citkin.com - TLS / STARTTLS Test

Discover if the mail servers for citkin.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 22 Jul 2025 02:57:10 +0000

Certificates

Problems found
Protocol

Secure
DANE

Missing

We can not guarantee a secure connection to the mailservers of citkin.com!

Please contact the operator of citkin.com and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/citkin.com

Servers

Incoming Mails

These servers are responsible for incoming mails to @citkin.com addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
mail.citkin.com 2a02:4780:d:4cc0::1	4	supported	mail.citkin.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2025-07-22 2 s
mail.citkin.com 181.215.69.222	4	supported	mail.citkin.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2025-07-22 2 s
mx1.hostinger.com 2606:4700:90::c1f8:f874:2386:b61f Results incomplete	5	supported	not checked	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-07-22 1 s
mx1.hostinger.com 172.65.182.103 Results incomplete	5	supported	not checked	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 ~~SSLv3~~	2025-07-22 1 s

Outgoing Mails

We have not received any emails from a @citkin.com address so far. Test mail delivery

Certificates

First seen at: 2025-07-20

CN=mail.citkin.com

Certificate chain

mail.citkin.com
- 2025-03-06 remaining
- 256 bit
- ecdsa-with-SHA384
- Expired

Subject

Common Name (CN)

mail.citkin.com

Alternative Names

mail.citkin.com

Issuer

Country (C)

Organization (O)

ZeroSSL

Common Name (CN)

ZeroSSL ECC Domain Secure Site CA

validity period

Not valid before: 2024-12-06
Not valid after: 2025-03-06

This certifcate has been verified for the following usages:

Digital Signature
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: C8:C4:14:02:BA:61:B4:F0:12:DB:2E:35:46:83:40:8E:D6:7D:CD:C5:CE:77:F6:DD:F3:EE:96:F8:33:DB:23:42
SHA1: 8F:ED:61:67:7E:61:03:13:95:D8:AB:C4:A9:81:0B:89:2A:25:07:08

X509v3 extensions

authorityKeyIdentifier

keyid:0F:6B:E6:4B:CE:39:47:AE:F6:7E:90:1E:79:F0:30:91:92:C8:5F:A3

subjectKeyIdentifier

6C:79:E8:B3:43:72:C5:21:60:E1:B3:28:8B:EF:4E:E2:2A:31:93:6B

certificatePolicies

Policy: 1.3.6.1.4.1.6449.1.2.2.78
CPS: https://sectigo.com/CPS
Policy: 2.23.140.1.2.1

authorityInfoAccess

CA Issuers - URI:http://zerossl.crt.sectigo.com/ZeroSSLECCDomainSecureSiteCA.crt
OCSP - URI:http://zerossl.ocsp.sectigo.com

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
Timestamp : Dec 6 18:01:23.664 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:9D:A3:8A:55:2F:01:EB:D2:10:02:52:
EB:48:C7:C1:2A:8D:A9:25:D6:A2:02:F2:93:3A:5E:EB:
7B:6B:D3:37:4F:02:20:58:69:C4:F5:EB:00:D7:64:C7:
C7:90:CC:3D:F3:94:14:5A:89:36:DA:E7:05:D1:35:FE:
99:B3:3D:8A:35:D1:F6
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
Timestamp : Dec 6 18:01:23.597 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:C2:6B:E2:09:28:68:A9:43:CE:09:BA:
9C:F6:46:1A:CE:C2:D2:7D:3E:E8:9C:AA:AB:C4:84:30:
D9:BE:69:FD:6E:02:20:60:C8:0F:8F:0D:E5:24:03:B3:
80:75:B1:3E:25:ED:DC:28:B5:A9:7E:0C:FC:09:7D:88:
65:8E:A9:7A:FF:AA:21

SSL check results of citkin.com