SSL check results of bitpesa.co

NEW You can also bulk check multiple servers.

Discover if the mail servers for bitpesa.co can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Wed, 14 Aug 2019 00:54:23 +0000

The mailservers of bitpesa.co can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @bitpesa.co addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
aspmx.l.google.com
2a00:1450:400c:c0c::1a
1
supported
mx.google.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s
aspmx.l.google.com
74.125.140.27
1
supported
mx.google.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s
alt1.aspmx.l.google.com
2a00:1450:4010:c0f::1b
5
supported
mx.google.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
alt1.aspmx.l.google.com
108.177.14.27
5
supported
mx.google.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
alt2.aspmx.l.google.com
2404:6800:4003:c04::1b
5
supported
mx.google.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
16 s
alt2.aspmx.l.google.com
172.217.194.27
5
supported
mx.google.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
17 s
aspmx2.googlemail.com
2a00:1450:4010:c0f::1a
10
supported
mx.google.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
aspmx2.googlemail.com
108.177.14.27
10
supported
mx.google.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
aspmx3.googlemail.com
2404:6800:4003:c04::1a
10
supported
mx.google.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
17 s
aspmx3.googlemail.com
172.217.194.27
10
supported
mx.google.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
16 s

Outgoing Mails

We have not received any emails from a @bitpesa.co address so far. Test mail delivery

Certificates

First seen at:

CN=mx.google.com,O=Google LLC,L=Mountain View,ST=California,C=US

Certificate chain
Subject
Country (C)
  • US
State (ST)
  • California
Locality (L)
  • Mountain View
Organization (O)
  • Google LLC
Common Name (CN)
  • mx.google.com
Alternative Names
  • mx.google.com
  • alt1.aspmx.l.google.com
  • alt1.gmail-smtp-in.l.google.com
  • alt1.gmr-smtp-in.l.google.com
  • alt2.aspmx.l.google.com
  • alt2.gmail-smtp-in.l.google.com
  • alt2.gmr-smtp-in.l.google.com
  • alt3.aspmx.l.google.com
  • alt3.gmail-smtp-in.l.google.com
  • alt3.gmr-smtp-in.l.google.com
  • alt4.aspmx.l.google.com
  • alt4.gmail-smtp-in.l.google.com
  • alt4.gmr-smtp-in.l.google.com
  • aspmx.l.google.com
  • aspmx2.googlemail.com
  • aspmx3.googlemail.com
  • aspmx4.googlemail.com
  • aspmx5.googlemail.com
  • gmail-smtp-in.l.google.com
  • gmr-mx.google.com
  • gmr-smtp-in.l.google.com
  • mx1.smtp.goog
  • mx2.smtp.goog
  • mx3.smtp.goog
  • mx4.smtp.goog
Issuer
Country (C)
  • US
Organization (O)
  • Google Trust Services
Common Name (CN)
  • Google Internet Authority G3
validity period
Not valid before
2019-07-29
Not valid after
2019-10-21
This certifcate has been verified for the following usages:
  • TLS Web Server Authentication
Fingerprints
SHA256
0E:DC:78:68:4A:F2:26:B0:31:37:D2:85:59:CA:4B:D0:32:C4:A8:04:DA:92:E2:DC:0E:F8:D1:60:45:D5:66:2A
SHA1
A1:3B:9A:E1:37:48:15:D7:DF:46:4A:9C:F7:02:9F:8B:66:18:AE:1F
X509v3 extensions
authorityInfoAccess
  • CA Issuers - URI:http://pki.goog/gsr2/GTSGIAG3.crt
  • OCSP - URI:http://ocsp.pki.goog/GTSGIAG3
subjectKeyIdentifier
  • 01:6F:2F:4F:E7:49:AB:28:CF:C2:FF:D6:DD:53:AF:0A:88:42:A2:52
authorityKeyIdentifier
  • keyid:77:C2:B8:50:9A:67:76:76:B1:2D:C2:86:D0:83:A0:7E:A6:7E:BA:4B
certificatePolicies
  • Policy: 1.3.6.1.4.1.11129.2.5.3
  • Policy: 2.23.140.1.2.2
crlDistributionPoints
  • Full Name:
  • URI:http://crl.pki.goog/GTSGIAG3.crl
First seen at:

CN=mx.google.com,O=Google LLC,L=Mountain View,ST=California,C=US

Certificate chain
  • mx.google.com
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption

      • GTS CA 1O1
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption

          • GlobalSign (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha1WithRSAEncryption

Subject
Country (C)
  • US
State (ST)
  • California
Locality (L)
  • Mountain View
Organization (O)
  • Google LLC
Common Name (CN)
  • mx.google.com
Alternative Names
  • mx.google.com
  • alt1.aspmx.l.google.com
  • alt1.gmail-smtp-in.l.google.com
  • alt1.gmr-smtp-in.l.google.com
  • alt2.aspmx.l.google.com
  • alt2.gmail-smtp-in.l.google.com
  • alt2.gmr-smtp-in.l.google.com
  • alt3.aspmx.l.google.com
  • alt3.gmail-smtp-in.l.google.com
  • alt3.gmr-smtp-in.l.google.com
  • alt4.aspmx.l.google.com
  • alt4.gmail-smtp-in.l.google.com
  • alt4.gmr-smtp-in.l.google.com
  • aspmx.l.google.com
  • aspmx2.googlemail.com
  • aspmx3.googlemail.com
  • aspmx4.googlemail.com
  • aspmx5.googlemail.com
  • gmail-smtp-in.l.google.com
  • gmr-mx.google.com
  • gmr-smtp-in.l.google.com
  • mx1.smtp.goog
  • mx2.smtp.goog
  • mx3.smtp.goog
  • mx4.smtp.goog
Issuer
Country (C)
  • US
Organization (O)
  • Google Trust Services
Common Name (CN)
  • GTS CA 1O1
validity period
Not valid before
2019-07-29
Not valid after
2019-10-27
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
Fingerprints
SHA256
7E:E8:B1:04:88:40:6C:0E:BA:1C:FA:34:70:52:67:3B:1E:A6:19:9E:C3:2D:C9:12:8C:80:22:41:3B:83:76:B1
SHA1
6E:E1:4D:C1:DB:0E:0E:14:CB:C2:21:3D:3F:CD:F6:C5:A3:D0:62:0F
X509v3 extensions
subjectKeyIdentifier
  • 99:82:B6:46:74:3F:7C:3F:39:09:90:8F:D9:EC:AB:A2:53:07:A4:4B
authorityKeyIdentifier
  • keyid:98:D1:F8:6E:10:EB:CF:9B:EC:60:9F:18:90:1B:A0:EB:7D:09:FD:2B
authorityInfoAccess
  • OCSP - URI:http://ocsp.pki.goog/gts1o1
  • CA Issuers - URI:http://pki.goog/gsr2/GTS1O1.crt
certificatePolicies
  • Policy: 2.23.140.1.2.2
  • Policy: 1.3.6.1.4.1.11129.2.5.3
crlDistributionPoints
  • Full Name:
  • URI:http://crl.pki.goog/GTS1O1.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 63:F2:DB:CD:E8:3B:CC:2C:CF:0B:72:84:27:57:6B:33:
  • A4:8D:61:77:8F:BD:75:A6:38:B1:C7:68:54:4B:D8:8D
  • Timestamp : Jul 29 18:32:48.452 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:5C:71:78:1B:E4:B5:D7:EE:22:A2:4E:60:
  • 3A:50:38:29:69:CF:49:68:07:54:D4:E4:99:79:E3:36:
  • DF:70:B4:F1:02:20:09:FA:62:5D:E5:40:EF:AD:47:1B:
  • 75:B1:52:FE:9B:7B:5E:4C:F6:B4:AB:22:E4:6D:B7:EA:
  • F9:7A:39:91:CF:57
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 74:7E:DA:83:31:AD:33:10:91:21:9C:CE:25:4F:42:70:
  • C2:BF:FD:5E:42:20:08:C6:37:35:79:E6:10:7B:CC:56
  • Timestamp : Jul 29 18:32:48.410 2019 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:DB:5A:96:F5:9D:4D:A1:DB:6D:2B:1F:
  • 10:C1:75:72:76:5B:2F:93:17:E2:77:73:6F:BF:1D:03:
  • EE:12:06:0E:CC:02:21:00:FE:CA:4C:A1:73:70:72:CC:
  • 0E:33:92:E5:7F:6F:7C:BC:2E:E4:B4:30:4A:1B:E3:E0:
  • 80:06:89:03:67:31:19:75