SSL-Tools

SSL check results of cheazey.net

NEW You can also bulk check multiple servers.

Discover if the mail servers for cheazey.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 25 Nov 2024 09:38:24 +0000

The mailservers of cheazey.net can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @cheazey.net addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.cheazey.net
2600:4c00:200:1b5::3
 10
supported
*.cheazey.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
5 s
mail.cheazey.net
170.249.210.163
 10
supported
*.cheazey.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
5 s

Outgoing Mails

We have received emails from these servers with @cheazey.net sender addresses. Test mail delivery

Host TLS Version & Cipher
unknown (IPv6:2600:4c00:200:1b5::5)
TLSv1.3 TLS_AES_256_GCM_SHA384

Certificates

First seen at:

CN=*.cheazey.net

Certificate chain
Subject
Common Name (CN)
  • *.cheazey.net
Alternative Names
  • *.cheazey.net
  • cheazey.net
Issuer
Country (C)
  • BE
Organization (O)
  • GlobalSign nv-sa
Common Name (CN)
  • GlobalSign GCC R6 AlphaSSL CA 2023
validity period
Not valid before
2024-11-24
Not valid after
2025-12-26
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
52:A7:2A:D5:BF:9A:17:FD:BA:18:80:6F:37:7B:5F:9D:66:FE:40:F7:42:5C:1E:6D:AD:E7:EC:04:33:87:4A:7C
SHA1
72:20:DE:0C:D9:0E:02:37:22:D4:FC:12:5E:C3:C5:E5:55:88:FA:92
X509v3 extensions
authorityInfoAccess
  • CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr6alphasslca2023.crt
  • OCSP - URI:http://ocsp.globalsign.com/gsgccr6alphasslca2023
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.4146.10.1.3
  • CPS: https://www.globalsign.com/repository/
crlDistributionPoints
  • Full Name:
  • URI:http://crl.globalsign.com/gsgccr6alphasslca2023.crl
authorityKeyIdentifier
  • keyid:BD:05:B7:F3:8A:93:3C:73:CB:79:FA:0F:85:12:A1:77:96:18:91:74
subjectKeyIdentifier
  • 81:1C:7F:70:D6:91:79:2F:8C:58:38:7C:E3:23:8A:55:95:7E:F5:5E
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
  • F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
  • Timestamp : Nov 24 23:17:03.329 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:6C:44:45:F5:83:FF:25:F8:11:83:57:9E:
  • C1:AF:33:78:C9:DE:90:95:2B:B8:2C:E4:6D:5F:9D:CD:
  • 2A:48:D5:FB:02:21:00:9D:B8:41:8D:92:5D:2A:CE:B5:
  • FD:46:8D:B4:84:67:37:CF:11:B8:89:4A:C0:6B:6F:EC:
  • C0:59:1F:11:E1:D7:4E
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
  • 47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
  • Timestamp : Nov 24 23:17:03.057 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:55:D0:50:E9:E9:87:59:A8:61:B2:AA:10:
  • F4:1C:72:EE:FD:EC:CE:EF:10:FA:69:75:8A:58:7D:E2:
  • A9:25:49:69:02:20:7B:D4:68:A7:98:BA:39:A2:3C:48:
  • 54:91:9B:2B:09:21:63:73:EE:87:90:CE:4B:E1:46:AE:
  • F7:E0:B3:75:19:CE
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
  • D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
  • Timestamp : Nov 24 23:17:03.064 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:28:67:50:55:67:AB:30:B2:EC:0B:F1:4C:
  • 73:55:55:6D:E2:FE:47:CD:D3:7F:13:DF:30:5F:1A:D0:
  • 9E:71:A3:00:02:20:15:F4:8A:9F:20:62:AE:9B:90:05:
  • 77:CB:7B:76:26:0F:C0:71:71:29:8B:1F:E8:FA:A2:E0:
  • C1:97:33:9F:0E:19

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.cheazey.net
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid