SSL-Tools

SSL check results of bjs.cz

NEW You can also bulk check multiple servers.

Discover if the mail servers for bjs.cz can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Fri, 26 Apr 2024 07:41:17 +0000

We can not guarantee a secure connection to the mailservers of bjs.cz!

Please contact the operator of bjs.cz and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/bjs.cz

Servers

Incoming Mails

These servers are responsible for incoming mails to @bjs.cz addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.bjs.cz
185.236.160.203
Results incomplete
10
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
6 s
wraith.spacecom.cz
2a0c:7340:1::220
 20
supported
ghost.spacecom.cz
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
wraith.spacecom.cz
185.236.160.220
 20
supported
ghost.spacecom.cz
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s

Outgoing Mails

We have not received any emails from a @bjs.cz address so far. Test mail delivery

Certificates

First seen at:

CN=ghost.spacecom.cz

Certificate chain
  • ghost.spacecom.cz
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • ghost.spacecom.cz
Alternative Names
  • ghost.spacecom.cz
  • wraith.spacecom.cz
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-03-20
Not valid after
2024-06-18
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
F0:99:1F:BC:CE:D9:4A:1E:F5:5E:12:41:E0:7C:D9:4D:BD:A6:EC:2C:D7:2D:2E:B5:E3:86:96:7D:37:02:FB:C9
SHA1
C0:D9:E7:3C:12:25:29:54:E6:1C:E9:7A:A8:83:91:02:BD:54:0F:9A
X509v3 extensions
subjectKeyIdentifier
  • FC:DF:11:3A:9F:A3:8E:78:7E:C1:C1:DF:B2:DB:D3:28:49:A3:B7:87
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Mar 20 02:11:40.748 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:DA:CF:13:11:32:E2:CD:8C:03:72:63:
  • 84:0C:73:AD:20:8F:A3:46:8E:A9:6E:FD:8B:0E:19:57:
  • 7B:C2:94:7D:70:02:20:2C:77:43:5E:41:C2:C8:D5:47:
  • DD:47:2D:4B:10:74:7B:DC:A2:FD:58:BD:B7:29:B0:9E:
  • 1A:78:80:CC:5F:35:80
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Mar 20 02:11:40.764 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:11:08:2E:9A:5D:74:F4:1C:A7:C1:E2:B8:
  • 3E:03:16:F1:C3:C3:DC:A0:85:79:10:1A:A8:55:F5:B7:
  • F0:DA:C6:F7:02:20:15:E3:4E:46:F6:63:59:F2:66:F0:
  • 45:4B:E1:0D:CB:86:E9:06:0D:B0:75:1E:09:85:8F:8A:
  • 50:77:0C:36:8A:58