SSL-Tools

SSL check results of degeboortezaak.nl

NEW You can also bulk check multiple servers.

Discover if the mail servers for degeboortezaak.nl can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 05 Nov 2024 15:16:05 +0000

The mailservers of degeboortezaak.nl can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @degeboortezaak.nl addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
intranet.degeboortezaak.nl
37.97.223.225
 10
supported
intranet.degeboortezaak.nl
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mx.transip.email
2a01:7c8:e100:1::4aaf
Results incomplete
20
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
6 s
mx.transip.email
86.105.244.9
Results incomplete
20
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
7 s

Outgoing Mails

We have not received any emails from a @degeboortezaak.nl address so far. Test mail delivery

Certificates

First seen at:

CN=intranet.degeboortezaak.nl

Certificate chain
Subject
Common Name (CN)
  • intranet.degeboortezaak.nl
Alternative Names
  • intranet.degeboortezaak.nl
Issuer
Country (C)
  • GB
State (ST)
  • Greater Manchester
Locality (L)
  • Salford
Organization (O)
  • Sectigo Limited
Common Name (CN)
  • Sectigo RSA Domain Validation Secure Server CA
validity period
Not valid before
2024-05-25
Not valid after
2025-06-25
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
EB:CE:8A:0E:82:DD:36:A0:44:60:43:F6:09:6F:DD:7A:AC:B6:88:87:54:42:11:FC:9F:18:A4:1A:A7:07:B0:A8
SHA1
00:B5:AA:B5:41:4C:D0:C4:78:8D:95:33:A3:B9:C9:4C:37:90:18:C6
X509v3 extensions
authorityKeyIdentifier
  • keyid:8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
subjectKeyIdentifier
  • C6:64:30:70:1E:08:5E:C2:D3:F3:36:0C:CD:56:50:CA:BC:81:26:A5
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.2.7
  • CPS: https://sectigo.com/CPS
  • Policy: 2.23.140.1.2.1
authorityInfoAccess
  • CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
  • OCSP - URI:http://ocsp.sectigo.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
  • 1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
  • Timestamp : May 25 08:00:53.915 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:06:BE:EF:7E:E9:F2:D0:49:AE:5D:FD:3D:
  • 4A:0A:B5:14:BB:48:10:95:71:6F:93:C2:4F:9C:1C:0A:
  • 27:F3:AC:60:02:20:0B:ED:7F:F0:3B:D8:C6:70:51:28:
  • 66:9A:19:3B:33:54:26:8D:5E:6D:60:D6:0F:B6:31:F6:
  • A2:67:91:6C:FC:58
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
  • D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
  • Timestamp : May 25 14:48:23.536 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:4D:46:BA:AB:88:41:22:06:4D:32:43:05:
  • 0C:CF:BA:3E:E0:52:DE:BC:38:1B:26:8C:EA:51:97:8A:
  • 6D:03:3B:24:02:21:00:BD:79:66:BD:16:35:83:05:8E:
  • 03:6B:09:7B:BB:72:28:87:91:ED:F9:E3:BC:71:E3:D7:
  • 46:76:49:E9:C5:C2:6A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
  • 1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
  • Timestamp : May 25 08:00:53.883 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:B1:88:EB:7A:D7:63:D9:EB:F4:EF:1A:
  • CE:32:86:59:31:42:0D:2D:70:32:A8:B3:5E:D5:A3:57:
  • 7B:6A:98:5B:C3:02:20:54:40:B9:02:5B:7D:D4:DB:E8:
  • 6A:F9:97:0B:C4:44:02:5C:9E:91:46:10:21:13:B3:AE:
  • EB:44:26:EB:26:B8:7F

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx.transip.email
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid