SSL-Tools

SSL check results of cheazey.net

NEW You can also bulk check multiple servers.

Discover if the mail servers for cheazey.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 22 Sep 2022 11:30:49 +0000

The mailservers of cheazey.net can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @cheazey.net addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.cheazey.net
2600:4c00:200:1b5::3
 10
supported
*.cheazey.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
6 s
mail.cheazey.net
170.249.210.163
 10
supported
*.cheazey.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
6 s

Outgoing Mails

We have received emails from these servers with @cheazey.net sender addresses. Test mail delivery

Host TLS Version & Cipher
unknown (IPv6:2600:4c00:200:1b5::5)
TLSv1.3 TLS_AES_256_GCM_SHA384

Certificates

First seen at:

CN=*.cheazey.net

Certificate chain
Subject
Common Name (CN)
  • *.cheazey.net
Alternative Names
  • *.cheazey.net
  • cheazey.net
Issuer
Country (C)
  • BE
Organization (O)
  • GlobalSign nv-sa
Common Name (CN)
  • AlphaSSL CA - SHA256 - G2
validity period
Not valid before
2022-09-22
Not valid after
2023-10-24
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
FA:A4:F2:95:AD:79:10:2E:93:A9:41:6A:9F:D9:E1:C8:35:97:BD:3B:55:4E:62:2E:AC:EB:3F:6D:F8:2B:6E:92
SHA1
09:ED:65:10:A5:4B:4B:BB:10:EA:06:68:A9:C6:67:B9:36:0A:F0:CC
X509v3 extensions
authorityInfoAccess
  • CA Issuers - URI:http://secure.globalsign.com/cacert/gsalphasha2g2r1.crt
  • OCSP - URI:http://ocsp2.globalsign.com/gsalphasha2g2
certificatePolicies
  • Policy: 1.3.6.1.4.1.4146.1.10.10
  • CPS: https://www.globalsign.com/repository/
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://crl.globalsign.com/gs/gsalphasha2g2.crl
authorityKeyIdentifier
  • keyid:F5:CD:D5:3C:08:50:F9:6A:4F:3A:B7:97:DA:56:83:E6:69:D2:68:F7
subjectKeyIdentifier
  • 5D:1F:50:31:5B:F4:6C:AD:14:63:F8:36:F0:8B:C8:8C:F9:AE:93:D4
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E8:3E:D0:DA:3E:F5:06:35:32:E7:57:28:BC:89:6B:C9:
  • 03:D3:CB:D1:11:6B:EC:EB:69:E1:77:7D:6D:06:BD:6E
  • Timestamp : Sep 22 10:49:56.987 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:E5:BD:E9:A3:3A:6B:09:9B:FC:D8:FA:
  • 12:29:2F:4A:96:11:E1:10:01:E6:6B:97:F4:0E:40:3B:
  • 45:3A:9F:8C:1D:02:20:77:A3:F3:BD:6D:32:C6:D2:A3:
  • 09:7D:BC:0A:BA:AE:6F:36:9B:69:C1:99:D6:D2:81:51:
  • 0F:D7:0B:F8:CC:5A:AD
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
  • 15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
  • Timestamp : Sep 22 10:49:56.479 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:B9:BE:E3:B1:7F:0E:0D:E6:CF:61:6E:
  • EB:8D:63:7B:88:CB:6B:70:2D:3B:A8:CC:DA:10:81:6E:
  • 0C:13:68:D7:34:02:21:00:CC:50:49:22:82:23:73:2E:
  • 1C:42:C1:2B:CB:BB:FF:55:6E:F2:73:3A:22:97:56:62:
  • 79:89:70:99:21:F9:7A:30
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : B3:73:77:07:E1:84:50:F8:63:86:D6:05:A9:DC:11:09:
  • 4A:79:2D:B1:67:0C:0B:87:DC:F0:03:0E:79:36:A5:9A
  • Timestamp : Sep 22 10:49:57.025 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:BF:7B:D9:8A:93:AE:2A:AD:0C:51:11:
  • AB:DB:ED:60:52:FE:98:62:39:6A:46:44:41:45:DC:43:
  • 84:C9:2C:CF:D5:02:21:00:C0:21:E4:F4:F7:4C:08:B8:
  • E2:3C:62:AC:B7:53:62:A0:1E:30:7A:D5:E3:22:1C:59:
  • 97:25:56:54:4C:EA:19:F0

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.cheazey.net
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid