SSL-Tools

SSL check results of 1und1.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for 1und1.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 17 Apr 2024 23:23:13 +0000

No connection to the mailservers of 1und1.de could be established.

Servers

Incoming Mails

These servers are responsible for incoming mails to @1und1.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mxint02.1and1.com
212.227.126.207
Results incomplete
10
supported
mxint.1and1.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mxint02.1and1.com
212.227.17.17
Results incomplete
10
supported
mxint.1and1.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mxint01.1and1.com
212.227.17.16
Results incomplete
10
supported
mxint.1and1.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mxint01.1and1.com
212.227.126.206
Results incomplete
10
supported
mxint.1and1.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have received emails from these servers with @1und1.de sender addresses. Test mail delivery

Host TLS Version & Cipher
unknown (67.227.227.187)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
unknown (212.162.150.119)
Insecure - not encrypted!

Certificates

First seen at:

CN=mxint.1and1.com,L=Montabaur,ST=Rheinland-Pfalz,O=IONOS SE,C=DE

Certificate chain
Subject
Country (C)
  • DE
Organization (O)
  • IONOS SE
State (ST)
  • Rheinland-Pfalz
Locality (L)
  • Montabaur
Common Name (CN)
  • mxint.1and1.com
Alternative Names
  • mxint.1and1.com
  • mxint01.1and1.com
  • mxint02.1and1.com
  • mxint03.1and1.com
  • mxint04.1and1.com
Issuer
Country (C)
  • DE
Organization (O)
  • Deutsche Telekom Security GmbH
Common Name (CN)
  • Telekom Security ServerID OV Class 2 CA
validity period
Not valid before
2023-06-20
Not valid after
2024-06-24
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Client Authentication
  • TLS Web Server Authentication
Fingerprints
SHA256
AD:79:BC:E7:3D:FB:CB:38:10:90:57:92:63:CB:2C:84:8B:E2:69:26:DE:3C:F2:D0:8E:D5:8D:48:A1:DA:03:98
SHA1
4A:89:CB:7D:75:2C:83:B1:59:A2:CD:E0:27:5D:61:82:06:32:F2:C5
X509v3 extensions
authorityKeyIdentifier
  • keyid:1C:05:93:B1:7F:A8:34:30:8C:52:E0:96:40:A0:72:A3:10:5D:E0:FF
subjectKeyIdentifier
  • E4:D4:54:07:24:B3:A9:89:07:02:F2:69:0B:E9:C5:87:5B:FC:33:67
certificatePolicies
  • Policy: 2.23.140.1.2.2
  • CPS: http://docs.serverid.telesec.de/cps/serverid.htm
crlDistributionPoints
  • Full Name:
  • URI:http://crl.serverid.telesec.de/rl/Telekom_Security_ServerID_OV_Class_2_CA.crl
authorityInfoAccess
  • OCSP - URI:http://ocsp.serverid.telesec.de/ocspr
  • CA Issuers - URI:http://crt.serverid.telesec.de/crt/Telekom_Security_ServerID_OV_Class_2_CA.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Jun 20 08:28:00.586 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:05:7C:62:9C:F4:F7:D5:57:90:49:B0:F7:
  • 71:8D:90:62:52:29:81:BD:03:6A:D6:CE:6A:D5:5A:6F:
  • D4:BB:F9:8C:02:20:2B:FC:05:58:C5:38:35:BB:55:1E:
  • D3:A5:80:05:4C:67:0E:20:CE:5B:FD:AE:00:A8:00:98:
  • E5:00:18:2A:E9:3A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
  • B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
  • Timestamp : Jun 20 08:28:00.071 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:70:6D:10:A5:82:CE:58:FB:E6:18:B7:7B:
  • 53:3F:24:94:02:83:2F:0B:11:67:0B:CA:5B:CC:95:8F:
  • 55:66:D9:E2:02:20:1D:00:06:F4:6A:A7:9F:2E:9A:58:
  • F2:DE:C6:D7:9E:B9:2E:C7:B8:C8:FA:82:15:DB:86:56:
  • 2F:0D:1D:CD:BB:62
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
  • C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C
  • Timestamp : Jun 20 08:28:00.395 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:5E:AD:50:80:64:BF:FA:62:15:79:B2:36:
  • CB:D0:D7:F1:8F:61:21:68:49:B7:3E:CE:1A:0F:90:1E:
  • 81:70:B3:EB:02:21:00:CF:5F:13:8F:26:AB:BF:38:9D:
  • 11:1D:FF:49:8A:9B:D5:BA:30:ED:5D:CE:4B:E1:AC:09:
  • 89:A8:29:98:66:6D:6F
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
  • 91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
  • Timestamp : Jun 20 08:28:00.732 2023 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:8B:1A:B6:62:72:12:32:7A:4F:BF:8C:
  • 3F:6B:23:C2:38:AE:2E:1B:A4:46:D3:35:96:FF:88:F7:
  • 1E:E4:07:BC:0D:02:20:3A:CD:08:26:2D:84:F7:C5:E2:
  • B1:09:60:DB:D3:14:15:56:A6:BF:29:9C:76:54:80:1C:
  • 72:D3:08:2C:60:6A:45