Cryptosense Discovery

Choose a standard

These results have been calculated using the following standard:

Export

Printable page
PDF (requires a login)

is the overall score for

clientondersteuningplus.nl

Crypto on this site is broken and is likely not to provide enough security.

Note: The overall score is calculated based on the lowest score achieved by any of the machines scanned.

Machines Scanned

D	clientondersteuningplus.nl	185.37.70.68	2023-02-07 20:35:46 UTC	You must be logged in to monitor hosts.
-	localhost.clientondersteuningplus.nl	127.0.0.1	excluded	You must be logged in to monitor hosts.
-	pop.clientondersteuningplus.nl	5.157.84.75	2023-02-07 20:35:46 UTC	You must be logged in to monitor hosts.

Crypto Services Discovered

Below we list all of the machines detected. For each machine, we list the cryptographic services found. For each service, we give the reasons behind the grading. To see the full details of the cryptography offered by a service, click on "show details".

clientondersteuningplus.nl

IP address	185.37.70.68
Last scan	2023-02-07 20:35:46 UTC

TLS FTP (port 21)

Rules applicable 17

A	A^!	B	C	D	F
13	2	1	0	1	0

TLS HTTP (port 443)

Rules applicable 17

A	A^!	B	C	D	F
12	2	1	1	1	0

TLS SMTP (port 465)

Rules applicable 17

A	A^!	B	C	D	F
12	2	1	1	1	0

TLS SMTP (port 587)

Rules applicable 17

A	A^!	B	C	D	F
12	2	1	1	1	0

TLS (port 21 – FTP)

Show scan details

Versions	TLS 1.2
Ciphers	`TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2 `TLS_DHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2
Cipher order	Server
Compression	`NULL` TLS 1.2
Certificate key	RSA 2048-bit test this key
Hash algorithm	SHA-256
Diffie-Hellman	Group (custom, 2048-bit): 0xe27b2cd5c91f4abc877173aa6c5a968ae793003c2a16af4cdd7b30433409c3eabb6d8192a40cf75465d8db33de04ea22c8251f20d67fc699fc50306a887636d8e2142cde39f5b128da68a0d285c823759b8dd5c4bf7f09ed9af5e5b0ab03cd8ddfc8fe2434a28f7e7af188ef9ce3f89a457c335f99aa9234690c66461df17181ecb075fa51b9c8e713f8fbf68984191fd4f78f26d6aaacb37a6f82d3850359a4583bab20edf23923d8edafd54565d87d7be524ec743e0b412124c53d9b6ad26db1f8e390e0e0dc8a8c8642ebfee31e306c67dd7e39ef3ef12f9f3489834671029f59eeb2362231c392129a1c176c351f680ad6f9f79dd940d724b47dcaae9b63 Generator: 0x2
Certificate start date	2023-01-23 07:19:52 UTC
Certificate expiration date	2023-04-23 07:19:51 UTC
Certificate serial number	264366351351156481945398639105837848593324
Certificate issuer	CN=R3,O=Let's Encrypt,C=US
Certificate subject	CN=server097.yourhosting.nl
Certificate SANs	`server097.yourhosting.nl`

Trigger	The ExtendedKeyUsage extension is marked as non-critical and has the following values: clientAuth, serverAuth.
Context	Recommendation R28 (ANSSI recommendations for TLS)

Trigger	The server can exchange keys with DHE.
Context	Recommendation R7 (ANSSI recommendations for TLS)

Trigger	TLS 1.2 supported by the server.
Context	Recommendation R3 (ANSSI recommendations for TLS)

Trigger	The server can be authenticated with: RSA.
Context	Recommendation R8 (ANSSI recommendations for TLS)

Trigger	SSL 3.0, SSL 2.0, TLS 1.0, TLS 1.1 not among the protocols offered by TLS server.
Context	Recommendation R4 (ANSSI recommendations for TLS)

Trigger	The server doesn't support any anonymous cipher suite.
Context	Recommendation R5 (ANSSI recommendations for TLS)

Trigger	The server only supports cipher suites that provide forward secrecy.
Context	Recommendation R6 (ANSSI recommendations for TLS)

Trigger	The server only encrypts bulk data with AES or ChaCha20.
Context	Recommendation R9 (ANSSI recommendations for TLS)

Trigger	The server only authenticates bulk data with GCM or CCM (not CCM-8).
Context	Recommendation R10 (ANSSI recommendations for TLS)

Trigger	The server only hashes data with SHA-2.
Context	Recommendation R11 (ANSSI recommendations for TLS)

Trigger	Server order is preferred.
Context	Recommendation R13 (ANSSI recommendations for TLS)

Trigger	This service supports the following compression algorithms: NULL.
Context	Recommendation R19 (ANSSI recommendations for TLS)

Trigger	The certificate is signed with SHA-2
Context	Recommendation R24 (ANSSI recommendations for TLS)

Trigger	The expiration date of this certificate is 2023-04-23 07:19:51 UTC.
Context	Recommendation R25 (ANSSI recommendations for TLS)

Trigger	The certificate's RSA key has a length of 2048 bits and an exponent of 65537.
Context	Recommendation R26 (ANSSI recommendations for TLS)

Trigger	The KeyUsage extension is marked as critical and has the following values: keyEncipherment, digitalSignature
Context	Recommendation R27 (ANSSI recommendations for TLS)

Trigger	Both CRLDP and AIA extensions are present and marked as non-critical.
Context	Recommendation R33 (ANSSI recommendations for TLS)

TLS (port 443 – HTTP)

Show scan details

Versions	TLS 1.2
Ciphers	`TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2 `TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256` TLS 1.2 `TLS_DHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2
Cipher order	Server
Compression	`NULL` TLS 1.2
Certificate key	RSA 2048-bit test this key
Hash algorithm	SHA-256
Diffie-Hellman	Group (custom, 2048-bit): 0xe27b2cd5c91f4abc877173aa6c5a968ae793003c2a16af4cdd7b30433409c3eabb6d8192a40cf75465d8db33de04ea22c8251f20d67fc699fc50306a887636d8e2142cde39f5b128da68a0d285c823759b8dd5c4bf7f09ed9af5e5b0ab03cd8ddfc8fe2434a28f7e7af188ef9ce3f89a457c335f99aa9234690c66461df17181ecb075fa51b9c8e713f8fbf68984191fd4f78f26d6aaacb37a6f82d3850359a4583bab20edf23923d8edafd54565d87d7be524ec743e0b412124c53d9b6ad26db1f8e390e0e0dc8a8c8642ebfee31e306c67dd7e39ef3ef12f9f3489834671029f59eeb2362231c392129a1c176c351f680ad6f9f79dd940d724b47dcaae9b63 Generator: 0x2
Certificate start date	2022-12-15 08:19:52 UTC
Certificate expiration date	2023-03-15 08:19:51 UTC
Certificate serial number	324232323643621526655136703012456477337743
Certificate issuer	CN=R3,O=Let's Encrypt,C=US
Certificate subject	CN=clientondersteuningplus.nl
Certificate SANs	`clientondersteuningplus.nl` `www.clientondersteuningplus.nl`

Trigger	The ExtendedKeyUsage extension is marked as non-critical and has the following values: clientAuth, serverAuth.
Context	Recommendation R28 (ANSSI recommendations for TLS)

Trigger	The server can encrypt bulk data with a mechanism that is not GCM or CCM.
Context	Recommendation R10 (ANSSI recommendations for TLS)

Trigger	The server can exchange keys with DHE.
Context	Recommendation R7 (ANSSI recommendations for TLS)

Trigger	TLS 1.2 supported by the server.
Context	Recommendation R3 (ANSSI recommendations for TLS)

Trigger	The server can be authenticated with: RSA.
Context	Recommendation R8 (ANSSI recommendations for TLS)

Trigger	SSL 3.0, SSL 2.0, TLS 1.0, TLS 1.1 not among the protocols offered by TLS server.
Context	Recommendation R4 (ANSSI recommendations for TLS)

Trigger	The server doesn't support any anonymous cipher suite.
Context	Recommendation R5 (ANSSI recommendations for TLS)

Trigger	The server only supports cipher suites that provide forward secrecy.
Context	Recommendation R6 (ANSSI recommendations for TLS)

Trigger	The server only encrypts bulk data with AES or ChaCha20.
Context	Recommendation R9 (ANSSI recommendations for TLS)

Trigger	The server only hashes data with SHA-2.
Context	Recommendation R11 (ANSSI recommendations for TLS)

Trigger	Server order is preferred.
Context	Recommendation R13 (ANSSI recommendations for TLS)

Trigger	This service supports the following compression algorithms: NULL.
Context	Recommendation R19 (ANSSI recommendations for TLS)

Trigger	The certificate is signed with SHA-2
Context	Recommendation R24 (ANSSI recommendations for TLS)

Trigger	The expiration date of this certificate is 2023-03-15 08:19:51 UTC.
Context	Recommendation R25 (ANSSI recommendations for TLS)

Trigger	The certificate's RSA key has a length of 2048 bits and an exponent of 65537.
Context	Recommendation R26 (ANSSI recommendations for TLS)

Trigger	The KeyUsage extension is marked as critical and has the following values: keyEncipherment, digitalSignature
Context	Recommendation R27 (ANSSI recommendations for TLS)

Trigger	Both CRLDP and AIA extensions are present and marked as non-critical.
Context	Recommendation R33 (ANSSI recommendations for TLS)

TLS (port 465 – SMTP)

Show scan details

Versions	TLS 1.2
Ciphers	`TLS_DHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2 `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2
Cipher order	Client
Compression	`NULL` TLS 1.2
Certificate key	RSA 2048-bit test this key
Hash algorithm	SHA-256
Diffie-Hellman	Group (custom, 2048-bit): 0xe27b2cd5c91f4abc877173aa6c5a968ae793003c2a16af4cdd7b30433409c3eabb6d8192a40cf75465d8db33de04ea22c8251f20d67fc699fc50306a887636d8e2142cde39f5b128da68a0d285c823759b8dd5c4bf7f09ed9af5e5b0ab03cd8ddfc8fe2434a28f7e7af188ef9ce3f89a457c335f99aa9234690c66461df17181ecb075fa51b9c8e713f8fbf68984191fd4f78f26d6aaacb37a6f82d3850359a4583bab20edf23923d8edafd54565d87d7be524ec743e0b412124c53d9b6ad26db1f8e390e0e0dc8a8c8642ebfee31e306c67dd7e39ef3ef12f9f3489834671029f59eeb2362231c392129a1c176c351f680ad6f9f79dd940d724b47dcaae9b63 Generator: 0x2
Certificate start date	2023-01-23 07:19:52 UTC
Certificate expiration date	2023-04-23 07:19:51 UTC
Certificate serial number	264366351351156481945398639105837848593324
Certificate issuer	CN=R3,O=Let's Encrypt,C=US
Certificate subject	CN=server097.yourhosting.nl
Certificate SANs	`server097.yourhosting.nl`

Trigger	The ExtendedKeyUsage extension is marked as non-critical and has the following values: clientAuth, serverAuth.
Context	Recommendation R28 (ANSSI recommendations for TLS)

Trigger	Client order is preferred.
Context	Recommendation R13 (ANSSI recommendations for TLS)

Trigger	The server can exchange keys with DHE.
Context	Recommendation R7 (ANSSI recommendations for TLS)

Trigger	TLS 1.2 supported by the server.
Context	Recommendation R3 (ANSSI recommendations for TLS)

Trigger	The server can be authenticated with: RSA.
Context	Recommendation R8 (ANSSI recommendations for TLS)

Trigger	SSL 3.0, SSL 2.0, TLS 1.0, TLS 1.1 not among the protocols offered by TLS server.
Context	Recommendation R4 (ANSSI recommendations for TLS)

Trigger	The server doesn't support any anonymous cipher suite.
Context	Recommendation R5 (ANSSI recommendations for TLS)

Trigger	The server only supports cipher suites that provide forward secrecy.
Context	Recommendation R6 (ANSSI recommendations for TLS)

Trigger	The server only encrypts bulk data with AES or ChaCha20.
Context	Recommendation R9 (ANSSI recommendations for TLS)

Trigger	The server only authenticates bulk data with GCM or CCM (not CCM-8).
Context	Recommendation R10 (ANSSI recommendations for TLS)

Trigger	The server only hashes data with SHA-2.
Context	Recommendation R11 (ANSSI recommendations for TLS)

Trigger	This service supports the following compression algorithms: NULL.
Context	Recommendation R19 (ANSSI recommendations for TLS)

Trigger	The certificate is signed with SHA-2
Context	Recommendation R24 (ANSSI recommendations for TLS)

Trigger	The expiration date of this certificate is 2023-04-23 07:19:51 UTC.
Context	Recommendation R25 (ANSSI recommendations for TLS)

Trigger	The certificate's RSA key has a length of 2048 bits and an exponent of 65537.
Context	Recommendation R26 (ANSSI recommendations for TLS)

Trigger	The KeyUsage extension is marked as critical and has the following values: keyEncipherment, digitalSignature
Context	Recommendation R27 (ANSSI recommendations for TLS)

Trigger	Both CRLDP and AIA extensions are present and marked as non-critical.
Context	Recommendation R33 (ANSSI recommendations for TLS)

TLS (port 587 – SMTP)

Show scan details

Versions	TLS 1.2
Ciphers	`TLS_DHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2 `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256` TLS 1.2 `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384` TLS 1.2
Cipher order	Client
Compression	`NULL` TLS 1.2
Certificate key	RSA 2048-bit test this key
Hash algorithm	SHA-256
Diffie-Hellman	Group (custom, 2048-bit): 0xe27b2cd5c91f4abc877173aa6c5a968ae793003c2a16af4cdd7b30433409c3eabb6d8192a40cf75465d8db33de04ea22c8251f20d67fc699fc50306a887636d8e2142cde39f5b128da68a0d285c823759b8dd5c4bf7f09ed9af5e5b0ab03cd8ddfc8fe2434a28f7e7af188ef9ce3f89a457c335f99aa9234690c66461df17181ecb075fa51b9c8e713f8fbf68984191fd4f78f26d6aaacb37a6f82d3850359a4583bab20edf23923d8edafd54565d87d7be524ec743e0b412124c53d9b6ad26db1f8e390e0e0dc8a8c8642ebfee31e306c67dd7e39ef3ef12f9f3489834671029f59eeb2362231c392129a1c176c351f680ad6f9f79dd940d724b47dcaae9b63 Generator: 0x2
Certificate start date	2023-01-23 07:19:52 UTC
Certificate expiration date	2023-04-23 07:19:51 UTC
Certificate serial number	264366351351156481945398639105837848593324
Certificate issuer	CN=R3,O=Let's Encrypt,C=US
Certificate subject	CN=server097.yourhosting.nl
Certificate SANs	`server097.yourhosting.nl`

Trigger	The ExtendedKeyUsage extension is marked as non-critical and has the following values: clientAuth, serverAuth.
Context	Recommendation R28 (ANSSI recommendations for TLS)

Trigger	Client order is preferred.
Context	Recommendation R13 (ANSSI recommendations for TLS)

Trigger	The server can exchange keys with DHE.
Context	Recommendation R7 (ANSSI recommendations for TLS)

Trigger	TLS 1.2 supported by the server.
Context	Recommendation R3 (ANSSI recommendations for TLS)

Trigger	The server can be authenticated with: RSA.
Context	Recommendation R8 (ANSSI recommendations for TLS)

Trigger	SSL 3.0, SSL 2.0, TLS 1.0, TLS 1.1 not among the protocols offered by TLS server.
Context	Recommendation R4 (ANSSI recommendations for TLS)

Trigger	The server doesn't support any anonymous cipher suite.
Context	Recommendation R5 (ANSSI recommendations for TLS)

Trigger	The server only supports cipher suites that provide forward secrecy.
Context	Recommendation R6 (ANSSI recommendations for TLS)

Trigger	The server only encrypts bulk data with AES or ChaCha20.
Context	Recommendation R9 (ANSSI recommendations for TLS)

Trigger	The server only authenticates bulk data with GCM or CCM (not CCM-8).
Context	Recommendation R10 (ANSSI recommendations for TLS)

Trigger	The server only hashes data with SHA-2.
Context	Recommendation R11 (ANSSI recommendations for TLS)

Trigger	This service supports the following compression algorithms: NULL.
Context	Recommendation R19 (ANSSI recommendations for TLS)

Trigger	The certificate is signed with SHA-2
Context	Recommendation R24 (ANSSI recommendations for TLS)

Trigger	The expiration date of this certificate is 2023-04-23 07:19:51 UTC.
Context	Recommendation R25 (ANSSI recommendations for TLS)

Trigger	The certificate's RSA key has a length of 2048 bits and an exponent of 65537.
Context	Recommendation R26 (ANSSI recommendations for TLS)

Trigger	The KeyUsage extension is marked as critical and has the following values: keyEncipherment, digitalSignature
Context	Recommendation R27 (ANSSI recommendations for TLS)

Trigger	Both CRLDP and AIA extensions are present and marked as non-critical.
Context	Recommendation R33 (ANSSI recommendations for TLS)

localhost.clientondersteuningplus.nl

IP address	127.0.0.1
Last scan	excluded

This machine is excluded.

pop.clientondersteuningplus.nl

IP address	5.157.84.75
Last scan	2023-02-07 20:35:46 UTC

No service that could be analyzed detected on this machine.

Choose a standard

Export

Machines Scanned

Crypto Services Discovered

clientondersteuningplus.nl

TLS (port 21 – FTP)

Broken cryptography

Warnings

Borderline Compliance Warnings

Passed

TLS (port 443 – HTTP)

Broken cryptography

Weak cryptography

Warnings

Borderline Compliance Warnings

Passed

TLS (port 465 – SMTP)

Broken cryptography

Weak cryptography

Warnings

Borderline Compliance Warnings

Passed

TLS (port 587 – SMTP)

Broken cryptography

Weak cryptography

Warnings

Borderline Compliance Warnings

Passed

localhost.clientondersteuningplus.nl

pop.clientondersteuningplus.nl