SSL-Tools

SSL check results of kn-tours.net

NEW You can also bulk check multiple servers.

Discover if the mail servers for kn-tours.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 28 Feb 2021 19:27:37 +0000

The mailservers of kn-tours.net can be reached through an encrypted connection.

However, we found problems that may affect the security.

Servers

Incoming Mails

These servers are responsible for incoming mails to @kn-tours.net addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.kn-tours.net
184.154.63.154
 10
supported
neptune.bagful.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
25 s

Outgoing Mails

We have received emails from these servers with @kn-tours.net sender addresses. Test mail delivery

Host TLS Version & Cipher
jupiter.bagful.net (209.205.123.174)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=neptune.bagful.net

Certificate chain
  • neptune.bagful.net
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
    • Hostname Mismatch
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • DST Root CA X3 (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha1WithRSAEncryption
Subject
Common Name (CN)
  • neptune.bagful.net
Alternative Names
  • neptune.bagful.net
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2021-02-13
Not valid after
2021-05-14
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
95:C2:28:B9:65:F6:49:01:DD:71:5E:53:5C:BC:3C:AF:FF:5F:CF:64:2C:CC:AE:7A:29:FA:B1:7B:8B:F1:5F:AE
SHA1
26:0F:4A:FF:77:B9:A1:33:C4:2E:AC:E3:69:44:76:73:B3:64:5B:F0
X509v3 extensions
subjectKeyIdentifier
  • 7B:E7:16:FC:B4:1A:7A:FF:BE:41:15:32:B4:B6:14:98:A5:72:13:0C
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
  • 79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
  • Timestamp : Feb 13 02:25:13.138 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:91:38:D3:A8:6A:56:4A:64:84:0E:DF:
  • 8D:FD:59:72:1F:D3:1B:A8:8F:3D:B5:F2:2C:DE:52:FD:
  • 2A:A5:CC:6F:01:02:21:00:89:D8:2F:23:D2:FF:07:48:
  • 84:B9:84:B5:A4:8C:04:53:2A:38:01:D9:5D:ED:6A:C0:
  • E9:AA:65:A2:34:C9:28:F5
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
  • DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
  • Timestamp : Feb 13 02:25:13.614 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:53:14:CA:F5:04:76:88:44:65:A2:8B:9E:
  • 25:E0:72:30:A1:93:AA:15:66:DE:6A:2C:90:A8:DA:79:
  • DC:E9:95:26:02:20:17:7A:EC:1D:FA:BC:0E:81:1B:E2:
  • ED:50:5B:1C:56:AA:24:0C:0C:02:60:3F:8B:E9:EA:5F:
  • E5:EB:98:D8:2B:07