SSL-Tools

SSL check results of lillemalundshave.dk

NEW You can also bulk check multiple servers.

Discover if the mail servers for lillemalundshave.dk can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 26 May 2025 00:32:19 +0000

The mailservers of lillemalundshave.dk can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @lillemalundshave.dk addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx3.pub.mailpod10-cph3.one.com
104.37.34.72
 10
supported
mx1.pub.mailpod10-cph3.one.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mx1.pub.mailpod10-cph3.one.com
104.37.34.70
 10
supported
mx1.pub.mailpod10-cph3.one.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mx2.pub.mailpod10-cph3.one.com
104.37.34.71
 10
supported
mx1.pub.mailpod10-cph3.one.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
mx4.pub.mailpod10-cph3.one.com
104.37.34.73
 10
supported
mx1.pub.mailpod10-cph3.one.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @lillemalundshave.dk address so far. Test mail delivery

Certificates

First seen at:

CN=mx1.pub.mailpod10-cph3.one.com

Certificate chain
  • mx1.pub.mailpod10-cph3.one.com
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mx1.pub.mailpod10-cph3.one.com
Alternative Names
  • mx1.pub.mailpod10-cph3.one.com
  • mx2.pub.mailpod10-cph3.one.com
  • mx3.pub.mailpod10-cph3.one.com
  • mx4.pub.mailpod10-cph3.one.com
  • mxservice.one.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2025-03-24
Not valid after
2025-06-22
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
F4:36:22:E5:61:32:B5:5F:2F:57:7A:6F:65:74:E4:88:59:D2:85:FD:04:9F:7D:F1:59:44:D1:54:F2:C0:DB:9F
SHA1
11:74:6A:45:1F:73:19:77:FA:EE:C2:E7:56:8E:68:24:8A:C6:4F:A0
X509v3 extensions
subjectKeyIdentifier
  • C0:3E:22:A9:B2:8E:92:AD:0B:1A:BC:CE:85:AC:0F:34:36:BF:AE:32
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r11.c.lencr.org/17.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
  • D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
  • Timestamp : Mar 24 11:03:43.890 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:42:B7:30:0E:95:61:65:47:2E:DD:BE:CE:
  • 7C:C2:1E:E7:74:A0:5C:84:7F:EF:54:0D:CA:E8:0A:BD:
  • DA:50:19:D6:02:20:05:F5:9B:76:F0:41:60:A2:07:05:
  • E4:86:0F:63:0D:50:E8:83:B6:95:F7:33:9F:3B:0E:26:
  • 48:9C:A7:B5:67:10
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
  • 1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
  • Timestamp : Mar 24 11:03:43.906 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:20:B2:D9:0B:6D:39:22:14:DC:8F:9B:CE:
  • 2A:DB:69:DE:B3:C5:A7:8B:6E:1F:14:49:D1:B5:2F:77:
  • AE:A0:09:1E:02:21:00:B5:F8:4D:47:ED:51:F1:F2:6F:
  • 40:AC:A6:A2:7E:0C:95:EC:9F:14:E1:A1:88:7D:A0:75:
  • 7B:A2:E0:1F:7E:34:EC

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx3.pub.mailpod10-cph3.one.com
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx1.pub.mailpod10-cph3.one.com
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx2.pub.mailpod10-cph3.one.com
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mx4.pub.mailpod10-cph3.one.com
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid