SSL check results of loriondet.it

NEW You can also bulk check multiple servers.

Discover if the mail servers for loriondet.it can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Sun, 11 Aug 2019 05:51:00 +0000

We can not guarantee a secure connection to the mailservers of loriondet.it!

Please contact the operator of loriondet.it and ask him or her to solve this problem. This result stays accessible under the following address:

https://ssl-tools.net/mailservers/loriondet.it

Servers

Incoming Mails

These servers are responsible for incoming mails to @loriondet.it addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx2.hextra.it
46.28.24.118
Results incomplete
10
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mx3.hextra.it
40.118.1.118
80
supported
*.hextra.it
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
1 s

Outgoing Mails

We have received emails from these servers with @loriondet.it sender addresses. Test mail delivery

Host TLS Version & Cipher
unknown (103.221.254.12)
Insecure - not encrypted!

Certificates

First seen at:

CN=*.hextra.it

Certificate chain
  • *.hextra.it
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
    • Expired

Subject
Common Name (CN)
  • *.hextra.it
Alternative Names
  • *.hextra.it
  • hextra.it
Issuer
Country (C)
  • US
Organization (O)
  • GeoTrust Inc.
Common Name (CN)
  • RapidSSL SHA256 CA
validity period
Not valid before
2017-09-19
Not valid after
2018-09-19
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
8F:7D:E4:F0:51:57:67:3B:59:5D:1F:B3:9F:9C:C8:FF:C0:2A:A6:68:2D:A4:55:CA:D0:B4:E2:14:EB:42:6C:63
SHA1
1A:13:93:00:F0:0D:88:2B:41:90:D9:30:B5:66:FE:05:98:E4:84:AD
X509v3 extensions
crlDistributionPoints
  • Full Name:
  • URI:http://gp.symcb.com/gp.crl
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • CPS: https://www.rapidssl.com/legal
  • User Notice:
  • Explicit Text: https://www.rapidssl.com/legal
authorityKeyIdentifier
  • keyid:97:C2:27:50:9E:C2:C9:EC:0C:88:32:C8:7C:AD:E2:A6:01:4F:DA:6F
authorityInfoAccess
  • OCSP - URI:http://gp.symcd.com
  • CA Issuers - URI:http://gp.symcb.com/gp.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DD:EB:1D:2B:7A:0D:4F:A6:20:8B:81:AD:81:68:70:7E:
  • 2E:8E:9D:01:D5:5C:88:8D:3D:11:C4:CD:B6:EC:BE:CC
  • Timestamp : Sep 19 13:07:29.290 2017 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:BC:A1:98:A5:F6:93:D6:59:50:A0:60:
  • 8C:01:39:5F:DC:B6:28:D0:7D:03:18:C9:00:45:63:D4:
  • A6:90:01:64:4F:02:20:53:6A:6C:35:92:5A:24:99:EC:
  • 7A:ED:52:CF:97:03:D3:63:97:31:1B:B8:61:B3:34:89:
  • F8:BB:FD:0A:C1:08:CF
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A4:B9:09:90:B4:18:58:14:87:BB:13:A2:CC:67:70:0A:
  • 3C:35:98:04:F9:1B:DF:B8:E3:77:CD:0E:C8:0D:DC:10
  • Timestamp : Sep 19 13:07:29.341 2017 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:8D:D8:D7:77:A6:6F:82:22:83:0C:74:
  • 32:82:22:49:34:22:E1:C2:20:97:00:66:C6:67:1F:27:
  • A1:C1:1D:99:6C:02:20:55:47:A2:CD:ED:DE:49:5C:0D:
  • 0C:69:5A:F6:50:D6:97:39:99:D6:CB:77:D8:88:94:7B:
  • 9A:04:B4:8D:F6:71:9F