SSL check results of bercohissstockholmab.se

NEW You can also bulk check multiple servers.

Discover if the mail servers for bercohissstockholmab.se can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Fri, 27 Mar 2020 01:30:30 +0000

The mailservers of bercohissstockholmab.se can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @bercohissstockholmab.se addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mailcluster.loopia.se
2a02:250:0:48::14
10
supported
*.loopia.se
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mailcluster.loopia.se
2a02:250:0:48::11
10
supported
*.loopia.se
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s
mailcluster.loopia.se
2a02:250:0:48::12
10
supported
*.loopia.se
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
8 s
mailcluster.loopia.se
2a02:250:0:48::13
10
supported
*.loopia.se
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
14 s
mailcluster.loopia.se
93.188.3.12
10
supported
*.loopia.se
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mailcluster.loopia.se
93.188.3.14
10
supported
*.loopia.se
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
8 s
mailcluster.loopia.se
93.188.3.11
10
supported
*.loopia.se
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
8 s
mailcluster.loopia.se
93.188.3.13
10
supported
*.loopia.se
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
8 s
mail2.loopia.se
93.188.3.11
20
supported
*.loopia.se
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mail2.loopia.se
93.188.3.13
20
supported
*.loopia.se
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mail2.loopia.se
93.188.3.14
20
supported
*.loopia.se
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mail2.loopia.se
93.188.3.12
20
supported
*.loopia.se
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @bercohissstockholmab.se address so far. Test mail delivery

Certificates

First seen at:

CN=*.loopia.se,O=Loopia AB,L=Vasteras Vastmanland,C=SE

Certificate chain
Subject
Country (C)
  • SE
Locality (L)
  • Vasteras Vastmanland
Organization (O)
  • Loopia AB
Common Name (CN)
  • *.loopia.se
Alternative Names
  • *.loopia.se
  • loopia.se
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • DigiCert SHA2 High Assurance Server CA
validity period
Not valid before
2019-07-15
Not valid after
2021-09-15
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
57:80:E3:22:D5:F1:B4:D7:E0:A1:B9:F8:3F:0D:A5:89:13:CC:34:E9:98:18:8B:4D:E5:BA:A4:97:66:8E:5A:E5
SHA1
2C:2F:9E:D4:F8:0C:3E:9E:DA:E3:F3:A7:56:A3:BF:5C:9E:4A:C3:50
X509v3 extensions
authorityKeyIdentifier
  • keyid:51:68:FF:90:AF:02:07:75:3C:CC:D9:65:64:62:A2:12:B8:59:72:3B
subjectKeyIdentifier
  • FD:7A:34:5C:08:08:EA:CE:46:D7:04:FE:C4:90:09:44:BC:C8:F1:A8
crlDistributionPoints
  • Full Name:
  • URI:http://crl3.digicert.com/sha2-ha-server-g6.crl
  • Full Name:
  • URI:http://crl4.digicert.com/sha2-ha-server-g6.crl
certificatePolicies
  • Policy: 2.16.840.1.114412.1.1
  • CPS: https://www.digicert.com/CPS
  • Policy: 2.23.140.1.2.2
authorityInfoAccess
  • OCSP - URI:http://ocsp.digicert.com
  • CA Issuers - URI:http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:4B:BD:B7:75:CE:60:BA:E1:42:69:1F:AB:E1:9E:66:
  • A3:0F:7E:5F:B0:72:D8:83:00:C4:7B:89:7A:A8:FD:CB
  • Timestamp : Jul 15 15:09:13.460 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:A9:75:40:BA:25:6A:51:CB:9F:8B:69:
  • C1:8D:9B:91:EC:3C:E9:26:BD:02:3C:F9:53:E9:B3:61:
  • F1:09:79:E8:CA:02:20:7E:5B:D0:3B:10:A4:82:78:0A:
  • D5:28:89:84:60:E0:79:C9:01:E1:24:87:98:26:E2:5D:
  • D4:9F:4F:BF:C3:01:BD
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 87:75:BF:E7:59:7C:F8:8C:43:99:5F:BD:F3:6E:FF:56:
  • 8D:47:56:36:FF:4A:B5:60:C1:B4:EA:FF:5E:A0:83:0F
  • Timestamp : Jul 15 15:09:13.530 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:29:B6:EE:E7:E8:74:39:52:A4:47:AC:CC:
  • CE:68:3F:3C:96:BF:20:70:C2:44:56:9D:2C:4B:C6:05:
  • A8:44:38:84:02:21:00:C7:91:00:69:FD:F3:59:5B:C7:
  • 22:C1:E0:37:01:D7:1D:BC:55:0D:60:7C:63:B8:FC:79:
  • 97:86:A5:39:78:BD:83
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
  • DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
  • Timestamp : Jul 15 15:09:13.283 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:74:09:3D:AE:2E:07:28:BF:30:C7:9A:3B:
  • 0F:C9:7C:4C:FB:FC:9D:1D:D4:DE:DB:C9:29:48:2A:6B:
  • CB:81:94:97:02:20:39:82:BB:B2:F6:9A:DA:EA:F9:61:
  • C8:66:57:7B:4C:76:54:AF:08:CC:81:7F:53:DC:3D:A2:
  • 5D:D1:7D:CA:05:C7

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mailcluster.loopia.se
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mail2.loopia.se
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid