SSL-Tools

SSL check results of gfkify.org

NEW You can also bulk check multiple servers.

Discover if the mail servers for gfkify.org can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 25 Apr 2024 23:54:57 +0000

The mailservers of gfkify.org can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @gfkify.org addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx.doreen.srvgd.de
2a03:4000:52:af4:d4a8:87ff:fe7d:3384
 10
supported
mx.doreen.srvgd.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
8 s
mx.doreen.srvgd.de
202.61.240.87
 10
supported
mx.doreen.srvgd.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
5 s

Outgoing Mails

We have not received any emails from a @gfkify.org address so far. Test mail delivery

Certificates

First seen at:

CN=mx.doreen.srvgd.de

Certificate chain
Subject
Common Name (CN)
  • mx.doreen.srvgd.de
Alternative Names
  • mx.doreen.srvgd.de
Issuer
Country (C)
  • AT
Organization (O)
  • ZeroSSL
Common Name (CN)
  • ZeroSSL ECC Domain Secure Site CA
validity period
Not valid before
2024-03-01
Not valid after
2024-05-30
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
1C:6B:FB:13:35:A5:84:E0:63:DF:59:3B:60:1C:2F:C8:08:E8:15:E5:39:61:09:62:50:83:FA:AE:10:34:24:54
SHA1
6A:26:18:A9:C7:70:7C:46:8F:C4:04:80:E6:1E:12:86:2F:EA:A6:72
X509v3 extensions
authorityKeyIdentifier
  • keyid:0F:6B:E6:4B:CE:39:47:AE:F6:7E:90:1E:79:F0:30:91:92:C8:5F:A3
subjectKeyIdentifier
  • 56:80:39:FB:0C:E9:20:BF:C4:F8:D0:EE:66:D0:1F:5A:CA:7F:2E:29
certificatePolicies
  • Policy: 1.3.6.1.4.1.6449.1.2.2.78
  • CPS: https://sectigo.com/CPS
  • Policy: 2.23.140.1.2.1
authorityInfoAccess
  • CA Issuers - URI:http://zerossl.crt.sectigo.com/ZeroSSLECCDomainSecureSiteCA.crt
  • OCSP - URI:http://zerossl.ocsp.sectigo.com
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
  • B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
  • Timestamp : Mar 1 23:39:13.466 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:95:9C:61:B8:E3:45:7A:67:5B:FD:76:
  • 2D:B3:31:F8:31:55:51:FF:21:3E:2D:DA:8C:89:A3:21:
  • EA:33:B0:38:72:02:20:6A:74:E2:45:73:79:27:D9:34:
  • A8:01:7F:C9:AD:50:0F:32:CE:4E:F2:20:20:C0:EB:71:
  • B3:69:7B:B9:47:EF:B8
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
  • 67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
  • Timestamp : Mar 1 23:39:13.584 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:28:BB:8E:52:75:EA:23:89:1D:01:63:8A:
  • 21:22:B5:75:A4:9B:46:AE:54:8A:8F:49:26:AE:FD:6A:
  • B5:84:A2:4F:02:21:00:DA:AF:BA:8C:F4:2D:17:B4:04:
  • FB:6E:AD:C6:58:C5:22:50:52:F1:8F:73:BD:76:BD:E0:
  • DE:E4:52:46:0A:CD:E2

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx.doreen.srvgd.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid