Open Source to the rescue.
Here's a website that will do a scan for you. Type the URL into the bar. It does a hacking attempt to steal memory from the site. If it succeeds, that's how Heartbleed works, and it tells you. (Supposedly Chrome has an extension that will automatically check, but Chrome has bigger flaws to worry about, so I don't recommend it.)