Deep SSL Test Report: test.minerva.com.ar

Deep SSL/TLS Vulnerability Test

This report provides a deep analysis of the SSL/TLS configuration of test.minerva.com.ar. It checks for protocol support, cipher strength, and known vulnerabilities.

Scan Results

Testing all IP addresses (port 443): 104.18.1.117 104.18.0.117
-----------------------------------------------------
 Start 2026-03-26 15:15:19        -->> 104.18.1.117:443 (test.minerva.com.ar) <<--

 Further IP addresses:   104.18.0.117 2606:4700::6812:75 2606:4700::6812:175 
 rDNS (104.18.1.117):    --
 Service detected:       HTTP

 Testing for server implementation bugs 

 No bugs found.

 Testing HTTP header response @ "/" 

 HTTP Status Code             302 Found, redirecting to "https://molinos.cloudflareaccess.com/cdn-cgi/access/login/test.minerva.com.ar?kid=c73d726786aed962d5dafb03aa5b3edaeff317d92994de0b0e19dd86fb187124&meta=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImM1Nzc0MTkwNWNhOWMzZWY2NjQ3YmI0ODdiYTZhMDFjZjNkOTEzZTc0ZjBmNGZkZTdkZGNkNGZiYzMxNzJhY2IifQ.eyJ0eXBlIjoibWV0YSIsImF1ZCI6ImM3M2Q3MjY3ODZhZWQ5NjJkNWRhZmIwM2FhNWIzZWRhZWZmMzE3ZDkyOTk0ZGUwYjBlMTlkZDg2ZmIxODcxMjQiLCJob3N0bmFtZSI6InRlc3QubWluZXJ2YS5jb20uYXIiLCJyZWRpcmVjdF91cmwiOiIvIiwic2VydmljZV90b2tlbl9zdGF0dXMiOmZhbHNlLCJpc193YXJwIjpmYWxzZSwiaXNfZ2F0ZXdheSI6ZmFsc2UsImV4cCI6MTc3NDUzODQ0OCwibmJmIjoxNzc0NTM4MTQ4LCJpYXQiOjE3NzQ1MzgxNDgsImF1dGhfc3RhdHVzIjoiTk9ORSIsIm10bHNfYXV0aCI6eyJjZXJ0X2lzc3Vlcl9kbiI6IiIsImNlcnRfc2VyaWFsIjoiIiwiY2VydF9pc3N1ZXJfc2tpIjoiIiwiY2VydF9wcmVzZW50ZWQiOmZhbHNlLCJjb21tb25fbmFtZSI6IiIsImF1dGhfc3RhdHVzIjoiTk9ORSJ9LCJyZWFsX2NvdW50cnkiOiJVUyIsImFwcF9zZXNzaW9uX2hhc2giOiIzYjE4ZTBmZjdlNzRjMWUxN2E4ZDIxMDk3YzFhOWM1MGM3YTAzMTExZmVjY2MwODJhZGY4OTlhYjM1NWQyODA1In0.mAular_bf2Rb_m9Rt78RGeiEYbsC1SSfGL9NlxMyUPg2-4jy93mDpIckJw7QvNGBZ8H3FfGeZl1NMI42WDpWgYlnyedDcvZTdBDpfuZw9B7bJFmKO5YSNyU4tdLYro-DiDYAeS4i5tGRwDBtX7SWdbL3Ta-s5nomO058C1g_OSAyQ0m4BVIdrA3z6vxwuHwIlaWCga5WZ_xvDL_OXuKQbfaVkEaNksDbsTgcTfqm_RZmIvJeeKeTthclCVbS0_zK49NMVUe7MrGL4fy2yickzdmlDwROGb0vLmxSw-VrWgQTQn6xkEt-S2KdZP9lZZOjo-vbuWZVmNBldcm0W4BiaA&redirect_url=%2F"
 HTTP clock skew              0 sec from localtime
 IPv4 address in header       set-cookie: __cf_bm=gBmO8kfkdcaU3wUm28XbUC_TMTZA1LlZD6RMw_JGNqY-1774538148.597791-1.0.1.1-eczubNLLCtExYQJ3aPB3fN9Nafgkb7KB09GtujJFJjQ0kiy8EX5_BnX0ENr48Ui13zT0P3rsHShefHFcsu2fsHz4GldZBlHCZJ5ctnrmDXxLytGsXeWrao1qX6kTzjZh; HttpOnly; Secure; Path=/; Domain=minerva.com.ar; Expires=Thu, 26 Mar 2026 15:45:48 GMT
                              (check if it's your IP address or e.g. a cluster IP)
 Strict Transport Security    not offered
 Public Key Pinning           --
 Server banner                cloudflare
 Application banner           --
 Cookie(s)                    2 issued: 2/2 secure, 2/2 HttpOnly -- maybe better try target URL of 30x
 Security headers             Access-Control-Allow-Credentials: true
                              Cache-Control: private, max-age=0, no-store,
                                no-cache, must-revalidate, post-check=0,
                                pre-check=0
 Reverse Proxy banner         --


 Testing vulnerabilities 

 Secure Renegotiation (RFC 5746)           supported (OK)
 Secure Client-Initiated Renegotiation     not vulnerable (OK)
 CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
 BREACH (CVE-2013-3587)                    no gzip/deflate/compress/br HTTP compression (OK)  - only supplied "/" tested
 POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)
 TLS_FALLBACK_SCSV (RFC 7507)              No fallback possible (OK), no protocol below TLS 1.2 offered
 SWEET32 (CVE-2016-2183, CVE-2016-6329)    not vulnerable (OK)
 FREAK (CVE-2015-0204)                     not vulnerable (OK)
 DROWN (CVE-2016-0800, CVE-2016-0703)      not vulnerable on this host and port (OK)
                                           make sure you don't use this certificate elsewhere with SSLv2 enabled services, see
                                           https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=C176B1939FB227E1042523E3FFEDE61A4F3ED101903EAF4429308454D298F41B
 LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2
 BEAST (CVE-2011-3389)                     not vulnerable (OK), no SSL3 or TLS1
 LUCKY13 (CVE-2013-0169), experimental     potentially VULNERABLE, uses obsolete cipher block chaining ciphers with TLS, see server prefs.
 Winshock (CVE-2014-6321), experimental    not vulnerable (OK)
 RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)


 Done 2026-03-26 15:16:06 [  57s] -->> 104.18.1.117:443 (test.minerva.com.ar) <<--

-----------------------------------------------------
 Start 2026-03-26 15:16:06        -->> 104.18.0.117:443 (test.minerva.com.ar) <<--

 Further IP addresses:   104.18.1.117 2606:4700::6812:75 2606:4700::6812:175 
 rDNS (104.18.0.117):    --
 Service detected:       HTTP

 Testing for server implementation bugs 

 No bugs found.

 Testing HTTP header response @ "/" 

 HTTP Status Code             302 Found, redirecting to "https://molinos.cloudflareaccess.com/cdn-cgi/access/login/test.minerva.com.ar?kid=c73d726786aed962d5dafb03aa5b3edaeff317d92994de0b0e19dd86fb187124&meta=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImM1Nzc0MTkwNWNhOWMzZWY2NjQ3YmI0ODdiYTZhMDFjZjNkOTEzZTc0ZjBmNGZkZTdkZGNkNGZiYzMxNzJhY2IifQ.eyJ0eXBlIjoibWV0YSIsImF1ZCI6ImM3M2Q3MjY3ODZhZWQ5NjJkNWRhZmIwM2FhNWIzZWRhZWZmMzE3ZDkyOTk0ZGUwYjBlMTlkZDg2ZmIxODcxMjQiLCJob3N0bmFtZSI6InRlc3QubWluZXJ2YS5jb20uYXIiLCJyZWRpcmVjdF91cmwiOiIvIiwic2VydmljZV90b2tlbl9zdGF0dXMiOmZhbHNlLCJpc193YXJwIjpmYWxzZSwiaXNfZ2F0ZXdheSI6ZmFsc2UsImV4cCI6MTc3NDUzODUwMCwibmJmIjoxNzc0NTM4MjAwLCJpYXQiOjE3NzQ1MzgyMDAsImF1dGhfc3RhdHVzIjoiTk9ORSIsIm10bHNfYXV0aCI6eyJjZXJ0X2lzc3Vlcl9kbiI6IiIsImNlcnRfc2VyaWFsIjoiIiwiY2VydF9pc3N1ZXJfc2tpIjoiIiwiY2VydF9wcmVzZW50ZWQiOmZhbHNlLCJjb21tb25fbmFtZSI6IiIsImF1dGhfc3RhdHVzIjoiTk9ORSJ9LCJyZWFsX2NvdW50cnkiOiJVUyIsImFwcF9zZXNzaW9uX2hhc2giOiJkNDJhZGE5YWZmOTNiM2UyNTVhN2FkOTE3ZmJiYzUyYWFhYmE1NzdiNGU5YmQ0MmQxZTVlMWZhMTJjYjI3Zjc3In0.PfkGPfe0kAFxU0XjOOss69qKrSAzO1fl8SgRtt886mxfUdSQGznk1mkIUswZPCraKROO98YcetQE8thVxRIE1AlB_RSvrq37ooV3PfHR7kVKgAj2sO2XSsbgvVFq2CAJCu4dxUuz2pOFu78X73er5CtFjTSfxGjMs9WN0Zlj1Nd6aQzh0GBAz41gv1PEJS6fuxYnEwN5vXqN9nzHSJGnZ87Hu6Jvddr7pcBEjcsry0pHlGEK5NpG7VjRw005692fRIxiAA5DSMhEe6whCGZJBHcSYrD1RF2rRaKr4FRYcWsJYsbv_6BwH1Rjd0hNYY78kHuuB5Ghhw9zbP8GVKMH6A&redirect_url=%2F"
 HTTP clock skew              0 sec from localtime
 IPv4 address in header       set-cookie: __cf_bm=2NueoQQ_ltuA3u0tlER1wI8RxksmPFTYiIBZm_igZ68-1774538200.5386417-1.0.1.1-T2.6UScS91z4QfO0CK.G7rlC0WS6BIERLm62AvdIYFmHdcqiGH3K8xp8HCgIpZ0RSeewgHn3QHe794giLZpEiIy.KfHaS_quyr4PoQS4f8U7Uu.VKXHdhYLxUqSq1m..; HttpOnly; Secure; Path=/; Domain=minerva.com.ar; Expires=Thu, 26 Mar 2026 15:46:40 GMT
                              (check if it's your IP address or e.g. a cluster IP)
 Strict Transport Security    not offered
 Public Key Pinning           --
 Server banner                cloudflare
 Application banner           --
 Cookie(s)                    2 issued: 2/2 secure, 2/2 HttpOnly -- maybe better try target URL of 30x
 Security headers             Access-Control-Allow-Credentials: true
                              Cache-Control: private, max-age=0, no-store,
                                no-cache, must-revalidate, post-check=0,
                                pre-check=0
 Reverse Proxy banner         --


 Testing vulnerabilities 

 Secure Renegotiation (RFC 5746)           supported (OK)
 Secure Client-Initiated Renegotiation     not vulnerable (OK)
 CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
 BREACH (CVE-2013-3587)                    no gzip/deflate/compress/br HTTP compression (OK)  - only supplied "/" tested
 POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)
 TLS_FALLBACK_SCSV (RFC 7507)              No fallback possible (OK), no protocol below TLS 1.2 offered
 SWEET32 (CVE-2016-2183, CVE-2016-6329)    not vulnerable (OK)
 FREAK (CVE-2015-0204)                     not vulnerable (OK)
 DROWN (CVE-2016-0800, CVE-2016-0703)      not vulnerable on this host and port (OK)
                                           make sure you don't use this certificate elsewhere with SSLv2 enabled services, see
                                           https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=C176B1939FB227E1042523E3FFEDE61A4F3ED101903EAF4429308454D298F41B
 LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2
 BEAST (CVE-2011-3389)                     not vulnerable (OK), no SSL3 or TLS1
 LUCKY13 (CVE-2013-0169), experimental     potentially VULNERABLE, uses obsolete cipher block chaining ciphers with TLS, see server prefs.
 Winshock (CVE-2014-6321), experimental    not vulnerable (OK)
 RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)


 Done 2026-03-26 15:17:00 [ 111s] -->> 104.18.0.117:443 (test.minerva.com.ar) <<--

-----------------------------------------------------
Done testing now all IP addresses (on port 443): 104.18.1.117 104.18.0.117

About this Scan

This scan uses testssl.sh to check for:

  • Protocols: SSLv2, SSLv3, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3
  • Vulnerabilities: Heartbleed, POODLE, FREAK, Logjam, DROWN, etc.
  • Cipher Suites: Weak ciphers, perfect forward secrecy (PFS) support.

Run Another Scan Recent Scans