.1           TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
 Safari 7 iOS 7.1             TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
 Safari 7 OS X 10.9           TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
 Safari 8 iOS 8.0 Beta        TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
 Safari 8 iOS 8.4             TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
 Safari 8 OS X 10.10          TLSv1.2 ECDHE-RSA-AES256-SHA384, 256 bit ECDH (P-256)
 Safari 9 iOS 9               TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Safari 9 OS X 10.11          TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Safari 10 iOS 10             TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Safari 10 OS X 10.12         TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Tor 17.0.9 Win 7             TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Apple ATS 9 iOS 9            TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Baidu Jan 2015               TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 BingBot Dec 2013             TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 BingPreview Dec 2013         TLSv1.0 DHE-RSA-AES256-SHA, 2048 bit DH
 BingPreview Jun 2014         TLSv1.0 DHE-RSA-AES256-SHA, 2048 bit DH
 BingPreview Jan 2015         TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Googlebot Oct 2013           TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Googlebot Jun 2014           TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Googlebot Feb 2015           TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Googlebot Feb 2018           TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Yahoo Slurp Oct 2013         TLSv1.0 ECDHE-RSA-AES256-SHA, 256 bit ECDH (P-256)
 Yahoo Slurp Jun 2014         TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Yahoo Slurp Jan 2015         TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 YandexBot 3.0                No connection
 YandexBot May 2014           TLSv1.0 DHE-RSA-AES256-SHA, 2048 bit DH
 YandexBot Sep 2014           TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 YandexBot Jan 2015           TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Java 6u45                    No connection
 Java 7u25                    TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 Java 8b132                   TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Java 8u111                   TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Java 8u161                   TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 Java 8u31                    TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Java 9.0.4                   TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 OpenSSL 0.9.8y               TLSv1.0 DHE-RSA-AES256-SHA, 2048 bit DH
 OpenSSL 1.0.1h               TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 OpenSSL 1.0.1l               TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
 OpenSSL 1.0.2e               TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)


Security HTTP Headers

HTTP Strict Transport Security (HSTS)   offered (OK)
Content Security Policy (CSP)           not offered (NOT ok)
X-Frame-Options                         not offered (NOT ok)
X-XSS-Protection                        not offered
X-Content-Type-Options                  not offered
Expect-CT                               not offered
Referrer Policy                         not offered
Feature Policy                          not offered
Web Server Version Disclosure           offered (NOT ok)
Web Application Disclosure              not offered (OK)
HTTP Public Key Pins (HPKP)             not offered, deprecated

Connection Performance
Keep Alive Connection                   offered (OK)
Content Encoding (Compression)          offered (Gzip) OK, for static pages or if no secrets in the page

Raw HTTP Headers

HTTP/1.1 200 OK
Accept-Ranges bytes
Cache-Control max-age=172764
Connection keep-alive
Content-Encoding gzip
Content-Length 2043
Content-Type text/html; charset=UTF-8
Date Thu, 25 Oct 2018 11:41:35 GMT
Expires Sat, 27 Oct 2018 11:40:59 GMT
Server Apache/2.4.18 (Ubuntu)
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
Vary Accept-Encoding

Cleaned HTML

<!DOCTYPE html>
<html lang="en">
<head>
<title>/community/contacts.html</title>
<meta charset="utf-8" />
<meta name="author" content="OpenSSL Foundation, Inc." />
<meta name="HandheldFriendly" content="True" />
<meta name="MobileOptimized" content="320" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<link rel="canonical" href="https://www.openssl.org/" />
<link href="/favicon.ico" rel="icon" />
<link href="/inc/screen.css" media="screen, projection" rel="stylesheet" type="text/css" />
<script src="/inc/modernizr-2.0.js"></script>
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
<script>
<![CDATA[
!window.jQuery && document.write(unescape('%3Cscript src="./inc/libs/jquery.min.js"%3E%3C/script%3E'))
]]>
</script>
<script src="/inc/octopress.js" type="text/javascript"></script>
<link href="//fonts.googleapis.com/css?family=PT+Serif:regular,italic,bold,bolditalic" rel="stylesheet" type="text/css" />
<link href="//fonts.googleapis.com/css?family=PT+Sans:regular,italic,bold,bolditalic" rel="stylesheet" type="text/css" />
</head>
<body>
<header role="banner">
<hgroup>
<h1><a href="/"><span id="header-open-text">Open</span><span id="header-ssl-text">SSL</span></a></h1>
<h2>Cryptography and SSL/TLS Toolkit</h2>
</hgroup>
</header>
<nav role="navigation">
<form action="https://www.google.com/search" method="get">
<fieldset role="search"><input type="hidden" name="sitesearch" value="www.openssl.org" /> <input class="search" type="text" name="q" results="0" placeholder="Search" /></fieldset>
</form>
<ul class="main-navigation">
<li><a href="/" title="Home page">Home</a></li>
<li><a href="/blog/" title="Team blog">Blog</a></li>
<li><a href="/source/" title="Source code">Downloads</a></li>
<li><a href="/docs/" title="FAQ, FIPS, manpages, ...">Docs</a></li>
<li><a href="/news/" title="Latest information">News</a></li>
<li><a href="/policies/" title="How we operate">Policies</a></li>
<li><a href="/community/" title="Blog, bugs, email, ...">Community</a></li>
<li><a href="/support/" title="Commercial support and contracting">Support</a></li>
</ul>
</nav>
<div id="main">
<div id="content">
<div class="blog-index">
<article>
<header>
<h2>Contact Information</h2>
</header>
<div class="entry-content">
<p>The <em>OpenSSL Software Foundation</em> (OSF) represents the OpenSSL project in most legal capacities including contributor license agreements, managing donations, and so on. It is a Delaware (US) non-profit corporation with its own <a href="/policies/osf-bylaws.pdf">bylaws</a>.</p>
<p><em>OpenSSL Software Services</em> (OSS) also represents the OpenSSL project, for <a href="/support/contracts.html">Support Contracts</a>, and as the Vendor of Record for NIST Cryptographic Module <a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/Certificate/1747">#1747</a> (This is an open-source validation of <a href="/docs/fips.html">FIPS-140</a> based on OpenSSL). It is a Delaware (US) corporation with its own <a href="/policies/oss-bylaws.pdf">bylaws</a>.</p>
<p>The best way to contact OSF or OSS is by sending an email to <a href="mailto:osf-contact@openssl.org">osf-contact@openssl.org</a>. For postal contact, use the following:</p>
<blockquote>40 E Main St, Suite 744<br />
Newark DE 19711<br />
USA<br /></blockquote>
<p></p>
</div>
<footer>You are here: <a href="/">Home</a> : <a href=".">Community</a> : <a href="">Contact Us</a><br />
<a href="/sitemap.txt">Sitemap</a></footer>
</article>
</div>
<aside class="sidebar">
<section>
<h1><a href=".">Community</a></h1>
<ul>
<li><a href="committers.html">List of Committers</a></li>
<li><a href="omc.html">OpenSSL Management Committee</a></li>
<li><a href="conduct.html">Code of Conduct</a></li>
<li><a href="contacts.html">Contact Information</a></li>
<li><a href="getting-started.html">Getting Started as a Contributor</a></li>
<li><a href="mailinglists.html">Mailing Lists</a></li>
<li><a href="https://wiki.openssl.org">Wiki</a></li>
<li><a href="/blog">Blog</a></li>
<li><a href="binaries.html">Binaries and Engines</a></li>
<li><a href="thanks.html">Thanks!</a></li>
</ul>
</section>
</aside>
</div>
</div>
<footer role="contentinfo">
<p>Please report problems with this website to webmaster at openssl.org.</p>
<p>Copyright © 1999-2018, OpenSSL Software Foundation.</p>
</footer>
</body>
</html>

Warnings Errors and Accessibility

line 102 column 11 - Warning: inserting implicit <p>

Accessibility Checks:

line 16 column 3 - Access: [6.1.1.1]: style sheets require testing (link).
line 18 column 3 - Access: [6.2.2.2]: text equivalents require updating (script).
line 18 column 3 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 18 column 3 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 18 column 3 - Access: [7.1.1.1]: remove flicker (script).
line 18 column 3 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 18 column 3 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 19 column 3 - Access: [6.2.2.2]: text equivalents require updating (script).
line 19 column 3 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 19 column 3 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 19 column 3 - Access: [7.1.1.1]: remove flicker (script).
line 19 column 3 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 19 column 3 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 20 column 3 - Access: [6.2.2.2]: text equivalents require updating (script).
line 20 column 3 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 20 column 3 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 20 column 3 - Access: [7.1.1.1]: remove flicker (script).
line 20 column 3 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 20 column 3 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 21 column 3 - Access: [6.2.2.2]: text equivalents require updating (script).
line 21 column 3 - Access: [6.3.1.1]: programmatic objects require testing (script).
line 21 column 3 - Access: [8.1.1.1]: ensure programmatic objects are accessible (script).
line 21 column 3 - Access: [7.1.1.1]: remove flicker (script).
line 21 column 3 - Access: [2.1.1.4]: ensure information not conveyed through color alone (script).
line 21 column 3 - Access: [1.1.10.1]: <script> missing <noscript> section.
line 23 column 3 - Access: [6.1.1.1]: style sheets require testing (link).
line 24 column 3 - Access: [6.1.1.1]: style sheets require testing (link).
line 50 column 7 - Access: [2.1.1.5]: ensure information not conveyed through color alone (input).
line 51 column 7 - Access: [2.1.1.5]: ensure information not conveyed through color alone (input).
line 51 column 7 - Access: [12.4.1.1]: associate labels explicitly with form controls.
line 56 column 9 - Access: [13.1.1.1]: link text not meaningful.
line 57 column 9 - Access: [13.1.1.1]: link text not meaningful.
line 59 column 9 - Access: [13.1.1.1]: link text not meaningful.
line 60 column 9 - Access: [13.1.1.1]: link text not meaningful.
line 86 column 13 - Access: [13.1.1.1]: link text not meaningful.
line 106 column 25 - Access: [13.1.1.1]: link text not meaningful.
line 137 column 11 - Access: [13.1.1.1]: link text not meaningful.
line 140 column 11 - Access: [13.1.1.1]: link text not meaningful.
line 108 column 13 - Warning: <a> attribute "href" lacks value
line 51 column 7 - Warning: <input> proprietary attribute "results"
Info: Document content looks like HTML5
<HTMLYSE> found 3 warnings and 0 errors!