Deep SSL/TLS Vulnerability Test
This report provides a deep analysis of the SSL/TLS configuration of cp2.kprocentral.com. It checks for protocol support, cipher strength, and known vulnerabilities.
Scan Results
Start 2026-02-26 12:36:41 -->> 52.140.125.29:443 (cp2.kprocentral.com) <<-- rDNS (52.140.125.29): -- Service detected: HTTP Testing for server implementation bugs No bugs found. Testing HTTP header response @ "/" HTTP Status Code 200 OK HTTP clock skew -1 sec from localtime Strict Transport Security 730 days=63072000 s, includeSubDomains Public Key Pinning -- Server banner Apache Application banner -- Cookie(s) 2 issued: 2/2 secure, 2/2 HttpOnly Security headers X-Frame-Options: SAMEORIGIN Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://widget.frill.co/ https://*.asia-southeast1.firebasedatabase.app/ https://www.googletagmanager.com/ https://*.bing.com/ https://cdn.datatables.net/ https://pregw.esign.egov-nsdl.com https://ext.digio.in https://sp.tinymce.com/ https://tiny.cloud/ https://cdn.tiny.cloud https://bi.toolyt.com/ https://cdn.boldbi.com https://helpdesk.alankit.com/ https://js.pusher.com https://cdn.jsdelivr.net https://cdn.plot.ly https://www.clarity.ms/ https://toolyt.acadle.com/ https://*.firebaseio.com/ https://s-usc1c-nss-231.firebaseio.com/ https://s-usc1c-nss-227.firebaseio.com/ https://s-usc1c-nss-281.firebaseio.com/ https://bam.nr-data.net/ https://s-usc1c-nss-285.firebaseio.com/ https://code.jquery.com https://cdnjs.cloudflare.com/ https://maxcdn.bootstrapcdn.com/ https://js-agent.newrelic.com/ https://toolyt-sfa-1934e-35aa7.firebaseio.com/ https://s-usc1c-nss-232.firebaseio.com/ https://js.intercomcdn.com/ https://cp2.kprocentral.com/ https://www.gstatic.com/ https://www.google-analytics.com/ https://s3.amazonaws.com/ https://client.crisp.chat/ https://app.getbeamer.com/ https://sdk.fleeq.io/ https://cdn.tooltip.io/ https://maps.googleapis.com/ https://toolytcom.freshdesk.com/ https://s3-eu-west-1.amazonaws.com/ https://widget.intercom.io/ https://cdn.razorpay.com/ https://connect.facebook.net/ https://apis.google.com/ https://toolyt-sfa-1934e.firebaseio.com/; style-src 'self' data: 'unsafe-inline' https://*.bing.com/ https://cdn.datatables.net/ https://cdn.tiny.cloud/ https://bi.toolyt.com/ https://helpdesk.alankit.com/ https://stackpath.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/ https://fonts.googleapis.com/ https://s3.amazonaws.com/ https://client.crisp.chat/ https://s3-eu-west-1.amazonaws.com/ https://app.getbeamer.com/; img-src 'self' data: https://www.google.co.in/ https://analytics.google.com/ https://pregw.esign.egov-nsdl.com https://ext.digio.in https://sp.tinymce.com/ https://bi.toolyt.com/ https://beta.toolyt.com https://image.crisp.chat/ https://www.google-analytics.com/ https://www.googletagmanager.com/ https://maps.gstatic.com/ https://maps.googleapis.com/ https://cp2.kprocentral.com/ http://cp2.kprocentral.com/; font-src 'self' data: https://pregw.esign.egov-nsdl.com https://ext.digio.in https://bi.toolyt.com/ http://keenthemes.com/ https://fonts.gstatic.com/ https://client.crisp.chat/; connect-src 'self' https://securetoken.googleapis.com/ wss://*.asia-southeast1.firebasedatabase.app/ https://www.googleapis.com/ wss://iffco-toolyt-production-tracking.asia-southeast1.firebasedatabase.app/ https://cp2.kprocentral.com/rest/authorizeserver.php?ci=1860&ui=1 ttps://cp2.kprocentral.com wss://alpha3.kprocentral.com:6002/ https://analytics.google.com/ https://maps.googleapis.com/ https://app.toolyt.com/ https://bi.toolyt.com/ https://*.pusher.com/ https://sockjs-ap2.pusher.com wss://ws-ap2.pusher.com wss://cp2.kprocentral.com:6002 https://toolyt.acadle.com https://www.clarity.ms wss://*.firebaseio.com/ wss://s-usc1c-nss-227.firebaseio.com https://bam.nr-data.net/ wss://s-usc1c-nss-285.firebaseio.com https://api-iam.intercom.io/ https://cdn.tooltip.io wss://s-usc1c-nss-232.firebaseio.com/ wss://toolyt-sfa-1934e-35aa7.firebaseio.com/ https://www.google-analytics.com/ https://pp.signalayer.com/ https://data.tooltip.io/ https://backend.getbeamer.com/ https://s3-eu-west-1.amazonaws.com/ wss://client.relay.crisp.chat https://t.signalayer.com/ wss://client.relay.crisp.chat https://stats.g.doubleclick.net/; frame-src 'self' https://app.digio.in/ https://pregw.esign.egov-nsdl.com https://*.asia-southeast1.firebasedatabase.app https://ext.digio.in https://helpdesk.alankit.com/ https://toolyt.acadle.com/ https://*.firebaseio.com/ https://s-usc1c-nss-227.firebaseio.com/ https://s-usc1c-nss-281.firebaseio.com/ http://14.142.94.245/ https://s-usc1c-nss-231.firebaseio.com/ https://cdn.razorpay.com/ https://s3-eu-west-1.amazonaws.com/ https://s-usc1c-nss-232.firebaseio.com/ https://toolyt-sfa-1934e.firebaseapp.com/ https://toolytcom.freshdesk.com/; X-XSS-Protection: 1; mode=block Access-Control-Allow-Origin: app.toolyt.com Access-Control-Allow-Credentials: true Cache-Control: max-age=0, must-revalidate, no-store, nocache, private Pragma: no-cache Reverse Proxy banner -- Testing vulnerabilities Secure Renegotiation (RFC 5746) supported (OK) Secure Client-Initiated Renegotiation not vulnerable (OK) CRIME, TLS (CVE-2012-4929) not vulnerable (OK) BREACH (CVE-2013-3587) potentially NOT ok, "gzip" HTTP compression detected. - only supplied "/" tested Can be ignored for static pages or if no secrets in the page POODLE, SSL (CVE-2014-3566) not vulnerable (OK) TLS_FALLBACK_SCSV (RFC 7507) No fallback possible (OK), no protocol below TLS 1.2 offered SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK) FREAK (CVE-2015-0204) not vulnerable (OK) DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK) make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=FBD6313D4A17CE46793F00793B11FE256E991C07ED6CF7F32680118142DBCED8 LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2 BEAST (CVE-2011-3389) not vulnerable (OK), no SSL3 or TLS1 LUCKY13 (CVE-2013-0169), experimental not vulnerable (OK) Winshock (CVE-2014-6321), experimental not vulnerable (OK) RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK) Done 2026-02-26 12:38:23 [ 110s] -->> 52.140.125.29:443 (cp2.kprocentral.com) <<--
About this Scan
This scan uses testssl.sh to check for:
- Protocols: SSLv2, SSLv3, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3
- Vulnerabilities: Heartbleed, POODLE, FREAK, Logjam, DROWN, etc.
- Cipher Suites: Weak ciphers, perfect forward secrecy (PFS) support.