krewer-gmbh.de - TLS / STARTTLS Test

Discover if the mail servers for krewer-gmbh.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 14 Nov 2023 00:02:53 +0000

Certificates

Trustworthy
Protocol

Not checked
DANE

Missing

No connection to the mailservers of krewer-gmbh.de could be established.

Servers

Incoming Mails

These servers are responsible for incoming mails to @krewer-gmbh.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
krewergmbh-de01e.mail.protection.outlook.com 52.101.73.26 Results incomplete	10	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2023-11-14 2 s
krewergmbh-de01e.mail.protection.outlook.com 52.101.73.11 Results incomplete	10	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2023-11-14 1 s
krewergmbh-de01e.mail.protection.outlook.com 52.101.68.5 Results incomplete	10	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2023-11-14 1 s
krewergmbh-de01e.mail.protection.outlook.com 52.101.73.2 Results incomplete	10	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2023-11-14 1 s
krewergmbh-de01e.mail.protection.outlook.com 52.101.68.36 Results incomplete	10	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2023-11-14 2 s
krewergmbh-de01e.mail.protection.outlook.com 52.101.73.4 Results incomplete	10	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2023-11-14 1 s
krewergmbh-de01e.mail.protection.outlook.com 52.101.73.24 Results incomplete	10	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2023-11-14 1 s
relay.rzone.de 81.169.145.96 Results incomplete	200	supported	relay.rzone.de	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2023-11-13 1 s

Outgoing Mails

We have not received any emails from a @krewer-gmbh.de address so far. Test mail delivery

Certificates

First seen at: 2023-03-17

CN=relay.rzone.de,O=Strato AG,L=Berlin,ST=Berlin,C=DE

Certificate chain

relay.rzone.de
- 2024-04-12 remaining
- 4096 bit
- sha256WithRSAEncryption

Subject

Country (C)

State (ST)

Berlin

Locality (L)

Berlin

Organization (O)

Strato AG

Common Name (CN)

relay.rzone.de

Alternative Names

relay.rzone.de

Issuer

Country (C)

Organization (O)

DigiCert Inc

Organizational Unit (OU)

www.digicert.com

Common Name (CN)

GeoTrust TLS RSA CA G1

validity period

Not valid before: 2023-03-13
Not valid after: 2024-04-12

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: 70:59:BE:E1:1C:1D:20:78:21:45:8D:6A:06:FF:D4:A3:B9:69:96:DF:21:5B:46:67:F8:20:0B:07:5E:49:FA:B2
SHA1: 5A:4C:E6:F0:AE:B5:89:76:C5:82:60:7D:16:B8:A2:BC:F0:A7:CF:BD

X509v3 extensions

authorityKeyIdentifier

keyid:94:4F:D4:5D:8B:E4:A4:E2:A6:80:FE:FD:D8:F9:00:EF:A3:BE:02:57

subjectKeyIdentifier

5C:E1:6B:B3:9F:E2:66:5D:11:7B:96:C2:E8:73:5E:EE:DE:DB:46:C8

crlDistributionPoints

Full Name:
URI:http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl

certificatePolicies

Policy: 2.23.140.1.2.2
CPS: http://www.digicert.com/CPS

authorityInfoAccess

OCSP - URI:http://status.geotrust.com
CA Issuers - URI:http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
Timestamp : Mar 13 16:55:27.753 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:E3:AB:3F:F6:AF:C2:AC:9F:47:3F:19:
DE:C0:0C:AC:28:FB:E4:0F:6A:3F:37:49:B6:B1:EA:71:
72:3B:E9:A8:90:02:20:59:70:F1:FF:C4:BA:D6:ED:B6:
7B:DE:86:3A:A3:7E:91:94:47:3D:11:C8:56:75:D5:B9:
E5:EC:77:20:AF:CB:02
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 73:D9:9E:89:1B:4C:96:78:A0:20:7D:47:9D:E6:B2:C6:
1C:D0:51:5E:71:19:2A:8C:6B:80:10:7A:C1:77:72:B5
Timestamp : Mar 13 16:55:27.764 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:94:EB:A5:E9:2C:83:5E:70:61:0A:BE:
FB:A9:51:85:DF:5A:11:B2:00:C6:CC:D8:BC:E2:46:E1:
73:36:BA:96:45:02:21:00:D5:F3:E8:16:5B:49:D6:60:
6E:B4:26:CF:53:59:D9:08:73:FF:2A:55:42:28:B9:C5:
4A:5D:80:0B:C3:07:03:1C
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
Timestamp : Mar 13 16:55:27.703 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:41:41:46:EB:6F:0F:52:09:AA:E9:66:74:
32:2C:60:2B:6B:6A:94:5A:1E:05:E5:89:2B:A4:FB:1E:
87:7B:AB:CA:02:21:00:8C:EC:37:B1:5D:B6:85:68:F6:
9C:D6:70:0E:43:A9:70:65:61:94:66:78:4A:50:52:A7:
22:59:68:BB:E7:94:04

SSL check results of krewer-gmbh.de