SSL-Tools

SSL check results of firemail.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for firemail.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 09 Dec 2025 12:28:37 +0000

No connection to the mailservers of firemail.de could be established.

Servers

Incoming Mails

These servers are responsible for incoming mails to @firemail.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.firemail.de
188.40.70.221
Results incomplete
10
supported
*.firemail.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have received emails from these servers with @firemail.de sender addresses. Test mail delivery

Host TLS Version & Cipher
firemail.de (88.99.137.45)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
f26.my.com (185.30.177.53)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=*.firemail.de

Certificate chain
Subject
Common Name (CN)
  • *.firemail.de
Alternative Names
  • *.firemail.de
  • firemail.de
Issuer
Country (C)
  • BE
Organization (O)
  • GlobalSign nv-sa
Common Name (CN)
  • GlobalSign GCC R6 AlphaSSL CA 2025
validity period
Not valid before
2025-10-30
Not valid after
2026-12-01
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
91:68:39:9B:6D:8A:DF:24:D1:09:F3:64:17:47:76:36:49:FB:B6:B5:D7:B2:9D:04:51:98:6C:69:40:AA:36:9C
SHA1
28:28:6E:26:2F:A7:EA:39:AD:A4:C1:95:A0:F0:B4:B2:22:D9:43:3F
X509v3 extensions
authorityInfoAccess
  • CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr6alphasslca2025.crt
  • OCSP - URI:http://ocsp.globalsign.com/gsgccr6alphasslca2025
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.4146.10.1.3
  • CPS: https://www.globalsign.com/repository/
crlDistributionPoints
  • Full Name:
  • URI:http://crl.globalsign.com/gsgccr6alphasslca2025.crl
authorityKeyIdentifier
  • keyid:C5:B4:93:8F:6F:2B:DC:1E:48:BF:B7:10:30:85:CE:D1:B2:BB:48:2D
subjectKeyIdentifier
  • 35:BF:42:47:F6:CC:12:70:92:15:4C:0C:F5:A6:C9:E7:A4:D2:07:B6
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 94:4E:43:87:FA:EC:C1:EF:81:F3:19:24:26:A8:18:65:
  • 01:C7:D3:5F:38:02:01:3F:72:67:7D:55:37:2E:19:D8
  • Timestamp : Oct 30 09:10:34.123 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:D7:D4:FC:0C:7A:4B:75:AB:4F:25:8B:
  • B4:8E:DD:B1:B3:BE:5E:E4:E2:DD:AF:B0:4B:56:5D:EE:
  • 4C:E8:24:CC:4C:02:20:4B:22:AD:72:E3:0F:A5:96:78:
  • 13:F1:4A:DE:CA:7A:18:EA:76:30:36:16:99:69:D0:10:
  • 6F:FB:4E:6C:F5:BD:7A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CB:38:F7:15:89:7C:84:A1:44:5F:5B:C1:DD:FB:C9:6E:
  • F2:9A:59:CD:47:0A:69:05:85:B0:CB:14:C3:14:58:E7
  • Timestamp : Oct 30 09:10:33.717 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:30:29:C2:78:8B:36:5F:E3:80:0A:F6:A6:
  • BE:31:BC:66:D4:27:C3:07:2B:86:1D:34:CA:23:DF:9F:
  • F9:44:7B:85:02:20:0C:FB:7E:A9:71:C6:A2:D6:A1:4C:
  • 89:D6:AE:DF:88:F7:99:70:E7:0F:68:72:7A:96:86:D2:
  • 33:1B:4B:59:63:1C
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : C2:31:7E:57:45:19:A3:45:EE:7F:38:DE:B2:90:41:EB:
  • C7:C2:21:5A:22:BF:7F:D5:B5:AD:76:9A:D9:0E:52:CD
  • Timestamp : Oct 30 09:10:34.074 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:46:50:47:F1:F5:52:33:C3:B1:5F:55:38:
  • 34:77:C3:6C:20:1F:15:86:B1:D4:3B:3C:36:79:E9:EE:
  • C6:54:C0:99:02:21:00:CF:C2:CB:A1:40:AF:26:88:76:
  • B1:4C:CC:87:6A:4C:42:25:01:7E:F5:6D:5F:B9:40:D9:
  • 71:7D:2C:9A:68:15:FF

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.firemail.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid