SSL-Tools

SSL check results of mail.cube.ws

NEW You can also bulk check multiple servers.

Discover if the mail servers for mail.cube.ws can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 24 Sep 2024 14:08:58 +0000

The mailservers of mail.cube.ws can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @mail.cube.ws addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.cube.ws
2001:41d0:8:cc8::1
 10
supported
cube.ws
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
8 s
mail.cube.ws
176.31.251.200
 10
supported
cube.ws
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
3 s

Outgoing Mails

We have not received any emails from a @mail.cube.ws address so far. Test mail delivery

Certificates

First seen at:

CN=cube.ws

Certificate chain
  • cube.ws
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R10
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • cube.ws
Alternative Names
  • *.cube.ws
  • cube.ws
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R10
validity period
Not valid before
2024-08-16
Not valid after
2024-11-14
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
63:6E:E2:35:F6:61:07:F2:E8:98:07:23:BB:77:E0:FF:D0:A5:07:51:53:C8:D4:78:96:08:B5:68:0B:07:D3:93
SHA1
7B:84:6C:F1:B3:06:78:85:FA:C9:EE:69:2C:04:1F:41:09:76:28:F1
X509v3 extensions
subjectKeyIdentifier
  • E8:2F:B7:93:BB:2F:0D:C0:7C:36:22:E4:F7:4C:7D:A3:61:6B:FA:0F
authorityKeyIdentifier
  • keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
authorityInfoAccess
  • OCSP - URI:http://r10.o.lencr.org
  • CA Issuers - URI:http://r10.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
  • ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
  • Timestamp : Aug 16 01:36:02.916 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:01:6D:CE:15:67:31:9F:52:B9:6A:D1:0F:
  • 1B:44:4A:95:F4:0E:E1:8A:A0:4C:C9:AE:58:61:B1:06:
  • 56:E6:13:B1:02:20:33:D6:6F:55:90:0F:00:1F:7F:8B:
  • 5C:AE:70:B9:5C:74:C5:8D:3B:60:8A:4A:3B:EB:33:D4:
  • 6D:DC:12:AD:71:FB
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Aug 16 01:36:02.905 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:19:31:7E:61:3E:72:E6:E1:33:0F:16:E0:
  • 98:2C:AF:44:65:F2:AC:60:06:0E:72:DD:0E:E1:E6:D3:
  • 64:31:82:D5:02:21:00:C3:75:D0:21:A5:27:DB:C9:B1:
  • D9:84:10:E7:D2:31:4C:4C:75:61:ED:46:29:FE:1D:21:
  • DD:EF:71:22:86:80:94

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.cube.ws
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid