SSL-Tools

SSL check results of meursgv.nl

NEW You can also bulk check multiple servers.

Discover if the mail servers for meursgv.nl can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 06 Dec 2022 16:14:32 +0000

We can not guarantee a secure connection to the mailservers of meursgv.nl!

Please contact the operator of meursgv.nl and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/meursgv.nl

Servers

Incoming Mails

These servers are responsible for incoming mails to @meursgv.nl addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mailfilter1b.mijndomein.nl
2001:41d0:700:3bd7::a1
Results incomplete
5
unsupported
not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
2 s
mailfilter1b.mijndomein.nl
2001:41d0:203:99a3::a1
Results incomplete
5
unsupported
not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
2 s
mailfilter1b.mijndomein.nl
135.125.7.163
 5
supported
*.oxseu-vadesecure.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
16 s
mailfilter1b.mijndomein.nl
51.89.43.215
 5
supported
*.oxseu-vadesecure.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
16 s
mailfilter2b.mijndomein.nl
2001:41d0:700:3bd8::a1
Results incomplete
5
unsupported
not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
2 s
mailfilter2b.mijndomein.nl
2001:41d0:203:99a4::a1
Results incomplete
5
unsupported
not checked
DANE
errors
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
2 s
mailfilter2b.mijndomein.nl
51.89.43.216
 5
supported
*.oxseu-vadesecure.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
16 s
mailfilter2b.mijndomein.nl
135.125.7.164
 5
supported
*.oxseu-vadesecure.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
16 s

Outgoing Mails

We have not received any emails from a @meursgv.nl address so far. Test mail delivery

Certificates

First seen at:

CN=*.oxseu-vadesecure.net

Certificate chain
Subject
Common Name (CN)
  • *.oxseu-vadesecure.net
Alternative Names
  • *.oxseu-vadesecure.net
  • oxseu-vadesecure.net
Issuer
Country (C)
  • FR
State (ST)
  • Paris
Locality (L)
  • Paris
Organization (O)
  • Gandi
Common Name (CN)
  • Gandi Standard SSL CA 2
validity period
Not valid before
2022-05-13
Not valid after
2023-05-22
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
9C:01:64:4E:68:44:7B:F2:0B:6A:4E:48:A1:D5:54:A6:98:43:88:25:55:DD:A9:D8:0E:EF:BA:F6:50:68:C6:F8
SHA1
F3:A9:BF:2A:23:C2:9E:A0:16:72:60:E4:C3:67:7B:A4:BE:1F:73:B4
X509v3 extensions
authorityKeyIdentifier
  • keyid:B3:90:A7:D8:C9:AF:4E:CD:61:3C:9F:7C:AD:5D:7F:41:FD:69:30:EA
subjectKeyIdentifier
  • 4D:D7:B0:47:C8:F5:9C:24:27:AB:90:95:B7:46:07:A6:70:54:15:0A
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.2.26
  • CPS: https://cps.usertrust.com
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://crl.usertrust.com/GandiStandardSSLCA2.crl
authorityInfoAccess
  • CA Issuers - URI:http://crt.usertrust.com/GandiStandardSSLCA2.crt
  • OCSP - URI:http://ocsp.usertrust.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : AD:F7:BE:FA:7C:FF:10:C8:8B:9D:3D:9C:1E:3E:18:6A:
  • B4:67:29:5D:CF:B1:0C:24:CA:85:86:34:EB:DC:82:8A
  • Timestamp : May 13 07:47:13.542 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:83:F2:41:C3:B2:02:24:34:43:1E:9C:
  • 23:E3:AE:11:16:E1:D7:1D:28:3A:E8:0A:D3:25:FD:0A:
  • 0B:A9:7E:C4:1D:02:21:00:86:64:E3:A0:AA:D0:41:7F:
  • E0:E2:AE:A2:D0:DE:98:B2:F1:3A:88:AE:E5:F6:62:57:
  • 70:45:D3:0E:8B:03:9D:0A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7A:32:8C:54:D8:B7:2D:B6:20:EA:38:E0:52:1E:E9:84:
  • 16:70:32:13:85:4D:3B:D2:2B:C1:3A:57:A3:52:EB:52
  • Timestamp : May 13 07:47:13.520 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:A2:E3:61:CF:05:D6:E4:8B:7A:D1:09:
  • 88:5C:F3:0E:60:CC:9B:BC:17:88:34:C2:DF:2E:AB:07:
  • 0C:F5:56:2C:9E:02:20:79:0C:2F:27:A0:E6:CA:79:E0:
  • 6E:F8:2D:8F:CA:08:95:66:A7:9E:96:AD:51:0F:94:C6:
  • 7E:B4:EA:6C:B0:FE:9C
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E8:3E:D0:DA:3E:F5:06:35:32:E7:57:28:BC:89:6B:C9:
  • 03:D3:CB:D1:11:6B:EC:EB:69:E1:77:7D:6D:06:BD:6E
  • Timestamp : May 13 07:47:13.458 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:79:8C:9C:BA:BF:07:C2:9C:88:7A:22:11:
  • 41:D0:C2:F4:32:4D:4F:82:BF:61:9A:42:90:49:34:28:
  • CA:59:93:AA:02:20:19:34:58:AA:C1:35:A9:5D:28:00:
  • 2A:C6:13:73:3C:21:F5:DD:AE:60:54:83:B6:03:DD:B2:
  • CD:4F:47:24:EB:1B

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mailfilter1b.mijndomein.nl
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mailfilter2b.mijndomein.nl
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid