SSL/TLS Client Test
This page displays your web browser's SSL/TLS capabilities, including supported TLS protocols, cipher suites, extensions, and key exchange groups. It highlights any weak or insecure options and generates a TLS fingerprint in JA3 format. Additionally, it tests how your browser handles insecure mixed content requests.
JavaScript Disabled. You can see the full TLS ClientHello and your fingerprints using this endpoint: https://tls.browserleaks.com/.
Your Web Browser | |
| HTTP User-Agent | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 |
Protocol Support | |
| TLS 1.3 | ✔ Enabled |
| TLS 1.2 | ✔ Enabled |
| TLS 1.1 | × Disabled (Good) |
| TLS 1.0 | × Disabled (Good) |
Mixed Content Test | |
| Active Content | ✔ Blocked |
| Passive Content | ✔ Upgraded to HTTPS |
TLS Fingerprint | |
| JA4 |
t13d1516h2_8daaf6152771_02713d6af862
|
| JA4_r | t13d1516h2_002f,0035,009c,009d,1301,1302,1303,c013,c014,c02b,c02c,c02f,c030,cca8,cca9_0005,000a,000b,000d,0012,0017,001b,0023,002b,002d,0033,4469,fe0d,ff01_0403,0804,0401,0503,0805,0501,0806,0601 |
| JA4_o | t13d1516h2_acb858a92679_f7109b4fc345 |
| JA4_ro | t13d1516h2_1301,1302,1303,c02b,c02f,c02c,c030,cca9,cca8,c013,c014,009c,009d,002f,0035_4469,ff01,001b,0010,002b,0033,0000,000a,0012,0005,000b,0023,002d,000d,0017,fe0d_0403,0804,0401,0503,0805,0501,0806,0601 |
| JA3 Hash | df0aacdae2a31f38ee9dea48a5630058 |
| JA3 Fingerprint | 771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,17513-65281-27-16-43-51-0-10-18-5-11-35-45-13-23-65037,25497-29-23-24,0 |
| JA3n Hash | 4c9ce26028c11d7544da00d3f7e4f45c |
| JA3n Fingerprint | 771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-5-10-11-13-16-18-23-27-35-43-45-51-17513-65037-65281,25497-29-23-24,0 |
Handshake |
|
| TLS Protocol | TLS 1.3 [HTTP/2] |
| Cipher Suite | 0x1301 TLS_AES_128_GCM_SHA256 Recommended TLS 1.3 |
| Key Exchange | 0x001d X25519 |
Supported Cipher Suites (in order as received) | |
| Cipher Suites | 0x8a8a GREASE |
0x1301 TLS_AES_128_GCM_SHA256 Recommended TLS 1.3 | |
0x1302 TLS_AES_256_GCM_SHA384 Recommended TLS 1.3 | |
0x1303 TLS_CHACHA20_POLY1305_SHA256 Recommended TLS 1.3 | |
0xc02b TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 Recommended TLS 1.2 | |
0xc02f TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 Recommended TLS 1.2 | |
0xc02c TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 Recommended TLS 1.2 | |
0xc030 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Recommended TLS 1.2 | |
0xcca9 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 Recommended TLS 1.2 | |
0xcca8 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 Recommended TLS 1.2 | |
0xc013 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA CBC, SHA-1 TLS 1.0,1.1,1.2 | |
0xc014 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA CBC, SHA-1 TLS 1.0,1.1,1.2 | |
0x009c TLS_RSA_WITH_AES_128_GCM_SHA256 NO PFS TLS 1.2 | |
0x009d TLS_RSA_WITH_AES_256_GCM_SHA384 NO PFS TLS 1.2 | |
0x002f TLS_RSA_WITH_AES_128_CBC_SHA NO PFS, CBC, SHA-1 TLS 1.0,1.1,1.2 | |
0x0035 TLS_RSA_WITH_AES_256_CBC_SHA NO PFS, CBC, SHA-1 TLS 1.0,1.1,1.2 | |
Supported TLS Extensions (in order as received) | ||
| TLS Extensions | 0x0a0a GREASE | |
0x4469 application_settings_old | ||
0xff01 renegotiation_info | ||
0x001b compress_certificate | ||
0x0010 application_layer_protocol_negotiation | ||
0x002b supported_versions | ||
0x0033 key_share | ||
0x0000 server_name | ||
0x000a supported_groups | ||
0x0012 signed_certificate_timestamp | ||
0x0005 status_request | ||
0x000b ec_point_formats | ||
0x0023 session_ticket | ||
0x002d psk_key_exchange_modes | ||
0x000d signature_algorithms | ||
0x0017 extended_master_secret | ||
0xfe0d encrypted_client_hello | ||
0x0a0a GREASE | ||
supported_groups | ||
| named_groups | 0x0a0a GREASE | |
0x6399 X25519Kyber768Draft00 (OBSOLETE) | ||
0x001d X25519 | ||
0x0017 secp256r1 | ||
0x0018 secp384r1 | ||
ec_point_formats | ||
| ec_point_format_list | 0x0000 uncompressed | |
signature_algorithms | ||
| algorithms | 0x0403 ecdsa_secp256r1_sha256 | |
0x0804 rsa_pss_rsae_sha256 | ||
0x0401 rsa_pkcs1_sha256 | ||
0x0503 ecdsa_secp384r1_sha384 | ||
0x0805 rsa_pss_rsae_sha384 | ||
0x0501 rsa_pkcs1_sha384 | ||
0x0806 rsa_pss_rsae_sha512 | ||
0x0601 rsa_pkcs1_sha512 | ||
compress_certificate | ||
| algorithms | 0x0002 brotli | |
supported_versions | ||
| supported_versions | 0x0a0a GREASE | |
0x0304 TLS 1.3 | ||
0x0303 TLS 1.2 | ||
psk_key_exchange_modes | ||
| ke_modes | 0x0001 psk_dhe_ke | |
key_share | ||
| named_groups | 0x0a0a GREASE | |
0x6399 X25519Kyber768Draft00 (OBSOLETE) | ||
0x001d X25519 | ||
status_request | ||
| status_type | 0x0001 ocsp | |
| responder_id_list | 0 | |
| request_extensions | 0 | |
encrypted_client_hello | ||
| client_hello_type | 0x0000 Outer Client Hello | |
| kdf_id | 0x0001 HKDF_SHA256 | |
| aead_id | 0x0001 AES-128-GCM | |
| config_id | 234 | |
| enc_length | 32 | |
| payload_length | 240 | |
server_name | ||
| server_name | tls.browserleaks.com | |
application_layer_protocol_negotiation | ||
| protocol_name_list | h2 | |
| http/1.1 | ||
application_settings_old | ||
| supported_protocols | h2 | |