SSL-Tools

SSL check results of mail.xy-space.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for mail.xy-space.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sun, 25 Sep 2022 10:16:11 +0000

The mailservers of mail.xy-space.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @mail.xy-space.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.xy-space.de
95.216.205.51
 0
supported
*.xy-space.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s
mail-backup.xy-space.de
159.69.117.11
 1
supported
*.xy-space.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @mail.xy-space.de address so far. Test mail delivery

Certificates

First seen at:

CN=*.xy-space.de

Certificate chain
Subject
Common Name (CN)
  • *.xy-space.de
Alternative Names
  • *.xy-space.de
  • xy-space.de
Issuer
Country (C)
  • PL
Organization (O)
  • Unizeto Technologies S.A.
Organizational Unit (OU)
  • Certum Certification Authority
Common Name (CN)
  • Certum Domain Validation CA SHA2
validity period
Not valid before
2022-05-17
Not valid after
2023-05-17
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
2A:CC:5B:E1:65:5B:E6:D9:98:5C:18:D4:E3:05:5F:52:D0:25:21:9F:BD:46:F3:7E:09:6D:B8:01:4D:71:11:7C
SHA1
82:65:EF:C8:B2:72:55:34:A7:B2:B5:7A:EF:32:C7:D9:08:65:18:35
X509v3 extensions
crlDistributionPoints
  • Full Name:
  • URI:http://crl.certum.pl/dvcasha2.crl
authorityInfoAccess
  • OCSP - URI:http://dvcasha2.ocsp-certum.com
  • CA Issuers - URI:http://repository.certum.pl/dvcasha2.cer
authorityKeyIdentifier
  • keyid:E5:31:AD:BF:3A:11:96:F4:83:BC:50:3C:D4:B7:90:9B:90:EE:DE:25
subjectKeyIdentifier
  • 5B:E0:DD:AE:A8:44:DC:ED:05:3E:3A:11:95:56:7A:9F:D8:0A:BF:D5
issuerAltName
  • email:dvcasha2@certum.pl
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.2.616.1.113527.2.5.1.3
  • CPS: https://www.certum.pl/CPS
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : AD:F7:BE:FA:7C:FF:10:C8:8B:9D:3D:9C:1E:3E:18:6A:
  • B4:67:29:5D:CF:B1:0C:24:CA:85:86:34:EB:DC:82:8A
  • Timestamp : May 17 12:50:35.087 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:6B:8B:F9:CD:F9:62:1D:39:A9:25:C6:E9:
  • 61:DF:26:01:5F:7D:3E:2B:B8:8F:9F:3F:74:E2:16:74:
  • 13:3C:24:A9:02:21:00:EF:B8:E1:1B:11:74:1E:E4:AB:
  • 16:67:BE:3D:23:3F:4B:E6:55:30:F3:62:8C:0D:63:B3:
  • 23:EA:50:BF:21:4D:58
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
  • C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C
  • Timestamp : May 17 12:50:35.127 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:32:47:44:74:39:DD:A4:E3:65:93:56:FD:
  • 3E:F8:B2:CC:9F:A6:50:C8:BA:7A:DB:4D:AF:60:18:05:
  • A5:91:4B:FE:02:21:00:BA:BC:FD:C0:59:7B:93:AF:83:
  • 10:69:92:58:19:98:56:75:F9:FB:F9:6A:3C:72:D0:F6:
  • 50:5D:B2:E9:3B:A9:50
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7A:32:8C:54:D8:B7:2D:B6:20:EA:38:E0:52:1E:E9:84:
  • 16:70:32:13:85:4D:3B:D2:2B:C1:3A:57:A3:52:EB:52
  • Timestamp : May 17 12:50:35.353 2022 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:78:BE:C1:3A:E6:D2:D0:FA:52:F4:41:E3:
  • EE:64:51:67:72:5C:B7:28:8D:12:3E:4D:9B:78:56:10:
  • DE:14:E5:A8:02:20:0A:06:D0:D4:66:9B:5F:58:49:41:
  • 30:26:FA:FB:1F:9B:1C:8C:4C:D1:54:75:7B:91:C2:FB:
  • AF:7D:B1:2D:0A:A0

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.xy-space.de
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
error
Debug
valid