www.htmlyse.com - Home

Test DNS, SSL/TLS, HTTP and HTML

Test results for ssllabs.com

Scanned on: Wed Jul 25 17:17:01 2018 GMT. Tested in 280 seconds

DNS Report

DNSSEC                 not offered
Zone transfer (AXFR)   not allowed (OK)
CAA Record             not offered
SPF Record             not offered
DMARC Record           not offered
MTA-STS                not offered
TLSRPT Record          not offered

Raw DNS Records

Name TTL Type Data
ssllabs.com 10800 SOA a.dns.gandi.net hostmaster @ gandi.net 1424823882 10800 3600 604800 10800
ssllabs.com 10800 NS a.dns.gandi.net
ssllabs.com 10800 NS b.dns.gandi.net
ssllabs.com 10800 NS c.dns.gandi.net
ssllabs.com 296 A 64.41.200.100
ssllabs.com 3600 MX 1 SSLLABS.COM.S10A1.PSMTP.COM
ssllabs.com 3600 MX 2 SSLLABS.COM.S10A2.PSMTP.COM
ssllabs.com 3600 MX 3 SSLLABS.COM.S10B1.PSMTP.COM
ssllabs.com 3600 MX 4 SSLLABS.COM.S10B2.PSMTP.COM
mta-sts.ssllabs.com 300 A 64.41.200.100
www.ssllabs.com 300 A 64.41.200.100
www.ssllabs.com 300 CNAME ssllabs.com

SSL/TLS Report

 A record via            supplied IP "64.41.200.100"
 rDNS (64.41.200.100):   www.ssllabs.com.
 Service detected:       HTTP


 SSL/TLS protocols 
 SSLv2      not offered (OK)
 SSLv3      not offered (OK)
 TLS 1      offered
 TLS 1.1    offered
 TLS 1.2    offered (OK)
 TLS 1.3    not offered -- downgraded
 NPN/SPDY   not offered
 ALPN/HTTP2 not offered

 SSL/TLS server implementation bugs 

 No bugs found.

 Cipher categories 

 NULL ciphers (no encryption)                  not offered (OK) -- NULL:eNULL
 Anonymous NULL Ciphers (no authentication)    not offered (OK) -- aNULL:ADH
 Export ciphers (w/o ADH+NULL)                 not offered (OK) -- EXPORT:!ADH:!NULL
 LOW: 64 Bit + DES encryption (w/o export)     not offered (OK) -- LOW:DES:!ADH:!EXP:!NULL
 Weak 128 Bit ciphers (SEED, IDEA, RC[2,4])    not offered (OK) -- MEDIUM:!aNULL:!AES:!CAMELLIA:!ARIA:!CHACHA20:!3DES
 Triple DES Ciphers (Medium)                   not offered (OK) -- 3DES:!aNULL:!ADH
 High encryption (AES+Camellia, no AEAD)       offered (OK) -- HIGH:!NULL:!aNULL:!DES:!3DES:!AESGCM:!CHACHA20:!AESGCM:!CamelliaGCM:!AESCCM8:!AESCCM
 Strong encryption (AEAD ciphers)              offered (OK) -- AESGCM:CHACHA20:AESGCM:CamelliaGCM:AESCCM8:AESCCM


 Robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 

 PFS is offered (OK)          ECDHE-RSA-AES256-GCM-SHA384 
                              ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA 
                              DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 
                              DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 
                              ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA 
                              DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 
                              DHE-RSA-AES128-SHA 
 Elliptic curves offered:     prime256v1 


 Server preferences 

 Has server cipher order?     yes (OK)
 Negotiated protocol          TLSv1.2
 Negotiated cipher            ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Cipher order
    TLSv1:     ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA 
               DHE-RSA-AES256-SHA 
    TLSv1.1:   ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA 
               DHE-RSA-AES256-SHA 
    TLSv1.2:   ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 
               ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA 
               ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384 
               DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384 
               DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA DHE-RSA-AES128-SHA256 
               DHE-RSA-AES256-SHA256 


 Server defaults (Server Hello) 

 TLS extensions (standard)    "renegotiation info/#65281"
                              "EC point formats/#11"
 Session Ticket RFC 5077 hint (no lifetime advertised)
 SSL Session ID support       yes
 Session Resumption           Tickets: yes, ID: yes
 TLS clock skew               Random values, no fingerprinting possible 
 Signature Algorithm          SHA256 with RSA
 Server key size              RSA 2048 bits
 Server key usage             Digital Signature, Key Encipherment
 Server extended key usage    TLS Web Server Authentication, TLS Web Client Authentication
 Serial / Fingerprints        09D8EBA6CC1729E8A3B86E98F960B30B / SHA1 835FA74E3CECAD06E82CB3469B7AF8287EDC59B2
                              SHA256 3385BAEC319FC7C0DCF242480F01B617C024675AED7734A1ABB6DC3EC45AF022
 Common Name (CN)             ssllabs.com
 subjectAltName (SAN)         ssllabs.com *.ssllabs.com 
 Issuer                       DigiCert Global CA G2 (DigiCert Inc from US)
 Trust (hostname)             Ok via SAN and CN (same w/o SNI)
 Chain of trust               Ok   
 EV cert (experimental)       no 
 Certificate Validity (UTC)   281 >= 60 days (2018-05-02 02:00 --> 2019-05-03 14:00)
 # of certificates provided   2
 Certificate Revocation List  http://crl3.digicert.com/DigiCertGlobalCAG2.crl
                              http://crl4.digicert.com/DigiCertGlobalCAG2.crl
 OCSP URI                     http://ocsp.digicert.com
 OCSP stapling                not offered
 OCSP must staple extension   --
 DNS CAA RR (experimental)    not offered
 Certificate Transparency     yes (certificate extension)


 HTTP header response @ "/" 

 HTTP Status Code             302 Found, redirecting to "https://www.ssllabs.com/"
 HTTP clock skew              +1 sec from localtime
 Strict Transport Security    365 days=31536000 s, just this domain
 Public Key Pinning           --
 Server banner                Apache
 Application banner           --
 Cookie(s)                    1 issued: 1/1 secure, 1/1 HttpOnly -- maybe better try target URL of 30x
 Security headers             X-Frame-Options DENY
                              X-XSS-Protection 1; mode=block
                              X-Content-Type-Options nosniff
                              Content-Security-Policy default-src 'self' ssllabs.com *.ssllabs.com
                              *.marketo.net 797-eni-742.mktoresp.com
                              cdnjs.cloudflare.com;
 Reverse Proxy banner         --


 SSL/TLS vulnerabilities 

 Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
 CCS (CVE-2014-0224)                       not vulnerable (OK)
 Ticketbleed (CVE-2016-9244), experiment.  not vulnerable (OK), no session ticket extension
 ROBOT                                     Server does not support any cipher suites that use RSA key transport
 Secure Renegotiation (CVE-2009-3555)      not vulnerable (OK)
 Secure Client-Initiated Renegotiation     not vulnerable (OK)
 CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
 BREACH (CVE-2013-3587)                    no HTTP compression (OK)  - only supplied "/" tested
 POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)
 TLS_FALLBACK_SCSV (RFC 7507)              Downgrade attack prevention supported (OK)
 SWEET32 (CVE-2016-2183, CVE-2016-6329)    not vulnerable (OK)
 FREAK (CVE-2015-0204)                     not vulnerable (OK)
 DROWN (CVE-2016-0800, CVE-2016-0703)      not vulnerable on this host and port (OK)
                                           make sure you don't use this certificate elsewhere with SSLv2 enabled services
                                           https://censys.io/ipv4?q=3385BAEC319FC7C0DCF242480F01B617C024675AED7734A1ABB6DC3EC45AF022
                                           could help you to find out
 LOGJAM (CVE-2015-4000), experimental      Common prime with 2048 bits detected: 
                                           RFC3526/Oakley Group 14,
                                           but no DH EXPORT ciphers
 BEAST (CVE-2011-3389)                     TLS1: ECDHE-RSA-AES128-SHA
                                                 ECDHE-RSA-AES256-SHA
                                                 DHE-RSA-AES128-SHA
                                                 DHE-RSA-AES256-SHA 
                                           VULNERABLE -- but also supports higher protocols  TLSv1.1 TLSv1.2 (likely mitigated)
 LUCKY13 (CVE-2013-0169), experimental     potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches
 RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)


 Tested 364 ciphers, ordered by encryption strength 

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (RFC)
-----------------------------------------------------------------------------------------------------------------------------
 xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH 256   AESGCM      256      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384              
 xc028   ECDHE-RSA-AES256-SHA384           ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384              
 xc014   ECDHE-RSA-AES256-SHA              ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA                 
 x9f     DHE-RSA-AES256-GCM-SHA384         DH 2048    AESGCM      256      TLS_DHE_RSA_WITH_AES_256_GCM_SHA384                
 x6b     DHE-RSA-AES256-SHA256             DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA256                
 x39     DHE-RSA-AES256-SHA                DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA                   
 xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH 256   AESGCM      128      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256              
 xc027   ECDHE-RSA-AES128-SHA256           ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256              
 xc013   ECDHE-RSA-AES128-SHA              ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA                 
 x9e     DHE-RSA-AES128-GCM-SHA256         DH 2048    AESGCM      128      TLS_DHE_RSA_WITH_AES_128_GCM_SHA256                
 x67     DHE-RSA-AES128-SHA256             DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA256                
 x33     DHE-RSA-AES128-SHA                DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA                   


 Ciphers per protocol, ordered by encryption strength 

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (RFC)
-----------------------------------------------------------------------------------------------------------------------------
TLS 1.3  
TLS 1.2  
 xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH 256   AESGCM      256      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384              
 xc028   ECDHE-RSA-AES256-SHA384           ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384              
 xc014   ECDHE-RSA-AES256-SHA              ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA                 
 x9f     DHE-RSA-AES256-GCM-SHA384         DH 2048    AESGCM      256      TLS_DHE_RSA_WITH_AES_256_GCM_SHA384                
 x6b     DHE-RSA-AES256-SHA256             DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA256                
 x39     DHE-RSA-AES256-SHA                DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA                   
 xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH 256   AESGCM      128      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256              
 xc027   ECDHE-RSA-AES128-SHA256           ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256              
 xc013   ECDHE-RSA-AES128-SHA              ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA                 
 x9e     DHE-RSA-AES128-GCM-SHA256         DH 2048    AESGCM      128      TLS_DHE_RSA_WITH_AES_128_GCM_SHA256                
 x67     DHE-RSA-AES128-SHA256             DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA256                
 x33     DHE-RSA-AES128-SHA                DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA                   
TLS 1.1  
 xc014   ECDHE-RSA-AES256-SHA              ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA                 
 x39     DHE-RSA-AES256-SHA                DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA                   
 xc013   ECDHE-RSA-AES128-SHA              ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA                 
 x33     DHE-RSA-AES128-SHA                DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA                   
TLS 1  
 xc014   ECDHE-RSA-AES256-SHA              ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA                 
 x39     DHE-RSA-AES256-SHA                DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA                   
 xc013   ECDHE-RSA-AES128-SHA              ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA                 
 x33     DHE-RSA-AES128-SHA                DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA                   
SSLv3  
SSLv2  

 Client simulations 

 Android 4.2.2                TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 Android 4.4.2                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Android 5.0.0                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Android 6.0                  TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Android 7.0                  TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 57 Win 7              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 65 Win 7              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 53 Win 7             TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 59 Win 7             TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 IE 6 XP                      No connection
 IE 7 Vista                   TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 IE 8 Win 7                   TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 IE 8 XP                      No connection
 IE 11 Win 7                  TLSv1.2 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 IE 11 Win 8.1                TLSv1.2 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 IE 11 Win Phone 8.1          TLSv1.2 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 IE 11 Win 10                 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Edge 13 Win 10               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Edge 13 Win Phone 10         TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Edge 15 Win 10               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Opera 17 Win 7               TLSv1.2 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 Safari 9 iOS 9               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Safari 9 OS X 10.11          TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Safari 10 OS X 10.12         TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Apple ATS 9 iOS 9            TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Tor 17.0.9 Win 7             TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 Java 6u45                    No connection
 Java 7u25                    TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 Java 8u161                   TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Java 9.0.4                   TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 OpenSSL 1.0.1l               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 OpenSSL 1.0.2e               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)


Security HTTP Headers

HTTP Strict Transport Security (HSTS)   offered (OK)
Content Security Policy (CSP)           offered (OK)
X-Frame-Options                         offered (OK)
X-XSS-Protection                        offered (OK)
X-Content-Type-Options                  offered (OK)
Expect-CT                               not offered
Referrer Policy                         not offered
Feature Policy                          not offered
Web Server Version Disclosure           not offered (OK)
Web Application Disclosure              not offered (OK)
HTTP Public Key Pins (HPKP)             not offered, deprecated

Connection Performance
Keep Alive Connection                   offered (OK)
Content Encoding (Compression)          offered (Gzip) OK, for static pages or if no secrets in the page

Raw HTTP Headers

HTTP/1.1 200 OK
Connection Keep-Alive
Content-Encoding gzip
Content-Length 2013
Content-Security-Policy default-src 'self' ssllabs.com *.ssllabs.com *.marketo.net 797-eni-742.mktoresp.com cdnjs.cloudflare.com;
Content-Type text/html;charset=UTF-8
Date Wed, 25 Jul 2018 17:12:28 GMT
Keep-Alive timeout=15, max=250
Server Apache
Set-Cookie JSESSIONID=B8A5F2A0EC8F76C9DCCD66A36AE67B63; Path=/; Secure; HttpOnly
Strict-Transport-Security max-age=31536000
Vary Accept-Encoding
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Cleaned HTML

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Qualys SSL Labs</title>
<link href="/includes/ssllabs.css" rel="styleSheet" type="text/css" />
<link href="/includes/main.css" rel="styleSheet" type="text/css" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="description" content="Bringing you the best SSL/TLS and PKI testing tools and documentation." />
<style type="text/css">
/*<![CDATA[*/
a.c1 {font-style: italic; font-weight: bold}
/*]]>*/
</style>
</head>
<body>
<div id="page">
<div id="header">
<div id="logo"><a href="/index.html" rel="noreferrer"><img src="https://ssllabs.com/images/qualys-ssl-labs-logo.png" width="341" height="55" alt="SSL Labs logo" title="SSL Labs logo" /></a></div>
<div id="navigation"><a class="link" href="/index.html" rel="noreferrer">Home</a> <a class="link" href="/projects/index.html" rel="noreferrer">Projects</a> <a class="link" href="https://www.qualys.com" rel="noreferrer">Qualys.com</a> <a class="link" href="/about/contact.html" rel="noreferrer">Contact</a></div>
<br clear="all" /></div>
<div class="mainPhoto">
<h2>HOW WELL DO YOU KNOW SSL?</h2>
<h3>If you want to learn more about the technology that protects the Internet, you’ve come to the right place.</h3>
<div class="featured"><a class="featuredLink" href="/ssltest/"><img src="images/test-server.png" width="41" height="41" alt="Test your server" /> Test your server » <span class="d">Test your site’s certificate and configuration</span></a> <a class="featuredLink" href="/ssltest/viewMyClient.html"><img src="images/test-browser.png" width="41" height="41" alt="Test your browser" /> Test your browser » <span class="d">Test your browser’s SSL implementation</span></a> <a class="featuredLink" href="/ssl-pulse/"><img src="images/ssl-pulse.png" width="41" height="41" alt="SSL Pulse" /> SSL Pulse » <span class="d">See how other web sites are doing</span></a> <a class="featuredLink" href="/projects/documentation/"><img src="images/best-practices.png" width="41" height="41" alt="Documentation" /> Documentation » <span class="d">Learn how to deploy SSL/TLS correctly</span></a></div>
</div>
<div id="threeColumns">
<table cellpadding="10" cellspacing="0" border="0" xheight="100%">
<tr valign="top">
<td width="340">
<h2>Books</h2>
<p><a href="https://www.feistyduck.com/books/bulletproof-ssl-and-tls/"><img src="/images/bulletproof-cover.png" width="100" height="123" align="left" class="bookImage" /></a> <a class="c1" href="https://www.feistyduck.com/books/bulletproof-ssl-and-tls/">Bulletproof SSL and TLS</a> is a complete guide to deploying secure servers and web applications. This book, which provides comprehensive coverage of the ever-changing field of SSL/TLS and Web PKI, is intended for IT security professionals, system administrators, and developers, with the main focus on getting things done. &nbsp; <span class="spanFont"><a href="https://www.feistyduck.com/books/bulletproof-ssl-and-tls/">MORE&nbsp;»</a></span></p>
</td>
<td width="340">
<h2>News <a href="https://community.qualys.com/blogs/securitylabs/feeds/tags/ssl"><img src="images/rss-icon-16.png" width="16" height="16" border="0" /></a></h2>
<iframe id="news-iframe" src="news-iframe.html" scrolling="no" frameborder="0" height="220" name="news-iframe"></iframe></td>
<td width="300">
<h2>About SSL Labs</h2>
<p>SSL Labs is a collection of documents, tools and thoughts related to SSL. It's an attempt to better understand how SSL is deployed, and an attempt to make it better. I hope that, in time, SSL Labs will grow into a forum where SSL will be discussed and improved.</p>
<p>SSL Labs is a non-commercial research effort, and we welcome participation from any individual and organization interested in SSL.</p>
<p>-- <i>Ivan Ristić, Qualys</i></p>
</td>
</tr>
</table>
</div>
</div>
<div id="pageEnd">
<div id="copyright">
<table width="1050" border="0" cellpadding="5" cellspacing="0">
<tr>
<td class="footer">Copyright © 2009-2018 <a href="https://www.qualys.com">Qualys, Inc</a>. All Rights Reserved.</td>
<td align="right" class="footer"><a href="https://www.ssllabs.com/about/terms.html" rel="noreferrer">Terms and Conditions</a></td>
</tr>
<tr>
<td class="footer">Qualys is the leading provider of integrated <a href="https://www.qualys.com/solutions/infrastructure/">infrastructure security</a>, <a href="https://www.qualys.com/solutions/cloud/">cloud infrastructure security</a>, <a href="https://www.qualys.com/solutions/endpoint/">endpoint security</a>, <a href="https://www.qualys.com/solutions/devsecops/">devsecops</a>, <a href="https://www.qualys.com/solutions/compliance/">compliance</a> and <a href="https://www.qualys.com/solutions/web-app/">web app security</a> solutions.</td>
</tr>
</table>
</div>
</div>
</body>
</html>

Warnings Errors and Accessibility

line 74 column 5 - Info: value for attribute "cellpadding" missing quote marks
line 74 column 5 - Info: value for attribute "cellspacing" missing quote marks
line 74 column 5 - Info: value for attribute "border" missing quote marks
line 74 column 5 - Info: value for attribute "xheight" missing quote marks
line 76 column 5 - Info: value for attribute "width" missing quote marks
line 91 column 5 - Info: value for attribute "width" missing quote marks
line 125 column 9 - Info: value for attribute "width" missing quote marks
line 125 column 9 - Info: value for attribute "border" missing quote marks
line 125 column 9 - Info: value for attribute "cellpadding" missing quote marks
line 125 column 9 - Info: value for attribute "cellspacing" missing quote marks
line 128 column 10 - Info: value for attribute "align" missing quote marks

Accessibility Checks:

line 3 column 1 - Access: [4.3.1.1]: language not identified.
line 6 column 9 - Access: [6.1.1.1]: style sheets require testing (link).
line 7 column 9 - Access: [6.1.1.1]: style sheets require testing (link).
line 22 column 64 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 22 column 64 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 27 column 13 - Access: [13.1.1.1]: link text not meaningful.
line 45 column 25 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 47 column 25 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 51 column 25 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 53 column 25 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 57 column 25 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 59 column 25 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 63 column 25 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 65 column 13 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 74 column 5 - Access: [5.5.2.1]: <table> missing <caption>.
line 74 column 5 - Access: [5.5.1.1]: <table> missing summary.
line 74 column 5 - Access: [5.3.1.1]: verify layout tables linearize properly.
line 74 column 5 - Access: [5.1.2.1]: data <table> missing row/column headers (all).
line 80 column 85 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 80 column 85 - Access: [1.1.1.1]: <img> missing 'alt' text.
line 80 column 85 - Access: [1.1.2.1]: <img> missing 'longdesc' and d-link.
line 92 column 99 - Access: [2.1.1.1]: ensure information not conveyed through color alone (image).
line 92 column 99 - Access: [1.1.1.1]: <img> missing 'alt' text.
line 125 column 9 - Access: [5.5.2.1]: <table> missing <caption>.
line 125 column 9 - Access: [5.5.1.1]: <table> missing summary.
line 74 column 5 - Warning: <table> proprietary attribute "xheight"
Info: Doctype given is "-//W3C//DTD HTML 4.01 Transitional//EN"
Info: Document content looks like HTML 4.01 Transitional
Info: No system identifier in emitted doctype
<HTMLYSE> found 1 warning and 0 errors!