Crypto on this site is broken and is likely not to provide enough security.
Note: The overall score is calculated based on the lowest score achieved by any of the machines scanned.
D
|
clientondersteuningplus.nl | 185.37.70.68 | 2023-02-07 20:35:46 UTC | ||
-
|
localhost.clientondersteuningplus.nl | 127.0.0.1 | excluded | ||
-
|
pop.clientondersteuningplus.nl | 5.157.84.75 | 2023-02-07 20:35:46 UTC |
Below we list all of the machines detected. For each machine, we list the cryptographic services found. For each service, we give the reasons behind the grading. To see the full details of the cryptography offered by a service, click on "show details".
IP address | 185.37.70.68 |
---|---|
Last scan | 2023-02-07 20:35:46 UTC |
Versions | TLS 1.2 |
---|---|
Ciphers |
|
Cipher order | Server |
Compression |
|
Certificate key | RSA 2048-bit test this key |
Hash algorithm | SHA-256 |
Diffie-Hellman |
|
Certificate start date | 2023-01-23 07:19:52 UTC |
Certificate expiration date | 2023-04-23 07:19:51 UTC |
Certificate serial number | 264366351351156481945398639105837848593324 |
Certificate issuer | CN=R3,O=Let's Encrypt,C=US |
Certificate subject | CN=server097.yourhosting.nl |
Certificate SANs |
|
Trigger | The ExtendedKeyUsage extension is marked as non-critical and has the following values: clientAuth, serverAuth. |
---|---|
Context |
Recommendation R28 (ANSSI recommendations for TLS) |
Trigger | The server can exchange keys with DHE. |
---|---|
Context |
Recommendation R7 (ANSSI recommendations for TLS) |
Trigger | TLS 1.2 supported by the server. |
---|---|
Context |
Recommendation R3 (ANSSI recommendations for TLS) |
Trigger | The server can be authenticated with: RSA. |
---|---|
Context |
Recommendation R8 (ANSSI recommendations for TLS) |
Trigger | SSL 3.0, SSL 2.0, TLS 1.0, TLS 1.1 not among the protocols offered by TLS server. |
---|---|
Context |
Recommendation R4 (ANSSI recommendations for TLS) |
Trigger | The server doesn't support any anonymous cipher suite. |
---|---|
Context |
Recommendation R5 (ANSSI recommendations for TLS) |
Trigger | The server only supports cipher suites that provide forward secrecy. |
---|---|
Context |
Recommendation R6 (ANSSI recommendations for TLS) |
Trigger | The server only encrypts bulk data with AES or ChaCha20. |
---|---|
Context |
Recommendation R9 (ANSSI recommendations for TLS) |
Trigger | The server only authenticates bulk data with GCM or CCM (not CCM-8). |
---|---|
Context |
Recommendation R10 (ANSSI recommendations for TLS) |
Trigger | The server only hashes data with SHA-2. |
---|---|
Context |
Recommendation R11 (ANSSI recommendations for TLS) |
Trigger | Server order is preferred. |
---|---|
Context |
Recommendation R13 (ANSSI recommendations for TLS) |
Trigger | This service supports the following compression algorithms: NULL. |
---|---|
Context |
Recommendation R19 (ANSSI recommendations for TLS) |
Trigger | The certificate is signed with SHA-2 |
---|---|
Context |
Recommendation R24 (ANSSI recommendations for TLS) |
Trigger | The expiration date of this certificate is 2023-04-23 07:19:51 UTC. |
---|---|
Context |
Recommendation R25 (ANSSI recommendations for TLS) |
Trigger | The certificate's RSA key has a length of 2048 bits and an exponent of 65537. |
---|---|
Context |
Recommendation R26 (ANSSI recommendations for TLS) |
Trigger | The KeyUsage extension is marked as critical and has the following values: keyEncipherment, digitalSignature |
---|---|
Context |
Recommendation R27 (ANSSI recommendations for TLS) |
Trigger | Both CRLDP and AIA extensions are present and marked as non-critical. |
---|---|
Context |
Recommendation R33 (ANSSI recommendations for TLS) |
Versions | TLS 1.2 |
---|---|
Ciphers |
|
Cipher order | Server |
Compression |
|
Certificate key | RSA 2048-bit test this key |
Hash algorithm | SHA-256 |
Diffie-Hellman |
|
Certificate start date | 2022-12-15 08:19:52 UTC |
Certificate expiration date | 2023-03-15 08:19:51 UTC |
Certificate serial number | 324232323643621526655136703012456477337743 |
Certificate issuer | CN=R3,O=Let's Encrypt,C=US |
Certificate subject | CN=clientondersteuningplus.nl |
Certificate SANs |
|
Trigger | The ExtendedKeyUsage extension is marked as non-critical and has the following values: clientAuth, serverAuth. |
---|---|
Context |
Recommendation R28 (ANSSI recommendations for TLS) |
Trigger | The server can encrypt bulk data with a mechanism that is not GCM or CCM. |
---|---|
Context |
Recommendation R10 (ANSSI recommendations for TLS) |
Trigger | The server can exchange keys with DHE. |
---|---|
Context |
Recommendation R7 (ANSSI recommendations for TLS) |
Trigger | TLS 1.2 supported by the server. |
---|---|
Context |
Recommendation R3 (ANSSI recommendations for TLS) |
Trigger | The server can be authenticated with: RSA. |
---|---|
Context |
Recommendation R8 (ANSSI recommendations for TLS) |
Trigger | SSL 3.0, SSL 2.0, TLS 1.0, TLS 1.1 not among the protocols offered by TLS server. |
---|---|
Context |
Recommendation R4 (ANSSI recommendations for TLS) |
Trigger | The server doesn't support any anonymous cipher suite. |
---|---|
Context |
Recommendation R5 (ANSSI recommendations for TLS) |
Trigger | The server only supports cipher suites that provide forward secrecy. |
---|---|
Context |
Recommendation R6 (ANSSI recommendations for TLS) |
Trigger | The server only encrypts bulk data with AES or ChaCha20. |
---|---|
Context |
Recommendation R9 (ANSSI recommendations for TLS) |
Trigger | The server only hashes data with SHA-2. |
---|---|
Context |
Recommendation R11 (ANSSI recommendations for TLS) |
Trigger | Server order is preferred. |
---|---|
Context |
Recommendation R13 (ANSSI recommendations for TLS) |
Trigger | This service supports the following compression algorithms: NULL. |
---|---|
Context |
Recommendation R19 (ANSSI recommendations for TLS) |
Trigger | The certificate is signed with SHA-2 |
---|---|
Context |
Recommendation R24 (ANSSI recommendations for TLS) |
Trigger | The expiration date of this certificate is 2023-03-15 08:19:51 UTC. |
---|---|
Context |
Recommendation R25 (ANSSI recommendations for TLS) |
Trigger | The certificate's RSA key has a length of 2048 bits and an exponent of 65537. |
---|---|
Context |
Recommendation R26 (ANSSI recommendations for TLS) |
Trigger | The KeyUsage extension is marked as critical and has the following values: keyEncipherment, digitalSignature |
---|---|
Context |
Recommendation R27 (ANSSI recommendations for TLS) |
Trigger | Both CRLDP and AIA extensions are present and marked as non-critical. |
---|---|
Context |
Recommendation R33 (ANSSI recommendations for TLS) |
Versions | TLS 1.2 |
---|---|
Ciphers |
|
Cipher order | Client |
Compression |
|
Certificate key | RSA 2048-bit test this key |
Hash algorithm | SHA-256 |
Diffie-Hellman |
|
Certificate start date | 2023-01-23 07:19:52 UTC |
Certificate expiration date | 2023-04-23 07:19:51 UTC |
Certificate serial number | 264366351351156481945398639105837848593324 |
Certificate issuer | CN=R3,O=Let's Encrypt,C=US |
Certificate subject | CN=server097.yourhosting.nl |
Certificate SANs |
|
Trigger | The ExtendedKeyUsage extension is marked as non-critical and has the following values: clientAuth, serverAuth. |
---|---|
Context |
Recommendation R28 (ANSSI recommendations for TLS) |
Trigger | Client order is preferred. |
---|---|
Context |
Recommendation R13 (ANSSI recommendations for TLS) |
Trigger | The server can exchange keys with DHE. |
---|---|
Context |
Recommendation R7 (ANSSI recommendations for TLS) |
Trigger | TLS 1.2 supported by the server. |
---|---|
Context |
Recommendation R3 (ANSSI recommendations for TLS) |
Trigger | The server can be authenticated with: RSA. |
---|---|
Context |
Recommendation R8 (ANSSI recommendations for TLS) |
Trigger | SSL 3.0, SSL 2.0, TLS 1.0, TLS 1.1 not among the protocols offered by TLS server. |
---|---|
Context |
Recommendation R4 (ANSSI recommendations for TLS) |
Trigger | The server doesn't support any anonymous cipher suite. |
---|---|
Context |
Recommendation R5 (ANSSI recommendations for TLS) |
Trigger | The server only supports cipher suites that provide forward secrecy. |
---|---|
Context |
Recommendation R6 (ANSSI recommendations for TLS) |
Trigger | The server only encrypts bulk data with AES or ChaCha20. |
---|---|
Context |
Recommendation R9 (ANSSI recommendations for TLS) |
Trigger | The server only authenticates bulk data with GCM or CCM (not CCM-8). |
---|---|
Context |
Recommendation R10 (ANSSI recommendations for TLS) |
Trigger | The server only hashes data with SHA-2. |
---|---|
Context |
Recommendation R11 (ANSSI recommendations for TLS) |
Trigger | This service supports the following compression algorithms: NULL. |
---|---|
Context |
Recommendation R19 (ANSSI recommendations for TLS) |
Trigger | The certificate is signed with SHA-2 |
---|---|
Context |
Recommendation R24 (ANSSI recommendations for TLS) |
Trigger | The expiration date of this certificate is 2023-04-23 07:19:51 UTC. |
---|---|
Context |
Recommendation R25 (ANSSI recommendations for TLS) |
Trigger | The certificate's RSA key has a length of 2048 bits and an exponent of 65537. |
---|---|
Context |
Recommendation R26 (ANSSI recommendations for TLS) |
Trigger | The KeyUsage extension is marked as critical and has the following values: keyEncipherment, digitalSignature |
---|---|
Context |
Recommendation R27 (ANSSI recommendations for TLS) |
Trigger | Both CRLDP and AIA extensions are present and marked as non-critical. |
---|---|
Context |
Recommendation R33 (ANSSI recommendations for TLS) |
Versions | TLS 1.2 |
---|---|
Ciphers |
|
Cipher order | Client |
Compression |
|
Certificate key | RSA 2048-bit test this key |
Hash algorithm | SHA-256 |
Diffie-Hellman |
|
Certificate start date | 2023-01-23 07:19:52 UTC |
Certificate expiration date | 2023-04-23 07:19:51 UTC |
Certificate serial number | 264366351351156481945398639105837848593324 |
Certificate issuer | CN=R3,O=Let's Encrypt,C=US |
Certificate subject | CN=server097.yourhosting.nl |
Certificate SANs |
|
Trigger | The ExtendedKeyUsage extension is marked as non-critical and has the following values: clientAuth, serverAuth. |
---|---|
Context |
Recommendation R28 (ANSSI recommendations for TLS) |
Trigger | Client order is preferred. |
---|---|
Context |
Recommendation R13 (ANSSI recommendations for TLS) |
Trigger | The server can exchange keys with DHE. |
---|---|
Context |
Recommendation R7 (ANSSI recommendations for TLS) |
Trigger | TLS 1.2 supported by the server. |
---|---|
Context |
Recommendation R3 (ANSSI recommendations for TLS) |
Trigger | The server can be authenticated with: RSA. |
---|---|
Context |
Recommendation R8 (ANSSI recommendations for TLS) |
Trigger | SSL 3.0, SSL 2.0, TLS 1.0, TLS 1.1 not among the protocols offered by TLS server. |
---|---|
Context |
Recommendation R4 (ANSSI recommendations for TLS) |
Trigger | The server doesn't support any anonymous cipher suite. |
---|---|
Context |
Recommendation R5 (ANSSI recommendations for TLS) |
Trigger | The server only supports cipher suites that provide forward secrecy. |
---|---|
Context |
Recommendation R6 (ANSSI recommendations for TLS) |
Trigger | The server only encrypts bulk data with AES or ChaCha20. |
---|---|
Context |
Recommendation R9 (ANSSI recommendations for TLS) |
Trigger | The server only authenticates bulk data with GCM or CCM (not CCM-8). |
---|---|
Context |
Recommendation R10 (ANSSI recommendations for TLS) |
Trigger | The server only hashes data with SHA-2. |
---|---|
Context |
Recommendation R11 (ANSSI recommendations for TLS) |
Trigger | This service supports the following compression algorithms: NULL. |
---|---|
Context |
Recommendation R19 (ANSSI recommendations for TLS) |
Trigger | The certificate is signed with SHA-2 |
---|---|
Context |
Recommendation R24 (ANSSI recommendations for TLS) |
Trigger | The expiration date of this certificate is 2023-04-23 07:19:51 UTC. |
---|---|
Context |
Recommendation R25 (ANSSI recommendations for TLS) |
Trigger | The certificate's RSA key has a length of 2048 bits and an exponent of 65537. |
---|---|
Context |
Recommendation R26 (ANSSI recommendations for TLS) |
Trigger | The KeyUsage extension is marked as critical and has the following values: keyEncipherment, digitalSignature |
---|---|
Context |
Recommendation R27 (ANSSI recommendations for TLS) |
Trigger | Both CRLDP and AIA extensions are present and marked as non-critical. |
---|---|
Context |
Recommendation R33 (ANSSI recommendations for TLS) |
IP address | 127.0.0.1 |
---|---|
Last scan | excluded |
This machine is excluded.
IP address | 5.157.84.75 |
---|---|
Last scan | 2023-02-07 20:35:46 UTC |
No service that could be analyzed detected on this machine.