SSL check results of backprod.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for backprod.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Sun, 20 Jun 2021 07:31:48 +0000

The mailservers of backprod.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @backprod.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.backprod.de
2a02:c207:3005:2814::1
10
supported
*.backprod.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
5 s
mail.backprod.de
173.249.63.202
10
supported
*.backprod.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
3 s

Outgoing Mails

We have not received any emails from a @backprod.de address so far. Test mail delivery

Certificates

First seen at:

CN=*.backprod.de

Certificate chain
  • *.backprod.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption

      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption

          • DST Root CA X3 (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha1WithRSAEncryption

Subject
Common Name (CN)
  • *.backprod.de
Alternative Names
  • *.backprod.de
  • backprod.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2021-05-01
Not valid after
2021-07-30
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
E8:65:54:A8:33:F8:D5:01:56:E4:1D:20:10:30:55:33:D6:68:FB:FB:E0:E1:97:0D:CD:F1:4E:B6:77:31:9C:9F
SHA1
90:C5:9D:9E:D5:AD:19:B8:B1:51:28:81:62:58:DF:95:53:E5:21:76
X509v3 extensions
subjectKeyIdentifier
  • 40:45:06:F7:58:CA:3A:F6:70:DF:D8:53:9B:68:E5:FC:B1:6A:C5:E6
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
  • 37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
  • Timestamp : May 1 01:05:46.645 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:7C:6B:AD:36:C7:7F:3E:C3:4F:6E:17:5C:
  • 92:E4:CC:8F:9A:D5:16:BB:5F:51:18:3B:15:D8:21:86:
  • AE:08:8D:C3:02:21:00:AA:04:92:CD:D0:A9:72:C7:F1:
  • 69:8E:C9:27:F4:37:04:46:CF:B0:45:AD:01:0C:A4:C9:
  • CF:66:7A:71:A2:79:AE
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
  • 79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
  • Timestamp : May 1 01:05:46.772 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:66:A3:45:51:8A:66:69:91:4A:18:71:3E:
  • 3E:27:BF:32:39:19:81:6D:8E:50:83:F9:E1:D4:E2:5D:
  • 56:1B:80:D4:02:21:00:A7:2C:75:CE:9A:02:B9:B4:41:
  • 1C:06:8E:0E:92:18:48:C2:1F:C3:1A:3F:72:2B:58:55:
  • D1:A6:11:09:16:0C:55

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.backprod.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-512 Hash
valid
valid