| SSL 2 | 0 0% |
| SSL 3 | 1 0.3% |
| TLS 1.0 | 100 34% |
| TLS 1.1 | 102 34.7% |
| TLS 1.2 | 293 99.7% |
| A | 275 93.5% |
|---|---|
| B | 18 6.1% |
| C | 2 0.7% |
| D | 0 0% |
| E | 0 0% |
| F | 0 0% |
| RSA key size | Count |
|---|---|
| 2048 | 182 68.2% |
| 3072 | 6 2.2% |
| 4096 | 79 29.6% |
| Type | Client to server | Server to server |
|---|---|---|
| Required | 184 86.8% | 68 82.9% |
| Allowed | 28 13.2% | 14 17.1% |
To do authenticated encryption, a certificate needs to be both trusted and valid. Trusted means it is issued by a well-known CA and valid means it is valid for the domain we want to connect to.
| Trusted | Untrusted | |
|---|---|---|
| Valid | 96 30.4% | 212 67.1% |
| Invalid | 1 0.3% | 7 2.2% |
| Mechanism | # times offered before TLS | # times offered after TLS |
|---|---|---|
| PLAIN | 28 13.2% | 209 98.6% |
| SCRAM-SHA-1 | 27 12.7% | 179 84.4% |
| SCRAM-SHA-1-PLUS | 0 0% | 135 63.7% |
| X-OAUTH2 | 7 3.3% | 49 23.1% |
| DIGEST-MD5 | 14 6.6% | 28 13.2% |
| SCRAM-SHA-512-PLUS | 0 0% | 17 8% |
| SCRAM-SHA-512 | 2 0.9% | 17 8% |
| SCRAM-SHA-256 | 3 1.4% | 16 7.5% |
| SCRAM-SHA-256-PLUS | 0 0% | 16 7.5% |
| CRAM-MD5 | 9 4.2% | 10 4.7% |
| JIVE-SHAREDSECRET | 5 2.4% | 5 2.4% |
| ANONYMOUS | 3 1.4% | 4 1.9% |
| EXTERNAL | 0 0% | 2 0.9% |
| SCRAM-SHA-384 | 0 0% | 1 0.5% |
| SCRAM-SHA-384-PLUS | 0 0% | 1 0.5% |
| PADE | 1 0.5% | 1 0.5% |
| LOGIN | 0 0% | 1 0.5% |
SSL 3 and TLS 1.0 are very similar, but TLS 1.0 has some small improvements. This table is meant to help judge whether SSL 3 can be disabled by listing the servers that do support SSL 3, but not TLS 1.0.
| Target | Type | When |
|---|
SSL 2 is broken and insecure. It is not required for compatibility and servers should disable it.
| Target | Type | When |
|---|
| Name/Organization | SHA1 | Count |
|---|---|---|
| R3 | A0:53:37:5B:FE:84:E8:B7:48:78:2C:7C:EE:15:82:7A:6A:F5:A4:05 | 188 |
| Sectigo RSA Domain Validation Secure Server CA | 33:E4:E8:08:07:20:4C:2B:61:82:A3:A1:4B:59:1A:CD:25:B5:F0:DB | 10 |
| ZeroSSL RSA Domain Secure Site CA | C8:1A:8B:D1:F9:CF:6D:84:C5:25:F3:78:CA:1D:3F:8C:30:77:0E:34 | 4 |
| Encryption Everywhere DV TLS CA - G1 | 59:4F:2D:D1:03:52:C2:36:01:38:EE:35:AA:90:6F:97:3A:A3:0B:D3 | 2 |
| GeoTrust RSA CA 2018 | 7C:CC:2A:87:E3:94:9F:20:57:2B:18:48:29:80:50:5F:A9:0C:AC:3B | 2 |
| ZeroSSL ECC Domain Secure Site CA | 7F:95:27:6D:49:51:49:9F:D7:56:DF:34:4A:A2:4F:B3:8C:EA:F6:78 | 2 |
| Conversations CA | F9:87:0B:66:B3:81:01:6F:E3:F3:F2:C4:B2:9E:3D:64:54:FA:E5:E8 | 2 |
| E1 | 09:1E:8E:A1:B2:56:A3:12:96:2A:F6:C1:40:C0:FB:F0:79:A4:07:B3 | 2 |
| DFN-Verein Global Issuing CA | C9:DC:B0:47:AC:8C:5F:09:05:ED:77:52:8C:BD:4B:84:D9:46:3C:45 | 2 |
| outlaws.su | A4:08:5A:5F:8D:29:5B:B2:FD:7E:3D:1C:12:D5:FC:D1:1D:46:AD:45 | 1 |
| Go Daddy Secure Certificate Authority - G2 | 27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8 | 1 |
| pokedex.glucas.frr | F4:C5:D8:99:BA:CE:33:86:CC:13:9B:35:C7:88:E4:72:84:7C:AD:BE | 1 |
| mail.silkemeyer.net | 18:89:BC:C0:81:EC:E2:3B:A5:76:E9:81:88:24:73:AC:53:B0:F6:79 | 1 |
| dc.csit.local | 87:5A:F0:40:0E:ED:AF:F7:9D:28:F8:C0:5F:28:98:E3:7A:A2:55:24 | 1 |
| outlaws.im | E8:C9:8C:9D:5B:6E:9A:17:FA:84:83:3F:2A:D4:72:F7:20:93:7B:4D | 1 |
| COMODO RSA Domain Validation Secure Server CA | 33:9C:DD:57:CF:D5:B1:41:16:9B:61:5F:F3:14:28:78:2D:1D:A6:39 | 1 |
| jabbercentra.com | E5:54:DE:04:D2:13:E8:F9:90:1E:C0:5E:05:E9:55:B3:D7:BD:FA:B3 | 1 |
| ip-172-31-2-29 | 02:D8:92:EF:60:4F:18:2C:2A:43:9C:BA:8D:B3:D6:20:1E:E0:79:D8 | 1 |
| xmpp.die-schlegels.net | 56:04:66:F8:8D:B2:5D:F6:5D:5B:F8:84:6F:9C:B9:D3:0B:EE:F6:A2 | 1 |
| Let's Encrypt Authority X3 | E6:A3:B4:5B:06:2D:50:9B:33:82:28:2D:19:6E:FE:97:D5:95:6C:CB | 1 |
| localhost | B9:B3:E3:1F:26:CC:BF:DF:1E:78:9D:CA:61:A7:40:C5:FF:9C:E9:83 | 1 |
| AlphaSSL CA - SHA256 - G2 | 80:90:7F:45:C6:DF:45:8A:57:25:1E:17:5E:D7:E3:6E:96:1B:1B:95 | 1 |
| 10.10.20.105 | 6F:4B:40:6A:F6:3F:BC:0B:F6:62:C9:6E:DC:1B:26:6B:9E:C7:BD:28 | 1 |
As described in the CA/Browser Forum Baseline Requirements, certificates with RSA keys with less than 2048 bits should not be issued with an notAfter date after 31-12-2013. This list lists all certificates which violate that rule.
| Target | Type | When | Issuer |
|---|
| Target | Type | When |
|---|---|---|
| 076.moe | client to server | |
| 07f.de | client to server | |
| 1337.lgbt | client to server | |
| 404.city | client to server | |
| 5222.de | client to server | |
| aaoth.xyz | client to server | |
| aaoth.xyz | server to server | |
| acscott.dev | client to server | |
| acscott.dev | server to server | |
| autistici.org | client to server | |
| bosio.dev | client to server | |
| bosio.dev | server to server | |
| chat.jagtalon.com | client to server | |
| cipher.host | client to server | |
| convergent.cc | client to server | |
| convergent.cc | server to server | |
| critiq.one | client to server | |
| critiq.one | server to server | |
| danwin1210.de | client to server | |
| danwin1210.me | client to server | |
| dismail.de | client to server | |
| disroot.org | client to server | |
| disroot.org | server to server | |
| eatthebugs.cc | client to server | |
| eatthebugs.cc | server to server | |
| glucas.fr | client to server | |
| helvetica.fm | client to server | |
| hookipa.net | client to server | |
| huskyno.se | client to server | |
| insiberia.net | client to server | |
| jabb3r.org | client to server | |
| jabber.briehl.de | client to server | |
| jabber.briehl.de | server to server | |
| jabber.calyxinstitute.org | client to server | |
| jabber.de | client to server | |
| jabber.fr | client to server | |
| jabber.hot-chilli.net | client to server | |
| jabber.n3u14nd.de | client to server | |
| jabber.ovh | client to server | |
| jabber.ovh | server to server | |
| jabberplus.net | client to server | |
| jabber.systemli.org | client to server | |
| jabber.sytes24.pl | client to server | |
| jmqc.nl | client to server | |
| jmqc.nl | server to server | |
| lain.sh | client to server | |
| lain.sh | server to server | |
| lightwitch.org | client to server | |
| lucascloud.pl | client to server | |
| mailum.org | client to server | |
| masgalor.de | client to server | |
| mat-hill.xyz | client to server | |
| mdosch.de | client to server | |
| mnhn.lu | server to server | |
| monocles.eu | client to server | |
| mtxf.net | server to server | |
| mytum.de | server to server | |
| nazileaks.eu | client to server | |
| ngportal.com | client to server | |
| ngportal.com | server to server | |
| nixnet.services | client to server | |
| nixnet.services | server to server | |
| omaera.org | client to server | |
| paranoid.network | client to server | |
| paratus.club | client to server | |
| parloteo.es | client to server | |
| parloteo.es | server to server | |
| pfefferle.online | client to server | |
| pfefferle.online | server to server | |
| pimux.de | client to server | |
| postadigitale.org | client to server | |
| quickbloom.in | client to server | |
| quickbloom.in | server to server | |
| ramsheat.com | client to server | |
| ramsheat.com | server to server | |
| s1.eu.prod.push.monal-im.org | server to server | |
| skynetcloud.site | client to server | |
| skynetcloud.site | server to server | |
| slipfox.xyz | client to server | |
| snikket.de | server to server | |
| snopyta.org | server to server | |
| somlen.de | server to server | |
| suchat.org | client to server | |
| suchat.org | server to server | |
| trashserver.net | client to server | |
| uuuvn.space | client to server | |
| uuuvn.space | server to server | |
| vanderwarker.family | client to server | |
| wiuwiu.de | client to server | |
| wyderki.ovh | client to server | |
| xm.nidzica.net | client to server | |
| xmpp-hosting.de | client to server | |
| xmpp.is | client to server | |
| xmpp.is | server to server | |
| xmpp.life | client to server | |
| xmpp.mailpush.one | client to server | |
| xmpp.mailpush.one | server to server | |
| xmpp.social | client to server | |
| xmpp.social | server to server | |
| zecircle.xyz | client to server | |
| zp1.net | client to server |
| Target | Type | When |
|---|---|---|
| 5222.de | client to server | |
| danwin1210.de | client to server | |
| dismail.de | client to server | |
| hookipa.net | client to server | |
| jabb3r.org | client to server | |
| jabber.briehl.de | client to server | |
| jabber.briehl.de | server to server | |
| jabber.calyxinstitute.org | client to server | |
| jabber.hot-chilli.net | client to server | |
| jabber.systemli.org | client to server | |
| jabber.sytes24.pl | client to server | |
| jmqc.nl | client to server | |
| jmqc.nl | server to server | |
| masgalor.de | client to server | |
| mdosch.de | client to server | |
| monocles.eu | client to server | |
| ngportal.com | server to server | |
| skynetcloud.site | client to server | |
| skynetcloud.site | server to server | |
| suchat.org | client to server | |
| suchat.org | server to server | |
| wiuwiu.de | client to server | |
| xmpp-hosting.de | client to server | |
| xmpp.social | client to server | |
| xmpp.social | server to server | |
| yax.im | client to server | |
| zp1.net | client to server |
| Target | Type | When |
|---|
| Target | Type | When |
|---|---|---|
| goodlife.to | client to server |
| Target | SHA256(SPKI) |
|---|---|
| im.anidb.info c2s | 19:DA:F1:7B:93:F8:BD:FE:BD:62:36:9C:31:E5:22:3B:00:9E:57:C0:4F:76:0E:B1:80:25:08:CA:8B:E0:6E:81 |
| im.anidb.net c2s | 19:DA:F1:7B:93:F8:BD:FE:BD:62:36:9C:31:E5:22:3B:00:9E:57:C0:4F:76:0E:B1:80:25:08:CA:8B:E0:6E:81 |
| draugr.de c2s | 25:92:08:14:89:00:CD:CD:18:CA:09:1E:41:CA:AB:AD:5C:2E:0C:97:C4:A3:2F:84:9D:48:BF:67:4A:B2:28:03 |
| xabber.de c2s | 25:92:08:14:89:00:CD:CD:18:CA:09:1E:41:CA:AB:AD:5C:2E:0C:97:C4:A3:2F:84:9D:48:BF:67:4A:B2:28:03 |
| quollwriter.com c2s | 6E:18:2A:B1:33:60:64:F5:60:A3:BF:91:68:B0:E7:4B:16:67:A3:0F:C1:99:AA:33:EB:68:43:23:D5:EF:E5:D6 |
| www.quollwriter.com c2s | 6E:18:2A:B1:33:60:64:F5:60:A3:BF:91:68:B0:E7:4B:16:67:A3:0F:C1:99:AA:33:EB:68:43:23:D5:EF:E5:D6 |
| 01337.io c2s | 73:27:9E:3F:78:4F:F6:FE:6C:38:25:0E:D7:A6:CE:07:8A:B4:B0:43:9D:EA:41:ED:24:FF:D1:1A:C9:6C:F7:A3 |
| 0day.im c2s | 73:27:9E:3F:78:4F:F6:FE:6C:38:25:0E:D7:A6:CE:07:8A:B4:B0:43:9D:EA:41:ED:24:FF:D1:1A:C9:6C:F7:A3 |
| darknet.im c2s | 73:27:9E:3F:78:4F:F6:FE:6C:38:25:0E:D7:A6:CE:07:8A:B4:B0:43:9D:EA:41:ED:24:FF:D1:1A:C9:6C:F7:A3 |
| hell.la c2s | 73:27:9E:3F:78:4F:F6:FE:6C:38:25:0E:D7:A6:CE:07:8A:B4:B0:43:9D:EA:41:ED:24:FF:D1:1A:C9:6C:F7:A3 |
| shad0w.la c2s | 73:27:9E:3F:78:4F:F6:FE:6C:38:25:0E:D7:A6:CE:07:8A:B4:B0:43:9D:EA:41:ED:24:FF:D1:1A:C9:6C:F7:A3 |
| toad.im c2s | 73:27:9E:3F:78:4F:F6:FE:6C:38:25:0E:D7:A6:CE:07:8A:B4:B0:43:9D:EA:41:ED:24:FF:D1:1A:C9:6C:F7:A3 |
| 52.8.214.106 c2s | E0:7E:57:A3:7A:8F:5F:64:E5:54:2E:FD:A4:99:D2:AD:87:25:CD:BE:EA:D6:01:D0:AA:C9:07:27:B9:AA:37:50 |
| xpalapp.com c2s | E0:7E:57:A3:7A:8F:5F:64:E5:54:2E:FD:A4:99:D2:AD:87:25:CD:BE:EA:D6:01:D0:AA:C9:07:27:B9:AA:37:50 |