Security Report for se4ko.com - Deep SSL/TLS Vulnerability Analysis

Deep SSL/TLS Vulnerability Test

This report provides a deep analysis of the SSL/TLS configuration of se4ko.com. It checks for protocol support, cipher strength, and known vulnerabilities.

Scan Results

 Start 2026-05-15 06:49:28        -->> 62.73.120.167:443 (se4ko.com) <<--

 rDNS (62.73.120.167):   se4ko.com.

 Service detected:       HTTP
 se4ko.com:443 appeared to support TLS 1.3 ONLY. Thus switched automagically from
 "/app/testssl.sh/bin/openssl.Linux.x86_64" to "/usr/bin/openssl".

 Testing for server implementation bugs 

 No bugs found.

 Testing HTTP header response @ "/" 

 HTTP Status Code             502 Bad Gateway. Oh, didn't expect "502 Bad Gateway"
 HTTP clock skew              Got no HTTP time, maybe try different URL?
 Strict Transport Security    not offered
 Public Key Pinning           --
 Server banner                (no "Server" line in header, interesting!)
 Application banner           --
 Cookie(s)                    (none issued at "/") -- HTTP status 502 signals you maybe missed the web application
 Security headers             Cache-Control: no-cache
 Reverse Proxy banner         --


 Testing vulnerabilities 

 Secure Renegotiation (RFC 5746)           not vulnerable (OK)
 Secure Client-Initiated Renegotiation     not vulnerable (OK)
 CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
 BREACH (CVE-2013-3587)                    no gzip/deflate/compress/br HTTP compression (OK)  - only supplied "/" tested
 POODLE, SSL (CVE-2014-3566)               not vulnerable (OK), no SSLv3 support
 TLS_FALLBACK_SCSV (RFC 7507)              No fallback possible (OK), TLS 1.3 is the only protocol
 SWEET32 (CVE-2016-2183, CVE-2016-6329)    not vulnerable (OK)
 FREAK (CVE-2015-0204)                     not vulnerable (OK)
 DROWN (CVE-2016-0800, CVE-2016-0703)      not vulnerable on this host and port (OK)
                                           no RSA certificate, thus certificate can't be used with SSLv2 elsewhere
 LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2
 BEAST (CVE-2011-3389)                     not vulnerable (OK), no SSL3 or TLS1
 LUCKY13 (CVE-2013-0169), experimental     not vulnerable (OK)
 Winshock (CVE-2014-6321), experimental    not vulnerable (OK)
 RC4 (CVE-2013-2566, CVE-2015-2808)        not vulnerable (OK)


 Done 2026-05-15 06:50:18 [  61s] -->> 62.73.120.167:443 (se4ko.com) <<--

About this Scan

This scan uses testssl.sh to check for:

Protocols: SSLv2, SSLv3, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3
Vulnerabilities: Heartbleed, POODLE, FREAK, Logjam, DROWN, etc.
Cipher Suites: Weak ciphers, perfect forward secrecy (PFS) support.

Run Another Scan Recent Scans