SSL check results of terpotiz.net

NEW You can also bulk check multiple servers.

Discover if the mail servers for terpotiz.net can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Sat, 08 Dec 2018 13:13:06 +0000

The mailservers of terpotiz.net can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @terpotiz.net addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
server.terpotiz.net
2a06:1c40:3::228
1
supported
terpotiz.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
5 s
server.terpotiz.net
37.228.132.228
1
supported
terpotiz.net
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
5 s
server.abinferis.com
2a06:1c40::3d7
100
supported
abinferis.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
4 s
server.abinferis.com
185.101.94.165
100
supported
abinferis.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
4 s

Outgoing Mails

We have received emails from these servers with @terpotiz.net sender addresses. Test mail delivery

Host TLS Version & Cipher
mail-wr0-x232.google.com (IPv6:2a00:1450:400c:c0c::232)
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
server.terpotiz.net (37.228.132.228)
Insecure - not encrypted!
server.terpotiz.net (IPv6:2a06:1c40::3d7)
Insecure - not encrypted!
server.terpotiz.net (IPv6:2a06:1c40:3::228)
Insecure - not encrypted!

Certificates

First seen at:

CN=terpotiz.net

Certificate chain
Subject
Common Name (CN)
  • terpotiz.net
Alternative Names
  • admin.terpotiz.net
  • autoconfig.terpotiz.net
  • autodiscover.terpotiz.net
  • cloud.terpotiz.net
  • dns1.terpotiz.net
  • dns2.terpotiz.net
  • ftp.terpotiz.net
  • imap.terpotiz.net
  • m.terpotiz.net
  • mail.terpotiz.net
  • ns1.terpotiz.net
  • ns2.terpotiz.net
  • pop.terpotiz.net
  • server.terpotiz.net
  • smtp.terpotiz.net
  • terpotiz.net
  • webmail.terpotiz.net
  • www.terpotiz.net
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • Let's Encrypt Authority X3
validity period
Not valid before
2018-11-23
Not valid after
2019-02-21
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
49:0F:ED:80:07:2F:E5:A8:A0:30:0B:44:56:94:0A:F6:43:C4:DA:5D:7B:96:55:62:74:96:E6:B5:8C:D3:5B:8D
SHA1
5B:E8:8F:92:08:88:C3:5D:93:54:1E:2B:4D:B4:23:70:65:74:67:8C
X509v3 extensions
subjectKeyIdentifier
  • F0:0A:F1:CC:A2:99:4C:25:FD:7E:BE:E3:C4:85:47:70:CC:F9:1B:9F
authorityKeyIdentifier
  • keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
authorityInfoAccess
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 74:7E:DA:83:31:AD:33:10:91:21:9C:CE:25:4F:42:70:
  • C2:BF:FD:5E:42:20:08:C6:37:35:79:E6:10:7B:CC:56
  • Timestamp : Nov 23 05:56:20.872 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:8D:3D:29:7D:5B:1E:3D:0D:AB:F2:0E:
  • 5F:71:D9:BB:08:16:EB:B9:78:EB:AE:F4:1B:1B:54:59:
  • FA:5A:C8:CD:DC:02:20:0F:99:4C:EB:4E:18:A9:EF:D6:
  • 13:30:8D:9A:08:CA:6B:A0:FE:06:E1:C7:BB:E7:EE:C4:
  • ED:1D:B4:4E:DF:14:1A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 63:F2:DB:CD:E8:3B:CC:2C:CF:0B:72:84:27:57:6B:33:
  • A4:8D:61:77:8F:BD:75:A6:38:B1:C7:68:54:4B:D8:8D
  • Timestamp : Nov 23 05:56:20.878 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:B0:C9:E0:B7:1F:49:69:C7:0D:0D:7F:
  • 8C:5E:80:9F:05:54:41:99:A5:2D:91:F2:CD:AE:76:06:
  • 27:CC:83:D2:34:02:20:20:2B:A1:4C:51:24:34:DE:1B:
  • D9:AB:60:CB:B7:B7:F9:C4:82:47:FD:F8:B5:35:8E:82:
  • FE:3E:BB:57:7B:C2:0A
First seen at:

CN=abinferis.com

Certificate chain
Subject
Common Name (CN)
  • abinferis.com
Alternative Names
  • abinferis.com
  • admin.abinferis.com
  • autoconfig.abinferis.com
  • autodiscover.abinferis.com
  • cloud.abinferis.com
  • dns1.abinferis.com
  • dns2.abinferis.com
  • ftp.abinferis.com
  • imap.abinferis.com
  • m.abinferis.com
  • mail.abinferis.com
  • ns1.abinferis.com
  • ns2.abinferis.com
  • pop.abinferis.com
  • server.abinferis.com
  • smtp.abinferis.com
  • webmail.abinferis.com
  • www.abinferis.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • Let's Encrypt Authority X3
validity period
Not valid before
2018-11-18
Not valid after
2019-02-16
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
9A:2F:94:20:45:9B:33:2E:BF:BD:9B:07:D1:16:1F:AA:FB:B4:8B:82:FF:36:9C:B2:85:E2:7F:03:90:FC:DA:7D
SHA1
D2:B0:3E:50:17:2B:FE:3F:BE:96:64:0A:02:17:33:C9:2B:19:9D:0C
X509v3 extensions
subjectKeyIdentifier
  • B5:2D:67:0C:08:F6:B2:E3:3E:50:F2:75:9D:73:94:8F:18:9D:CD:46
authorityKeyIdentifier
  • keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
authorityInfoAccess
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 74:7E:DA:83:31:AD:33:10:91:21:9C:CE:25:4F:42:70:
  • C2:BF:FD:5E:42:20:08:C6:37:35:79:E6:10:7B:CC:56
  • Timestamp : Nov 18 08:30:34.479 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:62:74:A1:15:4A:87:6C:A1:0D:39:C7:D9:
  • A7:9B:36:AF:73:0E:A8:E7:B0:59:24:BB:6D:D4:D5:3F:
  • A7:5E:66:65:02:21:00:90:02:32:C1:2C:3F:49:1B:A3:
  • F2:63:14:08:DA:1D:FF:9A:A2:26:AF:F1:0D:14:7F:90:
  • B6:A4:47:4E:37:13:BF
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 63:F2:DB:CD:E8:3B:CC:2C:CF:0B:72:84:27:57:6B:33:
  • A4:8D:61:77:8F:BD:75:A6:38:B1:C7:68:54:4B:D8:8D
  • Timestamp : Nov 18 08:30:34.502 2018 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:EF:18:B0:7A:73:0F:ED:4A:F7:C9:99:
  • 36:DC:26:43:AB:00:A1:D4:C6:7D:7B:D0:CF:0E:CA:B2:
  • F3:7A:5F:85:34:02:20:3C:52:02:E7:B9:68:25:CA:F3:
  • 95:F6:F9:8C:54:86:47:D0:82:65:9C:53:59:1D:9A:A6:
  • 4C:AF:19:C3:3C:7E:2A

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.server.terpotiz.net
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.server.terpotiz.net
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.server.abinferis.com
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.server.abinferis.com
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid