SSL-Tools

SSL check results of blogrebellen.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for blogrebellen.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 30 Jun 2020 11:02:12 +0000

The mailservers of blogrebellen.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @blogrebellen.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.knobelbecher.net
2a01:440:1:1f:82:149:225:152
 50
supported
*.knobelbecher.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
4 s
mail.knobelbecher.net
82.149.225.152
 50
supported
*.knobelbecher.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s

Outgoing Mails

We have not received any emails from a @blogrebellen.de address so far. Test mail delivery

Certificates

First seen at:

CN=*.knobelbecher.net,OU=Domain Control Validated

Certificate chain
Subject
Organizational Unit (OU)
  • Domain Control Validated
Common Name (CN)
  • *.knobelbecher.net
Alternative Names
  • *.knobelbecher.net
  • knobelbecher.net
Issuer
Country (C)
  • BE
Organization (O)
  • GlobalSign nv-sa
Common Name (CN)
  • AlphaSSL CA - SHA256 - G2
validity period
Not valid before
2020-02-24
Not valid after
2022-04-06
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
9F:64:5D:C7:64:E1:43:39:70:2B:61:1E:BC:46:56:AE:D1:41:EE:3B:9C:55:FB:B8:D3:10:58:56:13:81:BF:B3
SHA1
86:DA:01:AE:96:F8:27:38:1E:B8:90:91:9F:02:F9:17:87:87:29:41
X509v3 extensions
authorityInfoAccess
  • CA Issuers - URI:http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt
  • OCSP - URI:http://ocsp2.globalsign.com/gsalphasha2g2
certificatePolicies
  • Policy: 1.3.6.1.4.1.4146.1.10.10
  • CPS: https://www.globalsign.com/repository/
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://crl2.alphassl.com/gs/gsalphasha2g2.crl
authorityKeyIdentifier
  • keyid:F5:CD:D5:3C:08:50:F9:6A:4F:3A:B7:97:DA:56:83:E6:69:D2:68:F7
subjectKeyIdentifier
  • 49:27:FE:60:D2:22:09:33:43:DE:7B:B5:14:C0:71:DD:C6:B9:69:F7
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : BB:D9:DF:BC:1F:8A:71:B5:93:94:23:97:AA:92:7B:47:
  • 38:57:95:0A:AB:52:E8:1A:90:96:64:36:8E:1E:D1:85
  • Timestamp : Feb 24 16:58:50.392 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:0D:73:46:97:0A:F3:E1:76:58:C0:EC:2B:
  • 4C:2E:7A:60:BA:BB:ED:57:8C:72:B7:D6:99:41:F8:07:
  • 4A:2A:2D:B8:02:21:00:C8:B3:85:FE:23:C5:2B:B1:50:
  • 8B:31:34:23:2E:38:B9:F4:FB:00:0E:C9:80:FF:F9:69:
  • 08:C4:C8:8A:55:33:EA
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
  • 15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
  • Timestamp : Feb 24 16:58:49.562 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:DF:E8:B3:85:D3:DD:A7:81:69:DA:08:
  • BF:17:36:90:F4:76:2A:65:6B:1F:EA:5B:90:0E:89:68:
  • 70:A8:55:15:55:02:20:64:6F:B7:E4:06:0D:FE:EB:FA:
  • 9E:E7:24:28:E8:16:11:1F:88:7E:C3:62:DE:43:17:02:
  • BA:6C:11:15:EE:8F:A4
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 22:45:45:07:59:55:24:56:96:3F:A1:2F:F1:F7:6D:86:
  • E0:23:26:63:AD:C0:4B:7F:5D:C6:83:5C:6E:E2:0F:02
  • Timestamp : Feb 24 16:58:49.513 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:1B:3C:0E:B4:E8:D7:15:E5:E3:7A:7F:76:
  • 34:AC:39:83:6F:A4:38:87:81:1D:FF:D6:75:92:0D:95:
  • 93:B8:52:96:02:21:00:A8:D4:02:33:7F:6C:B9:F0:E3:
  • 63:59:96:8E:B6:85:2C:89:D5:8C:1C:19:2D:B6:49:C0:
  • 3F:4D:D0:53:6D:3F:AA

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.knobelbecher.net
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid