SSL-Tools

SSL check results of quanz.me

NEW You can also bulk check multiple servers.

Discover if the mail servers for quanz.me can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 23 Jan 2024 15:46:38 +0000

No connection to the mailservers of quanz.me could be established.

Servers

Incoming Mails

These servers are responsible for incoming mails to @quanz.me addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.quanz.dev
2001:41d0:701:1100::1a45
Results incomplete
1
supported
*.quanz.dev
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
4 s
mail.quanz.dev
51.38.125.207
Results incomplete
1
supported
*.quanz.dev
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
4 s

Outgoing Mails

We have not received any emails from a @quanz.me address so far. Test mail delivery

Certificates

First seen at:

CN=*.quanz.dev

Certificate chain
  • *.quanz.dev
    • remaining
    • 256 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • *.quanz.dev
Alternative Names
  • *.quanz.dev
  • *.qusign.net
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-01-04
Not valid after
2024-04-03
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
7F:C5:82:38:5A:A1:60:D6:AE:2F:AC:39:43:D1:FE:B6:A0:8C:50:8B:72:DA:79:2E:21:DD:D0:A6:EC:01:A4:A8
SHA1
70:B6:13:2F:88:2B:51:9C:76:82:C6:A7:F7:2B:0B:54:5F:46:81:B1
X509v3 extensions
subjectKeyIdentifier
  • E2:49:C6:50:66:A8:D7:25:9D:E8:AF:0E:B1:61:8E:4B:67:47:91:E7
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Jan 4 18:03:22.721 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:DA:6D:5B:BB:65:8D:BB:37:EB:EA:DB:
  • DD:51:1B:53:49:8B:20:F2:E3:87:82:C3:2F:E1:96:45:
  • 2E:EA:55:C8:8D:02:21:00:96:76:AB:AD:AC:DD:8D:AF:
  • 2D:AA:84:16:15:F3:C3:86:D5:BD:84:1C:70:D6:C0:3E:
  • 09:D4:84:00:19:52:EC:15
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
  • 65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
  • Timestamp : Jan 4 18:03:22.735 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:F8:1D:E1:D0:31:C1:A0:BF:E1:F8:F8:
  • B0:17:28:75:90:85:D4:BF:6E:27:36:5A:51:D0:9E:0D:
  • 4C:D5:74:2A:5D:02:20:5F:69:53:9C:B1:33:1C:0A:EA:
  • 22:B9:36:2D:FE:E6:C6:93:51:36:87:37:FC:56:2A:C9:
  • 8C:D9:3A:93:AA:D0:9C

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.quanz.dev
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid