SSL-Tools

SSL check results of lucy-han.net

NEW You can also bulk check multiple servers.

Discover if the mail servers for lucy-han.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 18 Oct 2025 19:38:49 +0000

The mailservers of lucy-han.net can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @lucy-han.net addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
postfix.lucy-han.net
2001:41d0:8:273e:48e0:83ff:feb5:48d3
 1
supported
lucy-han.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
9 s
postfix.lucy-han.net
188.165.37.147
 1
supported
lucy-han.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
6 s
rte.lucy-han.net
188.165.37.147
 2
supported
lucy-han.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
6 s

Outgoing Mails

We have not received any emails from a @lucy-han.net address so far. Test mail delivery

Certificates

First seen at:

CN=lucy-han.net

Certificate chain
  • lucy-han.net
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R12
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • lucy-han.net
Alternative Names
  • *.lucy-han.net
  • lucy-han.net
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R12
validity period
Not valid before
2025-10-18
Not valid after
2026-01-16
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
12:F2:E2:EC:A5:FD:D7:7D:BC:FE:2E:BE:4F:A1:3C:FD:16:90:61:0E:64:41:76:AD:88:7D:2E:20:86:65:DD:0B
SHA1
32:17:23:3D:AC:06:A0:83:39:EA:A9:E3:D7:A0:FE:65:CC:32:6B:08
X509v3 extensions
subjectKeyIdentifier
  • C7:5E:04:E1:AD:38:74:D7:3F:73:6A:11:0C:50:B3:DE:13:70:FD:C3
authorityKeyIdentifier
  • keyid:00:B5:29:F2:2D:8E:6F:31:E8:9B:4C:AD:78:3E:FA:DC:E9:0C:D1:D2
authorityInfoAccess
  • CA Issuers - URI:http://r12.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r12.c.lencr.org/76.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CB:38:F7:15:89:7C:84:A1:44:5F:5B:C1:DD:FB:C9:6E:
  • F2:9A:59:CD:47:0A:69:05:85:B0:CB:14:C3:14:58:E7
  • Timestamp : Oct 18 10:52:22.927 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:C7:02:DF:58:00:65:B5:1E:BA:39:8E:
  • 59:6A:93:84:AE:AE:CA:1F:39:AF:F1:E1:FC:0E:34:E4:
  • 06:AF:65:C8:AA:02:21:00:B7:55:00:42:F7:39:6A:15:
  • 81:5B:C5:21:50:BC:9C:EA:C4:3E:7B:86:49:09:27:AC:
  • 94:06:7E:73:66:D8:A6:6C
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0E:57:94:BC:F3:AE:A9:3E:33:1B:2C:99:07:B3:F7:90:
  • DF:9B:C2:3D:71:32:25:DD:21:A9:25:AC:61:C5:4E:21
  • Timestamp : Oct 18 10:52:22.921 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:6C:53:70:E9:F7:C3:7F:63:7C:83:55:80:
  • 73:F5:16:16:B2:BD:5C:55:79:90:E2:F4:F7:0D:1C:A2:
  • 4B:77:7C:19:02:20:18:74:36:71:9B:21:7A:2B:91:25:
  • CF:36:32:75:98:7E:57:BB:03:00:E7:66:80:D5:E8:C7:
  • B4:80:D8:60:58:AA