lugrav.de - TLS / STARTTLS Test

Discover if the mail servers for lugrav.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 23 Jul 2020 17:43:34 +0000

Certificates

Problems found
Protocol

Secure
DANE

Missing

The mailservers of lugrav.de can be reached through an encrypted connection.

However, we found problems that may affect the security.

Servers

Incoming Mails

These servers are responsible for incoming mails to @lugrav.de addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail.lugrav.de 37.218.254.107	10	supported	*.webspace-verkauf.de	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2020-07-23 12 s

Outgoing Mails

We have not received any emails from a @lugrav.de address so far. Test mail delivery

Certificates

First seen at: 2020-06-10

CN=*.webspace-verkauf.de,OU=Domain Control Validated

Certificate chain

*.webspace-verkauf.de
- 2020-12-14 remaining
- 4096 bit
- sha256WithRSAEncryption
- Hostname Mismatch

Subject

Organizational Unit (OU)

Domain Control Validated

Common Name (CN)

*.webspace-verkauf.de

Alternative Names

*.webspace-verkauf.de
webspace-verkauf.de

Issuer

Country (C)

Organization (O)

GlobalSign nv-sa

Common Name (CN)

AlphaSSL CA - SHA256 - G2

validity period

Not valid before: 2018-12-14
Not valid after: 2020-12-14

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: AF:14:0A:00:2A:F0:07:9C:6E:6E:35:2A:3F:ED:79:16:E2:A7:CE:A4:88:7B:EA:FB:F5:6D:1A:73:75:28:22:21
SHA1: 2C:B8:D3:B5:7E:18:49:38:F9:64:D1:B0:D2:1A:9F:32:13:3C:EE:36

X509v3 extensions

authorityInfoAccess

CA Issuers - URI:http://secure2.alphassl.com/cacert/gsalphasha2g2r1.crt
OCSP - URI:http://ocsp2.globalsign.com/gsalphasha2g2

certificatePolicies

Policy: 1.3.6.1.4.1.4146.1.10.10
CPS: https://www.globalsign.com/repository/
Policy: 2.23.140.1.2.1

crlDistributionPoints

Full Name:
URI:http://crl2.alphassl.com/gs/gsalphasha2g2.crl

subjectKeyIdentifier

54:BF:B9:C3:19:6A:2F:0C:89:B3:8C:6F:AF:2C:E4:DF:34:A7:07:A6

authorityKeyIdentifier

keyid:F5:CD:D5:3C:08:50:F9:6A:4F:3A:B7:97:DA:56:83:E6:69:D2:68:F7

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C
Timestamp : Dec 14 12:11:08.273 2018 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:44:11:8C:88:59:98:D7:DA:25:FB:A7:A4:
F8:82:18:39:E1:0E:85:D7:1A:7F:DC:A8:1C:8D:8A:D8:
2A:77:02:7C:02:21:00:BE:09:0C:4D:C9:E1:C5:2F:61:
07:71:E3:CE:D3:56:67:1E:25:B0:B8:F6:65:EC:8A:99:
FC:0D:14:AF:3D:0D:F8
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : BB:D9:DF:BC:1F:8A:71:B5:93:94:23:97:AA:92:7B:47:
38:57:95:0A:AB:52:E8:1A:90:96:64:36:8E:1E:D1:85
Timestamp : Dec 14 12:11:09.238 2018 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:8D:10:FD:D5:08:9E:95:2B:F7:B7:7A:
6D:EF:61:1A:AA:5C:39:61:7B:2B:CB:31:6F:EE:F8:E1:
A6:60:31:80:78:02:21:00:A0:B7:B6:58:E0:C1:7C:FC:
46:05:CE:15:F3:F1:8A:BE:F7:93:DC:3A:91:BE:EA:0D:
22:31:67:58:4F:96:7E:20
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
Timestamp : Dec 14 12:11:08.297 2018 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:86:0D:35:1B:38:11:FB:89:77:92:34:
9A:FD:EE:9F:57:83:C6:40:C5:97:85:BE:2C:89:1B:97:
CB:98:13:AA:2B:02:21:00:B5:BB:E4:EE:E4:A7:AC:F8:
81:A7:71:46:7E:16:46:4A:C5:29:E4:A6:85:56:83:BD:
E0:23:B3:07:CA:15:0E:08

SSL check results of lugrav.de