SSL-Tools

SSL check results of mail.achterhoekkrediet.nl

NEW You can also bulk check multiple servers.

Discover if the mail servers for mail.achterhoekkrediet.nl can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 28 Feb 2024 09:57:37 +0000

We can not guarantee a secure connection to the mailservers of mail.achterhoekkrediet.nl!

Please contact the operator of mail.achterhoekkrediet.nl and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/mail.achterhoekkrediet.nl

Servers

Incoming Mails

These servers are responsible for incoming mails to @mail.achterhoekkrediet.nl addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
achterhoekkrediet.nl
2a01:7c8:aac3:249:5054:ff:fe2b:4326
 10
supported
vs13.imgnd.nl
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
achterhoekkrediet.nl
37.97.207.103
 10
supported
vs13.imgnd.nl
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
relay.transip.nl
2a01:7c8:7c8::29
Results incomplete
30
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
relay.transip.nl
2a01:7c8:7c8::12
Results incomplete
30
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
relay.transip.nl
149.210.149.12
Results incomplete
30
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
relay.transip.nl
149.210.149.29
Results incomplete
30
supported
not checked
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @mail.achterhoekkrediet.nl address so far. Test mail delivery

Certificates

First seen at:

CN=vs13.imgnd.nl

Certificate chain
  • vs13.imgnd.nl
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
    • Hostname Mismatch
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • vs13.imgnd.nl
Alternative Names
  • mail.achterhoekkrediet.nl
  • vs13.imgnd.nl
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-02-20
Not valid after
2024-05-20
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
20:27:80:74:13:3E:2A:0E:1B:F2:6A:79:08:A5:E6:83:F6:E5:46:3A:B9:54:C7:3D:F6:17:27:A5:1F:90:8A:E0
SHA1
81:A8:B7:03:81:14:47:1A:45:73:60:B1:14:70:0B:02:16:CF:71:1E
X509v3 extensions
subjectKeyIdentifier
  • 78:B7:9A:E3:52:FF:84:02:DF:E6:7C:AB:17:C2:18:30:97:93:11:D6
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
  • B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
  • Timestamp : Feb 20 13:13:19.128 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:38:9E:92:6B:C0:C8:12:2E:61:BF:08:13:
  • F2:32:26:0D:89:00:CB:FB:A8:D9:CD:08:C1:DF:CA:EA:
  • 99:E1:19:CD:02:21:00:A0:F4:7C:7D:CB:B3:7D:60:0F:
  • D9:FA:E0:41:A3:2E:96:ED:F8:4D:E7:68:29:71:4D:F1:
  • 22:D9:F9:3C:1B:55:E3
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
  • 65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
  • Timestamp : Feb 20 13:13:19.591 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:CD:05:9F:CE:90:7A:64:E8:14:0A:49:
  • 5F:3B:50:6E:DF:6D:72:11:B8:B1:7B:C1:05:56:12:11:
  • EE:46:3A:F4:6B:02:21:00:A3:AE:F8:54:24:9A:C2:13:
  • 30:D6:DE:97:18:3C:22:1E:BE:7E:0B:82:7B:73:17:C3:
  • 22:38:B8:6F:1D:08:85:C1
First seen at:

CN=vs13.imgnd.nl

Certificate chain
  • vs13.imgnd.nl
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
    • Hostname Mismatch
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • vs13.imgnd.nl
Alternative Names
  • mail.achterhoekkrediet.nl
  • vs13.imgnd.nl
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-02-28
Not valid after
2024-05-28
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
82:40:76:FF:3D:C5:89:51:D0:71:2E:94:9F:34:EF:56:93:E2:C7:EA:FC:07:25:3A:6A:52:38:B2:30:A0:42:24
SHA1
3A:9A:24:CF:B6:5E:EF:EB:E0:27:71:A0:A6:0A:14:7E:F3:BD:51:30
X509v3 extensions
subjectKeyIdentifier
  • 73:BC:B8:C8:94:E1:6E:96:6B:18:32:91:E6:0C:DE:A6:34:41:D4:4C
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
  • 67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
  • Timestamp : Feb 28 09:54:54.011 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:92:54:62:05:A4:37:FE:48:EA:64:84:
  • BA:E1:BD:85:4D:67:16:5E:7D:F5:46:6D:D8:1F:34:BD:
  • BE:C5:F5:5A:00:02:20:4C:BE:57:91:A8:15:71:B8:81:
  • E3:03:2D:A0:7F:0E:AB:D3:B0:AA:C0:A8:65:C6:1D:7F:
  • 08:3F:16:FB:07:FD:AD
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Feb 28 09:54:54.501 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:18:74:C5:BC:62:D6:10:43:81:71:94:EB:
  • D6:1E:94:94:55:55:94:11:9B:49:00:63:CC:68:B0:3B:
  • 82:C1:39:2C:02:21:00:96:61:BF:65:85:1C:97:EE:15:
  • 42:33:E8:19:04:3F:44:AE:7F:32:C7:2F:10:1E:78:E2:
  • 8A:8D:64:D2:6B:08:1D

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.relay.transip.nl
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid