SSL check results of stb-koestler.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for stb-koestler.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Fri, 12 Oct 2018 13:11:36 +0000

The mailservers of stb-koestler.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @stb-koestler.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
webmail.stb-koestler.de
80.153.72.204
10
supported
webmail.stb-koestler.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3.0 s

Outgoing Mails

We have received emails from these servers with @stb-koestler.de sender addresses. Test mail delivery

Host TLS Version & Cipher
webmail.stb-koestler.de (80.153.72.204)
TLSv1.2 ADH-AES256-GCM-SHA384

Certificates

First seen at:

webmail.stb-koestler.de

Certificate chain
Subject
Organizational Unit (OU)
  • Domain Control Validated
  • PositiveSSL
Common Name (CN)
  • webmail.stb-koestler.de
Alternative Names
  • webmail.stb-koestler.de
  • www.webmail.stb-koestler.de
Issuer
Country (C)
  • GB
State (ST)
  • Greater Manchester
Locality (L)
  • Salford
Organization (O)
  • COMODO CA Limited
Common Name (CN)
  • COMODO RSA Domain Validation Secure Server CA
validity period
Not valid before
2018-10-12
Not valid after
2020-08-06
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
C7:31:BF:D1:4B:79:74:84:55:EB:49:3B:E4:57:89:E9:9A:B2:BE:36:9A:68:45:86:F7:D6:59:16:3E:10:58:0C
SHA1
6C:CA:5F:E1:76:40:A1:F7:42:49:F7:DC:34:ED:22:D2:52:53:FC:25
X509v3 extensions
authorityKeyIdentifier
  • keyid:90:AF:6A:3A:94:5A:0B:D8:90:EA:12:56:73:DF:43:B4:3A:28:DA:E7
subjectKeyIdentifier
  • C5:BE:E9:E1:B8:8A:2F:20:6A:96:CA:89:FA:37:A3:D9:62:81:1D:44
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.2.7
  • CPS: https://secure.comodo.com/CPS
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl
authorityInfoAccess
  • CA Issuers - URI:http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt
  • OCSP - URI:http://ocsp.comodoca.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1(0)
  • Log ID : EE:4B:BD:B7:75:CE:60:BA:E1:42:69:1F:AB:E1:9E:66:
  • A3:0F:7E:5F:B0:72:D8:83:00:C4:7B:89:7A:A8:FD:CB
  • Timestamp : Oct 12 09:51:49.571 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:D9:5A:A8:34:1C:24:F6:93:57:F9:D8:
  • 74:DF:C5:29:2A:10:8E:43:3E:DB:1A:3C:6B:3C:9D:61:
  • A8:E0:A6:7C:3F:02:20:03:49:76:0D:50:F5:6B:9A:3B:
  • 1A:DE:0F:90:B8:1E:77:01:71:01:82:2A:2A:9A:E4:DD:
  • 1B:D0:92:1D:3A:2C:CC
  • Signed Certificate Timestamp:
  • Version : v1(0)
  • Log ID : 5E:A7:73:F9:DF:56:C0:E7:B5:36:48:7D:D0:49:E0:32:
  • 7A:91:9A:0C:84:A1:12:12:84:18:75:96:81:71:45:58
  • Timestamp : Oct 12 09:51:49.582 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:25:66:37:74:26:1A:1E:55:7C:9E:09:C3:
  • 05:89:08:55:F7:E7:A9:8F:8A:F7:37:B3:8F:0F:73:0D:
  • E5:A6:FB:44:02:20:01:25:A7:42:9B:4C:26:40:51:1B:
  • 4A:3A:F3:4C:D2:D2:A3:01:B4:26:60:B8:F1:BB:90:DA:
  • F9:E9:B2:9B:83:73
  • Signed Certificate Timestamp:
  • Version : v1(0)
  • Log ID : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
  • C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C
  • Timestamp : Oct 12 09:51:49.604 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:FA:8C:FF:31:6C:22:EE:F6:FA:31:EF:
  • 1D:1A:9B:C2:3F:68:81:41:EB:68:01:03:53:B2:31:91:
  • 41:5A:13:DA:E5:02:20:35:38:5E:55:6F:31:A8:E4:76:
  • 68:C3:62:5C:02:42:3B:34:A4:00:B3:12:5F:48:58:83:
  • 61:BE:91:C4:DB:DF:98

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.webmail.stb-koestler.de
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid