SSL-Tools

SSL check results of nyk.sk

NEW You can also bulk check multiple servers.

Discover if the mail servers for nyk.sk can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 15 Feb 2025 01:33:06 +0000

We can not guarantee a secure connection to the mailservers of nyk.sk!

Please contact the operator of nyk.sk and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/nyk.sk

Servers

Incoming Mails

These servers are responsible for incoming mails to @nyk.sk addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
relay.itpoint.sk
195.28.76.4
 10
supported
relay.itpoint.sk
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
3 s
mx.junkemailfilter.com
184.105.182.183
 30
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
10 s
mx.junkemailfilter.net
184.105.182.40
 35
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
8 s
mx.junkemailfilter.net
184.105.182.41
 35
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
7 s
mx.junkemailfilter.org
184.105.182.224
 50
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
30 s
mx.junkemailfilter.org
184.105.182.225
 50
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
28 s
mx.junkemailfilter.org
184.105.182.223
 50
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
28 s
mx.junkemailfilter.org
184.105.182.214
 50
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
29 s
mx.junkemailfilter.org
184.105.182.213
Results incomplete
50
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mx.junkemailfilter.org
184.105.182.215
Results incomplete
50
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s

Outgoing Mails

We have not received any emails from a @nyk.sk address so far. Test mail delivery

Certificates

First seen at:

CN=junkemailfilter.com

Certificate chain
  • junkemailfilter.com
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
    • Hostname Mismatch
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • junkemailfilter.com
Alternative Names
  • *.junkemailfilter.com
  • junkemailfilter.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2024-12-18
Not valid after
2025-03-18
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
99:B5:9E:41:0D:F6:68:6F:C6:15:25:07:C9:C0:0D:FD:F8:28:5C:7F:E2:8D:63:9E:F4:7F:9E:3B:A9:1C:95:45
SHA1
1E:2B:2A:BF:59:D1:2F:4C:31:BA:68:35:CA:3E:78:C1:6A:51:7E:17
X509v3 extensions
subjectKeyIdentifier
  • BE:ED:0B:12:1E:11:D5:4E:1E:05:3B:68:4D:93:60:29:68:2B:95:EA
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : Dec 18 11:49:00.617 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:64:EE:DE:6F:93:C2:BA:E0:58:B3:E2:13:
  • 2B:10:23:12:C0:D2:5E:0C:B2:86:AF:C9:0F:49:DB:B5:
  • 4B:9A:1D:62:02:20:1E:9E:0A:F1:E8:F4:A0:C0:2D:ED:
  • 86:E8:43:50:D6:72:05:12:C1:B1:3D:23:3A:3F:D8:BA:
  • D1:D0:F5:4F:52:92
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
  • 1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
  • Timestamp : Dec 18 11:49:00.604 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:E0:07:19:A5:FF:0D:48:6F:D4:88:E6:
  • 7D:DF:B0:53:8E:54:1A:F8:3D:CF:E6:6C:D2:CA:C7:E4:
  • 56:63:9A:AB:6A:02:21:00:A0:78:8A:78:2C:D6:C1:B8:
  • 73:25:8E:FD:AB:1E:38:F3:9D:52:D3:25:C5:1C:52:31:
  • 62:88:DD:63:FF:37:A2:8E
First seen at:

CN=relay.itpoint.sk

Certificate chain
  • relay.itpoint.sk
    • remaining
    • 256 bit
    • ecdsa-with-SHA384
      • E6
        • remaining
        • 384 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • relay.itpoint.sk
Alternative Names
  • relay.itpoint.sk
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • E6
validity period
Not valid before
2025-01-19
Not valid after
2025-04-19
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
9E:E2:84:F8:0D:3E:9B:FA:34:A5:49:02:20:32:DB:78:BD:9C:57:86:96:0F:E8:B2:B2:05:C3:37:51:E6:A6:C3
SHA1
95:EB:07:5A:4D:F3:21:97:8F:85:86:D5:E1:A4:54:85:5B:0C:C8:F5
X509v3 extensions
subjectKeyIdentifier
  • 4A:E6:16:BC:26:88:E4:4D:6B:6C:15:36:F6:6B:FD:94:9E:E0:AF:87
authorityKeyIdentifier
  • keyid:93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2
authorityInfoAccess
  • OCSP - URI:http://e6.o.lencr.org
  • CA Issuers - URI:http://e6.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
  • D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
  • Timestamp : Jan 19 19:02:04.012 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:41:4A:B0:DD:55:4F:BE:61:EB:36:9B:D4:
  • 52:A3:B8:44:30:9C:80:C2:11:AF:76:A1:38:9B:53:FC:
  • D2:3D:A7:E9:02:21:00:F3:3F:C2:D6:5C:14:DE:68:5E:
  • D4:68:D1:58:EA:34:90:61:8B:72:D2:DC:11:58:82:51:
  • 5F:53:4C:4B:81:48:1C
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
  • D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
  • Timestamp : Jan 19 19:02:04.010 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:52:30:83:8F:BE:FE:DA:FB:71:C3:76:FC:
  • 47:83:EB:2A:D0:F8:4A:50:57:64:6C:00:9C:49:4B:E9:
  • DB:42:52:F7:02:21:00:BE:CC:C5:D4:B8:A6:33:18:BE:
  • B0:83:70:23:15:35:46:BB:A7:44:C2:3F:94:02:27:4C:
  • 1B:B7:AF:52:97:3D:10