SSL Report:
lyo.kr
(175.212.190.221)
Assessed on: Fri, 13 Jun 2025 17:49:07 UTC
| Clear cache
Summary
0
20
40
60
80
100
Certificate
Protocol Support
Key Exchange
Cipher Strength
Visit our documentation page
for more information, configuration guides, and books. Known issues are documented
here.
This server supports weak Diffie-Hellman (DH) key exchange parameters. Grade capped to B.
MORE INFO »
This server uses SSL 3, which is obsolete and insecure. Grade capped to B. MORE INFO »
This server accepts RC4 cipher, but only with older protocols. Grade capped to B.
MORE INFO »
This server does not support Forward Secrecy with the reference browsers.
Grade capped to B.
MORE INFO »
This server supports TLS 1.0 and TLS 1.1.
Grade capped to B. MORE INFO »
This server does not support TLS 1.3. MORE INFO »
This site works only in browsers with SNI support.
Certificate #1: RSA 2048 bits (SHA256withRSA)

Server Key and Certificate #1
|
|
Subject |
lyo.kr
Fingerprint SHA256: 44060063266d20a51e146faf38b6dbca6041c52d1a5bd64b10f023e3c10e575b Pin SHA256: uJJYwtnPZkkIckVq19g3Xb7bWFTO7fJtYe7fKJnH/2w= |
Common names | lyo.kr |
Alternative names | lyo.kr |
Serial Number | 062095e23483f1c3e14fd986a099b93176a3 |
Valid from | Mon, 19 May 2025 05:49:24 UTC |
Valid until | Sun, 17 Aug 2025 05:49:23 UTC (expires in 2 months and 3 days) |
Key | RSA 2048 bits (e 65537) |
Weak key (Debian) | No |
Issuer | R11
AIA: http://r11.i.lencr.org/ |
Signature algorithm | SHA256withRSA |
Extended Validation | No |
Certificate Transparency | Yes (certificate) |
OCSP Must Staple | No |
Revocation information |
CRL CRL: http://r11.c.lencr.org/36.crl |
Revocation status | Good (not revoked) |
DNS CAA | No (more info) |
Trusted | Yes
Mozilla Apple Android Java Windows |


![]() ![]() |
Certificate #2: RSA 2048 bits (SHA256withRSA)
No SNI





![]() ![]() |
Configuration

Protocols | |
TLS 1.3 | No |
TLS 1.2 | Yes* |
TLS 1.1 | Yes |
TLS 1.0 | Yes* |
SSL 3 2 INSECURE | Yes |
SSL 2 | No |
(2) This site requires support for virtual secure hosting (SNI), but SSL 2 and SSL 3 do not support this feature. | |
(*) Experimental: Server negotiated using No-SNI |

Cipher Suites | ||
![]() ![]() # TLS 1.2 (server has no preference)
|
||
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa )
WEAK
|
112 | |
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16 )
DH 1024 bits FS
WEAK
|
112 | |
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
WEAK
|
112 | |
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f )
WEAK
|
128 | |
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33 )
DH 1024 bits FS
WEAK
|
128 | |
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x41 )
WEAK
|
128 | |
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x45 )
DH 1024 bits FS
WEAK
|
128 | |
TLS_RSA_WITH_SEED_CBC_SHA (0x96 )
WEAK
|
128 | |
TLS_DHE_RSA_WITH_SEED_CBC_SHA (0x9a )
DH 1024 bits FS
WEAK
|
128 | |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
WEAK
|
128 | |
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c )
WEAK
|
128 | |
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67 )
DH 1024 bits FS
WEAK
|
128 | |
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c )
WEAK
|
128 | |
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e )
DH 1024 bits FS
WEAK
|
128 | |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
WEAK
|
128 | |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f )
ECDH secp256r1 (eq. 3072 bits RSA) FS
|
128 | |
TLS_RSA_WITH_RC4_128_SHA (0x5 )
INSECURE
|
128 | |
TLS_RSA_WITH_IDEA_CBC_SHA (0x7 )
WEAK
|
128 | |
TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
INSECURE
|
128 | |
TLS_RSA_WITH_AES_256_CBC_SHA (0x35 )
WEAK
|
256 | |
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39 )
DH 1024 bits FS
WEAK
|
256 | |
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x84 )
WEAK
|
256 | |
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x88 )
DH 1024 bits FS
WEAK
|
256 | |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
WEAK
|
256 | |
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d )
WEAK
|
256 | |
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b )
DH 1024 bits FS
WEAK
|
256 | |
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d )
WEAK
|
256 | |
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f )
DH 1024 bits FS
WEAK
|
256 | |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
WEAK
|
256 | |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
|
256 | |
![]() ![]() # TLS 1.1 (server has no preference)
|
||
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa )
WEAK
|
112 | |
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16 )
DH 1024 bits FS
WEAK
|
112 | |
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
WEAK
|
112 | |
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f )
WEAK
|
128 | |
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33 )
DH 1024 bits FS
WEAK
|
128 | |
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x41 )
WEAK
|
128 | |
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x45 )
DH 1024 bits FS
WEAK
|
128 | |
TLS_RSA_WITH_SEED_CBC_SHA (0x96 )
WEAK
|
128 | |
TLS_DHE_RSA_WITH_SEED_CBC_SHA (0x9a )
DH 1024 bits FS
WEAK
|
128 | |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
WEAK
|
128 | |
TLS_RSA_WITH_RC4_128_SHA (0x5 )
INSECURE
|
128 | |
TLS_RSA_WITH_IDEA_CBC_SHA (0x7 )
WEAK
|
128 | |
TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
INSECURE
|
128 | |
TLS_RSA_WITH_AES_256_CBC_SHA (0x35 )
WEAK
|
256 | |
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39 )
DH 1024 bits FS
WEAK
|
256 | |
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x84 )
WEAK
|
256 | |
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x88 )
DH 1024 bits FS
WEAK
|
256 | |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
WEAK
|
256 | |
![]() ![]() # TLS 1.0 (server has no preference)
|
||
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa )
WEAK
|
112 | |
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16 )
DH 1024 bits FS
WEAK
|
112 | |
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
WEAK
|
112 | |
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f )
WEAK
|
128 | |
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33 )
DH 1024 bits FS
WEAK
|
128 | |
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x41 )
WEAK
|
128 | |
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x45 )
DH 1024 bits FS
WEAK
|
128 | |
TLS_RSA_WITH_SEED_CBC_SHA (0x96 )
WEAK
|
128 | |
TLS_DHE_RSA_WITH_SEED_CBC_SHA (0x9a )
DH 1024 bits FS
WEAK
|
128 | |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
WEAK
|
128 | |
TLS_RSA_WITH_RC4_128_SHA (0x5 )
INSECURE
|
128 | |
TLS_RSA_WITH_IDEA_CBC_SHA (0x7 )
WEAK
|
128 | |
TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
INSECURE
|
128 | |
TLS_RSA_WITH_AES_256_CBC_SHA (0x35 )
WEAK
|
256 | |
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39 )
DH 1024 bits FS
WEAK
|
256 | |
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x84 )
WEAK
|
256 | |
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x88 )
DH 1024 bits FS
WEAK
|
256 | |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
WEAK
|
256 | |
![]() ![]() # SSL 3 (server has no preference)
|
||
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa )
WEAK
|
112 | |
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16 )
DH 1024 bits FS
WEAK
|
112 | |
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
WEAK
|
112 | |
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f )
WEAK
|
128 | |
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33 )
DH 1024 bits FS
WEAK
|
128 | |
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x41 )
WEAK
|
128 | |
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x45 )
DH 1024 bits FS
WEAK
|
128 | |
TLS_RSA_WITH_SEED_CBC_SHA (0x96 )
WEAK
|
128 | |
TLS_DHE_RSA_WITH_SEED_CBC_SHA (0x9a )
DH 1024 bits FS
WEAK
|
128 | |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
WEAK
|
128 | |
TLS_RSA_WITH_RC4_128_SHA (0x5 )
INSECURE
|
128 | |
TLS_RSA_WITH_IDEA_CBC_SHA (0x7 )
WEAK
|
128 | |
TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
INSECURE
|
128 | |
TLS_RSA_WITH_AES_256_CBC_SHA (0x35 )
WEAK
|
256 | |
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39 )
DH 1024 bits FS
WEAK
|
256 | |
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x84 )
WEAK
|
256 | |
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x88 )
DH 1024 bits FS
WEAK
|
256 | |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014 )
ECDH secp256r1 (eq. 3072 bits RSA) FS
WEAK
|
256 |

Handshake Simulation | |||
Android 2.3.7 No SNI 2 |
Incorrect certificate because this client doesn't support SNI RSA 2048 (SHA256) | TLS 1.0 | TLS_RSA_WITH_RC4_128_SHA |
||
Android 4.0.4 | RSA 2048 (SHA256) | TLS 1.0 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDH secp256r1 FS |
Android 4.1.1 | RSA 2048 (SHA256) | TLS 1.0 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDH secp256r1 FS |
Android 4.2.2 | RSA 2048 (SHA256) | TLS 1.0 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDH secp256r1 FS |
Android 4.3 | RSA 2048 (SHA256) | TLS 1.0 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDH secp256r1 FS |
Android 4.4.2 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Android 5.0.0 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDH secp256r1 FS |
Android 6.0 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
Android 7.0 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
Android 8.0 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
Android 8.1 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
Android 9.0 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
Baidu Jan 2015 | RSA 2048 (SHA256) | TLS 1.0 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDH secp256r1 FS |
BingPreview Jan 2015 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Chrome 49 / XP SP3 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
Chrome 69 / Win 7 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
Chrome 70 / Win 10 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
Chrome 80 / Win 10 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
Firefox 31.3.0 ESR / Win 7 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
Firefox 47 / Win 7 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
Firefox 49 / XP SP3 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
Firefox 62 / Win 7 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
Firefox 73 / Win 10 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
Googlebot Feb 2018 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
IE 6 / XP No FS 1 No SNI 2 |
Incorrect certificate because this client doesn't support SNI RSA 2048 (SHA256) | SSL 3 | TLS_RSA_WITH_RC4_128_SHA |
||
IE 7 / Vista | RSA 2048 (SHA256) | TLS 1.0 | TLS_RSA_WITH_AES_128_CBC_SHA No FS |
IE 8 / XP No FS 1 No SNI 2 |
Incorrect certificate because this client doesn't support SNI RSA 2048 (SHA256) | TLS 1.0 | TLS_RSA_WITH_RC4_128_SHA |
||
IE 8-10 / Win 7 R | RSA 2048 (SHA256) | TLS 1.0 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDH secp256r1 FS |
IE 11 / Win 7 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDH secp256r1 FS |
IE 11 / Win 8.1 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDH secp256r1 FS |
IE 10 / Win Phone 8.0 | RSA 2048 (SHA256) | TLS 1.0 | TLS_RSA_WITH_AES_128_CBC_SHA No FS |
IE 11 / Win Phone 8.1 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_RSA_WITH_AES_128_CBC_SHA256 No FS |
IE 11 / Win Phone 8.1 Update R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDH secp256r1 FS |
IE 11 / Win 10 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Edge 15 / Win 10 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Edge 16 / Win 10 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Edge 18 / Win 10 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Edge 13 / Win Phone 10 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Java 6u45 No SNI 2 |
Incorrect certificate because this client doesn't support SNI RSA 2048 (SHA256) | TLS 1.0 | TLS_RSA_WITH_RC4_128_SHA |
||
Java 7u25 | RSA 2048 (SHA256) | TLS 1.0 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDH secp256r1 FS |
Java 8u161 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDH secp256r1 FS |
Java 11.0.3 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Java 12.0.1 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
OpenSSL 0.9.8y | RSA 2048 (SHA256) | TLS 1.0 | TLS_DHE_RSA_WITH_AES_256_CBC_SHA DH 1024 FS |
OpenSSL 1.0.1l R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
OpenSSL 1.0.2s R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
OpenSSL 1.1.0k R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
OpenSSL 1.1.1c R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Safari 5.1.9 / OS X 10.6.8 | RSA 2048 (SHA256) | TLS 1.0 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDH secp256r1 FS |
Safari 6 / iOS 6.0.1 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDH secp256r1 FS |
Safari 6.0.4 / OS X 10.8.4 R | RSA 2048 (SHA256) | TLS 1.0 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDH secp256r1 FS |
Safari 7 / iOS 7.1 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDH secp256r1 FS |
Safari 7 / OS X 10.9 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDH secp256r1 FS |
Safari 8 / iOS 8.4 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDH secp256r1 FS |
Safari 8 / OS X 10.10 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDH secp256r1 FS |
Safari 9 / iOS 9 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Safari 9 / OS X 10.11 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Safari 10 / iOS 10 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Safari 10 / OS X 10.12 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Safari 12.1.2 / MacOS 10.14.6 Beta R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Safari 12.1.1 / iOS 12.3.1 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Apple ATS 9 / iOS 9 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
Yahoo Slurp Jan 2015 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
YandexBot Jan 2015 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH secp256r1 FS |
(1) Clients that do not support Forward Secrecy (FS) are excluded when determining support for it. | |||
(2) No support for virtual SSL hosting (SNI). Connects to the default site if the server uses SNI. | |||
(3) Only first connection attempt simulated. Browsers sometimes retry with a lower protocol version. | |||
(R) Denotes a reference browser or client, with which we expect better effective security. | |||
(All) We use defaults, but some platforms do not use their best protocols and features (e.g., Java 6 & 7, older IE). | |||
(All) Certificate trust is not checked in handshake simulation, we only perform TLS handshake. |

Protocol Details | |
Secure Renegotiation | Supported |
Secure Client-Initiated Renegotiation | No |
Insecure Client-Initiated Renegotiation | No |
BEAST attack |
Not mitigated server-side (more info)
SSL 3: 0xa , TLS 1.0: 0xa
|
POODLE (SSLv3) |
No, mitigated (more info) SSL 3: 0xa
|
POODLE (TLS) | No (more info) |
Zombie POODLE | No (more info)
TLS 1.2 : 0x000a
|
GOLDENDOODLE | No (more info)
TLS 1.2 : 0x000a
|
OpenSSL 0-Length | No (more info)
TLS 1.2 : 0x000a
|
Sleeping POODLE | No (more info)
TLS 1.2 : 0x000a
|
Downgrade attack prevention | Yes, TLS_FALLBACK_SCSV supported (more info) |
SSL/TLS compression | No |
RC4 | Yes INSECURE (more info) |
Heartbeat (extension) | Yes |
Heartbleed (vulnerability) | No (more info) |
Ticketbleed (vulnerability) | No (more info) |
OpenSSL CCS vuln. (CVE-2014-0224) | No (more info) |
OpenSSL Padding Oracle vuln. (CVE-2016-2107) |
No (more info) |
ROBOT (vulnerability) | No (more info) |
Forward Secrecy | Weak key exchange WEAK |
ALPN | No |
NPN | No |
Session resumption (caching) | Yes |
Session resumption (tickets) | Yes |
OCSP stapling | No |
Strict Transport Security (HSTS) | No |
HSTS Preloading | Not in: Chrome Edge Firefox IE |
Public Key Pinning (HPKP) | No (more info) |
Public Key Pinning Report-Only | No |
Public Key Pinning (Static) | No (more info) |
Long handshake intolerance | No |
TLS extension intolerance | No |
TLS version intolerance | No |
Incorrect SNI alerts | No |
Uses common DH primes | Yes Replace with custom DH parameters if possible (more info) |
DH public server param (Ys) reuse | No |
ECDH public server param reuse | No |
Supported Named Groups | secp256r1 |
SSL 2 handshake compatibility | Yes |

![]() ![]() |
1 https://lyo.kr/
(HTTP/1.1 200 OK)
| 1 | |
Date | Fri, 13 Jun 2025 17:46:55 GMT | |
Server | Apache/2.4.51 (Win64) OpenSSL/1.1.1l PHP/7.3.33 mod_jk/1.2.48 | |
X-Powered-By | PHP/7.3.33 | |
P3P | CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC" | |
Expires | 0 | |
Last-Modified | Fri, 13 Jun 2025 17:46:56 GMT | |
Cache-Control | pre-check=0, post-check=0, max-age=0 | |
Pragma | no-cache | |
Content-Type | text/html; charset=utf-8 | |
Set-Cookie | PHPSESSID=boj25qr086q6819kq6cb8lehet; path=/; SameSite=None; Secure; | |
Set-Cookie | 2a0d2363701f23f8a75028924a3af643=MTkyLjE2OC4xMjMuMjAy; expires=Sat, 14-Jun-2025 17:46:55 GMT; Max-Age=86399; path=/; HttpOnly; SameSite=None; Secure; | |
Connection | close | |
Transfer-Encoding | chunked |

Miscellaneous | |
Test date | Fri, 13 Jun 2025 17:45:59 UTC |
Test duration | 188.469 seconds |
HTTP status code | 200 |
HTTP server signature | Apache/2.4.51 (Win64) OpenSSL/1.1.1l PHP/7.3.33 mod_jk/1.2.48 |
Server hostname | - |
SSL Report v2.4.0