SSL-Tools

SSL check results of mail24.vip

NEW You can also bulk check multiple servers.

Discover if the mail servers for mail24.vip can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 19 Nov 2025 01:54:37 +0000

The mailservers of mail24.vip can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @mail24.vip addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
server.ist-immer-online.de
2003:cc:f719:500:9209:d0ff:fe25:a7aa
 10
supported
server.ist-immer-online.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
8 s
server.ist-immer-online.de
79.196.242.15
 10
supported
server.ist-immer-online.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
8 s

Outgoing Mails

We have received emails from these servers with @mail24.vip sender addresses. Test mail delivery

Host TLS Version & Cipher
mout-p-102.mailbox.org (80.241.56.152)
TLSv1.3 TLS_AES_256_GCM_SHA384
mout01.posteo.de (185.67.36.141)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
mout02.posteo.de (185.67.36.142)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=server.ist-immer-online.de

Certificate chain
  • server.ist-immer-online.de
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R13
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • server.ist-immer-online.de
Alternative Names
  • server.ist-immer-online.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R13
validity period
Not valid before
2025-11-04
Not valid after
2026-02-02
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
B0:37:1D:CB:43:D9:2B:94:F0:50:4F:58:33:96:54:6E:D8:B3:85:29:A2:D3:1E:10:1A:67:9A:8F:00:C6:3D:53
SHA1
0F:CF:7A:1B:8F:83:16:18:73:3B:28:C6:9E:A4:FE:09:61:6E:3C:7F
X509v3 extensions
subjectKeyIdentifier
  • 75:97:07:A8:76:31:0B:80:36:0E:C0:E5:45:CD:FD:AD:AC:47:56:16
authorityKeyIdentifier
  • keyid:E7:AB:9F:0F:2C:33:A0:53:D3:5E:4F:78:C8:B2:84:0E:3B:D6:92:33
authorityInfoAccess
  • CA Issuers - URI:http://r13.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r13.c.lencr.org/124.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 49:9C:9B:69:DE:1D:7C:EC:FC:36:DE:CD:87:64:A6:B8:
  • 5B:AF:0A:87:80:19:D1:55:52:FB:E9:EB:29:DD:F8:C3
  • Timestamp : Nov 4 02:42:33.651 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:1E:A4:A9:3C:8D:69:04:B9:1F:77:07:D8:
  • 8C:9C:EA:FE:22:53:47:9B:99:A9:B3:34:AF:EB:ED:10:
  • F2:D2:31:05:02:20:11:88:D3:1B:15:08:EA:0F:09:A5:
  • 6F:81:3E:63:17:A4:42:4A:0D:A5:62:FB:8C:BA:E5:24:
  • C8:81:E8:11:87:5F
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0E:57:94:BC:F3:AE:A9:3E:33:1B:2C:99:07:B3:F7:90:
  • DF:9B:C2:3D:71:32:25:DD:21:A9:25:AC:61:C5:4E:21
  • Timestamp : Nov 4 02:42:33.642 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:2F:16:E1:EC:C6:C4:E3:B7:BB:A2:70:46:
  • 9A:B0:F7:13:07:86:EB:B2:DB:98:2E:E2:E7:C3:FC:AA:
  • A7:A9:4D:D7:02:21:00:AF:95:C3:2A:81:0F:14:8F:AC:
  • 61:F2:A0:FF:EE:67:31:0E:CD:0D:6B:3A:D0:3A:39:0A:
  • 3E:08:21:30:7F:E6:D7

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.server.ist-immer-online.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.server.ist-immer-online.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.server.ist-immer-online.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.server.ist-immer-online.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid