capital-freight.com - TLS / STARTTLS Test

Discover if the mail servers for capital-freight.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 29 Nov 2021 10:11:53 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Valid

The mailservers of capital-freight.com can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @capital-freight.com addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
gatekeeper.space.net 2001:608:2:84::130	100	supported	*.space.net	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2021-11-29 12 s
gatekeeper.space.net 2001:608:3:84::2	100	supported	*.space.net	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2021-11-29 12 s
gatekeeper.space.net 2001:608:3:84::16	100	supported	*.space.net	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2021-11-29 12 s
gatekeeper.space.net 194.97.132.2	100	supported	*.space.net	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2021-11-29 12 s
gatekeeper.space.net 194.97.132.16	100	supported	*.space.net	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2021-11-29 12 s
gatekeeper.space.net 195.30.114.130	100	supported	*.space.net	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2021-11-29 15 s
gatekeeper.spacenet.de 2001:608:2:84::135	100	supported	*.spacenet.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2021-11-29 12 s
gatekeeper.spacenet.de 2001:608:3:84::15	100	supported	*.spacenet.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2021-11-29 12 s
gatekeeper.spacenet.de 2001:608:3:84::6	100	supported	*.spacenet.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2021-11-29 12 s
gatekeeper.spacenet.de 194.97.132.6	100	supported	*.spacenet.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2021-11-29 12 s
gatekeeper.spacenet.de 195.30.114.135	100	supported	*.spacenet.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2021-11-29 13 s
gatekeeper.spacenet.de 194.97.132.15	100	supported	*.spacenet.de	DANE valid PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 ~~SSLv3~~	2021-11-29 14 s

Outgoing Mails

We have not received any emails from a @capital-freight.com address so far. Test mail delivery

Certificates

First seen at: 2020-05-25

CN=*.space.net

Certificate chain

*.space.net
- 2022-05-16 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

*.space.net

Alternative Names

*.space.net
space.net

Issuer

Country (C)

Organization (O)

DigiCert Inc

Organizational Unit (OU)

www.digicert.com

Common Name (CN)

RapidSSL TLS RSA CA G1

validity period

Not valid before: 2020-03-17
Not valid after: 2022-05-16

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: FE:99:31:36:10:45:19:1C:EB:07:8A:10:41:FD:C2:93:DB:A3:F0:86:5D:87:32:C4:E6:B1:E9:61:58:DF:11:74
SHA1: CC:71:95:93:36:78:6F:AB:CA:EF:89:81:B2:AE:F5:6A:A1:67:8F:D6

X509v3 extensions

authorityKeyIdentifier

keyid:0C:DB:6C:82:49:0F:4A:67:0A:B8:14:EE:7A:C4:48:52:88:EB:56:38

subjectKeyIdentifier

92:2E:16:51:C5:E8:89:84:80:33:91:01:B0:64:15:A9:9F:79:E2:EF

crlDistributionPoints

Full Name:
URI:http://cdp.rapidssl.com/RapidSSLTLSRSACAG1.crl

certificatePolicies

Policy: 2.16.840.1.114412.1.2
CPS: https://www.digicert.com/CPS
Policy: 2.23.140.1.2.1

authorityInfoAccess

OCSP - URI:http://status.rapidssl.com
CA Issuers - URI:http://cacerts.rapidssl.com/RapidSSLTLSRSACAG1.crt

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : BB:D9:DF:BC:1F:8A:71:B5:93:94:23:97:AA:92:7B:47:
38:57:95:0A:AB:52:E8:1A:90:96:64:36:8E:1E:D1:85
Timestamp : Mar 17 13:19:11.033 2020 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:D2:2E:8B:E8:EB:FD:FF:CE:2D:8F:64:
09:05:E7:04:CF:5F:08:1F:BE:B2:D1:06:A5:B7:27:99:
3F:C5:86:15:63:02:21:00:B5:9E:5F:64:EC:9F:9D:78:
58:AF:53:14:89:9A:05:3D:44:27:F7:15:4A:54:E4:FB:
48:DA:E8:11:46:96:3C:02
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 22:45:45:07:59:55:24:56:96:3F:A1:2F:F1:F7:6D:86:
E0:23:26:63:AD:C0:4B:7F:5D:C6:83:5C:6E:E2:0F:02
Timestamp : Mar 17 13:19:11.086 2020 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:A1:E0:57:0C:E4:03:A9:E6:C1:82:69:
CF:28:CA:D7:C6:0A:8E:83:E1:FD:DA:1C:A8:A6:B0:B3:
2C:8E:DC:E8:0F:02:21:00:BC:F5:AF:4C:A1:06:4E:6D:
3F:59:E4:8E:A5:DD:F3:31:17:4D:F9:26:27:1E:47:19:
91:47:73:52:65:21:57:8D
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 51:A3:B0:F5:FD:01:79:9C:56:6D:B8:37:78:8F:0C:A4:
7A:CC:1B:27:CB:F7:9E:88:42:9A:0D:FE:D4:8B:05:E5
Timestamp : Mar 17 13:19:11.117 2020 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:EB:78:34:95:99:08:84:74:37:FA:3A:
CE:B1:85:3B:E2:52:67:DF:56:F3:47:7C:26:81:17:08:
1C:97:88:A4:07:02:20:0A:4B:97:8B:46:DE:98:3E:E8:
4D:41:F1:46:51:8F:D8:EF:87:0C:0F:CE:A4:90:F0:50:
CE:76:E7:D6:8A:3F:AF

First seen at: 2020-12-17

CN=*.spacenet.de

Certificate chain

*.spacenet.de
- 2021-12-18 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Common Name (CN)

*.spacenet.de

Alternative Names

*.spacenet.de
spacenet.de

Issuer

Country (C)

Organization (O)

DigiCert Inc

Common Name (CN)

RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1

validity period

Not valid before: 2020-12-01
Not valid after: 2021-12-18

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: E2:47:74:FA:61:D2:65:E3:03:A4:FB:0E:20:41:3A:FD:F2:5B:76:F0:98:3A:47:58:15:22:19:A2:DA:5E:6B:12
SHA1: 2A:AB:D0:E1:9D:A3:F1:A5:77:89:F6:90:CF:20:6A:EC:26:12:4E:3C

X509v3 extensions

authorityKeyIdentifier

keyid:A4:8D:E5:BE:7C:79:E4:70:23:6D:2E:29:34:AD:23:58:DC:F5:31:7F

subjectKeyIdentifier

76:D6:25:12:EF:20:D7:C5:BA:30:97:44:35:FC:83:3F:AC:ED:C1:49

certificatePolicies

Policy: 2.16.840.1.114412.1.2
CPS: https://www.digicert.com/CPS
Policy: 2.23.140.1.2.1

authorityInfoAccess

OCSP - URI:http://ocsp.digicert.com
CA Issuers - URI:http://cacerts.digicert.com/RapidSSLTLSDVRSAMixedSHA2562020CA-1.crt

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
Timestamp : Dec 1 08:51:48.973 2020 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:B6:49:C2:4F:1F:01:AD:E7:00:DF:85:
E8:89:B3:E1:AA:56:D7:4B:77:BA:C3:4C:8C:6A:9D:E3:
80:1A:37:73:06:02:21:00:9F:93:1A:76:32:EB:A4:BE:
BC:C2:2E:2F:0F:53:18:CB:E9:A0:66:A3:72:A5:CD:CC:
94:3A:67:30:C4:FB:C5:5C
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
Timestamp : Dec 1 08:51:49.099 2020 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:DC:FA:FF:94:D5:CD:3B:AF:59:01:06:
2E:90:30:65:33:86:F1:21:2D:C7:A0:87:1F:4B:3F:55:
76:4C:8E:9F:98:02:21:00:C5:76:03:53:2F:C1:96:A2:
DB:0B:CF:E6:9D:C0:C4:60:26:E9:E6:62:D0:E1:11:A5:
C3:D3:77:37:E8:AD:CF:38

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name	Options	DNSSEC	Matches
_25._tcp.gatekeeper.space.net	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid
_25._tcp.gatekeeper.spacenet.de	DANE-EE: Domain Issued Certificate Use subject public key SHA-256 Hash	valid	valid

SSL check results of capital-freight.com

Summary

The mailservers of capital-freight.com can be reached through a secure connection.

Servers

Incoming Mails

Outgoing Mails

Certificates

CN=*.space.net

CN=*.spacenet.de

DANE