SSL check results of online.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for online.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Tue, 27 Feb 2024 20:02:21 +0000

No connection to the mailservers of online.de could be established.

Servers

Incoming Mails

These servers are responsible for incoming mails to @online.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx01.emig.kundenserver.de
217.72.192.66
Results incomplete
10
supported
mx.kundenserver.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mx00.emig.kundenserver.de
212.227.15.40
Results incomplete
10
supported
mx.kundenserver.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have received emails from these servers with @online.de sender addresses. Test mail delivery

Host TLS Version & Cipher
mout.kundenserver.de (217.72.192.74)
TLSv1.3 TLS_AES_256_GCM_SHA384
mout.kundenserver.de (212.227.17.24)
TLSv1.3 TLS_AES_256_GCM_SHA384
mout.kundenserver.de (212.227.126.133)
TLSv1.3 TLS_AES_256_GCM_SHA384
mout.kundenserver.de (217.72.192.73)
TLSv1.3 TLS_AES_256_GCM_SHA384
mout.kundenserver.de (212.227.126.135)
TLSv1.3 TLS_AES_256_GCM_SHA384
mout.kundenserver.de (212.227.17.13)
TLSv1.3 TLS_AES_256_GCM_SHA384
mout.kundenserver.de (212.227.126.130)
TLSv1.3 TLS_AES_256_GCM_SHA384
mout.kundenserver.de (217.72.192.75)
TLSv1.3 TLS_AES_256_GCM_SHA384
unknown (212.227.126.187)
TLSv1.3 TLS_AES_256_GCM_SHA384
mout.kundenserver.de (212.227.17.10)
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
mout.kundenserver.de (212.227.126.131)
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256

Certificates

First seen at:

CN=mx.kundenserver.de,L=Montabaur,ST=Rheinland-Pfalz,O=IONOS SE,C=DE

Certificate chain
Subject
Country (C)
  • DE
Organization (O)
  • IONOS SE
State (ST)
  • Rheinland-Pfalz
Locality (L)
  • Montabaur
Common Name (CN)
  • mx.kundenserver.de
Alternative Names
  • mx.kundenserver.de
  • mx00.kundenserver.de
  • mx01.kundenserver.de
  • mx00.emig.kundenserver.de
  • mx01.emig.kundenserver.de
  • mx00.ionos.co.uk
  • mx00.ionos.de
  • mx00.ionos.es
  • mx00.ionos.fr
  • mx00.ionos.it
  • mx01.ionos.co.uk
  • mx01.ionos.de
  • mx01.ionos.es
  • mx01.ionos.fr
  • mx01.ionos.it
Issuer
Country (C)
  • DE
Organization (O)
  • Deutsche Telekom Security GmbH
Common Name (CN)
  • Telekom Security ServerID OV Class 2 CA
validity period
Not valid before
2023-06-20
Not valid after
2024-06-24
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Client Authentication
  • TLS Web Server Authentication
Fingerprints
SHA256
1F:6A:2C:67:89:25:82:D8:4C:DC:10:43:39:5C:42:C7:7B:6D:F9:CC:E7:4A:C8:2D:C0:3F:73:DB:74:04:1F:6B
SHA1
3B:FC:62:BD:7D:34:01:3A:34:64:ED:CB:77:53:68:C7:56:75:43:F9
X509v3 extensions
authorityKeyIdentifier
  • keyid:1C:05:93:B1:7F:A8:34:30:8C:52:E0:96:40:A0:72:A3:10:5D:E0:FF
subjectKeyIdentifier
  • F3:C2:C4:71:67:E0:F9:14:2C:70:37:4E:C6:67:43:C4:EF:9B:62:86
certificatePolicies
  • Policy: 2.23.140.1.2.2
  • CPS: http://docs.serverid.telesec.de/cps/serverid.htm
crlDistributionPoints
  • Full Name:
  • URI:http://crl.serverid.telesec.de/rl/Telekom_Security_ServerID_OV_Class_2_CA.crl
authorityInfoAccess
  • OCSP - URI:http://ocsp.serverid.telesec.de/ocspr
  • CA Issuers - URI:http://crt.serverid.telesec.de/crt/Telekom_Security_ServerID_OV_Class_2_CA.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Jun 20 11:08:15.028 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:D0:4D:29:91:4C:56:A5:D8:D1:DF:26:
  • AD:DA:4A:CF:83:DE:B8:69:2D:D2:95:69:FF:E7:AA:2A:
  • 63:ED:DE:E9:95:02:21:00:CE:A0:EC:61:84:1A:D7:8E:
  • DC:54:11:B7:10:8E:EC:CB:F4:B9:96:5F:57:36:13:10:
  • B3:BD:8D:A1:46:ED:68:FF
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
  • B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
  • Timestamp : Jun 20 11:08:14.981 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:C8:7E:E6:B9:FB:21:A0:8F:E8:AC:DA:
  • C5:CC:93:81:C9:0F:6A:9B:96:5D:A4:2B:32:7D:6B:FA:
  • D7:14:6C:02:22:02:20:42:F6:C1:45:69:CD:56:04:17:
  • 48:5B:C7:B2:A3:2D:09:82:57:7A:E1:0F:EE:83:27:64:
  • 6B:5B:5B:A5:D6:C4:13
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
  • C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C
  • Timestamp : Jun 20 11:08:15.319 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:D0:0D:66:C9:BC:24:A7:BB:C1:7E:24:
  • 7D:A7:E7:DF:D4:16:A6:98:E6:99:55:60:64:49:FE:66:
  • CD:1B:C9:2C:9F:02:21:00:AB:1E:11:6C:33:4D:31:38:
  • 1F:F8:04:3D:CC:DC:AE:A0:BA:5D:10:9E:BA:71:D4:B9:
  • 71:45:F6:A2:DD:54:3A:C4
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
  • 91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
  • Timestamp : Jun 20 11:08:15.275 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:C9:97:73:6F:D7:B0:03:62:79:87:DB:
  • C2:72:80:D5:45:94:BC:BB:07:C0:E2:27:76:9C:C2:69:
  • 13:66:20:4F:75:02:20:4F:DB:64:6B:50:54:B7:CC:FC:
  • 4B:36:47:D3:88:C8:1B:11:D5:AF:F8:54:D0:9C:B8:08:
  • 2A:26:63:3C:76:FC:34