SSL-Tools

SSL check results of spyra.rocks

NEW You can also bulk check multiple servers.

Discover if the mail servers for spyra.rocks can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 13 Mar 2025 07:15:03 +0000

The mailservers of spyra.rocks can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @spyra.rocks addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.spyra.rocks
2a01:239:32e:c100::
 10
supported
spyra.rocks
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mail.spyra.rocks
212.227.143.87
 10
supported
spyra.rocks
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @spyra.rocks address so far. Test mail delivery

Certificates

First seen at:

CN=spyra.rocks

Certificate chain
  • spyra.rocks
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R10
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • spyra.rocks
Alternative Names
  • *.spyra.rocks
  • spyra.rocks
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R10
validity period
Not valid before
2025-01-21
Not valid after
2025-04-21
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
E3:C9:0F:C3:80:A7:1C:B5:E4:11:CF:7A:5B:59:43:66:AA:82:38:61:6F:0A:5D:48:F4:F1:3D:EA:4D:7A:01:A3
SHA1
C5:5D:0E:15:23:DB:8D:AC:95:CF:2D:BB:F3:BF:50:6F:3E:39:73:18
X509v3 extensions
subjectKeyIdentifier
  • 29:E7:2B:59:3C:18:3C:7A:E0:0B:EF:8E:56:25:D6:56:7E:BD:0E:D0
authorityKeyIdentifier
  • keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
authorityInfoAccess
  • OCSP - URI:http://r10.o.lencr.org
  • CA Issuers - URI:http://r10.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
  • D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
  • Timestamp : Jan 21 01:40:23.905 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:66:50:6F:E4:C0:E5:3B:3B:19:80:1F:BC:
  • E7:85:16:24:38:14:BB:92:28:FF:47:C4:B1:D3:05:E1:
  • 9A:CF:D2:D7:02:20:66:BC:32:5A:9C:DF:B5:31:33:E3:
  • 6F:FD:05:60:A3:1D:84:04:85:35:50:C6:06:13:D3:51:
  • 4A:16:18:66:1E:44
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : Jan 21 01:40:23.924 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:3B:F4:30:90:7A:FE:1B:97:7A:1F:54:00:
  • 6B:C1:FB:AF:93:C5:16:A5:DA:48:04:02:D8:05:DA:73:
  • 33:8A:8C:02:02:21:00:FE:CC:CC:BA:2A:32:4D:33:A3:
  • 9A:EB:82:79:C4:F1:96:EA:CF:96:4F:C9:A9:9B:C4:E3:
  • 75:A4:33:06:45:12:39

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.spyra.rocks
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid