SSL-Tools

SSL check results of mail19.hi7.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for mail19.hi7.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 06 May 2026 12:49:17 +0000

The mailservers of mail19.hi7.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @mail19.hi7.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
www19.hi7.de
2001:780:228::23
 100
supported
www19.hi7.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
www19.hi7.de
213.155.66.163
 100
supported
www19.hi7.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s

Outgoing Mails

We have not received any emails from a @mail19.hi7.de address so far. Test mail delivery

Certificates

First seen at:

CN=www19.hi7.de

Certificate chain
  • www19.hi7.de
    • remaining
    • 384 bit
    • ecdsa-with-SHA384
      • E7
        • remaining
        • 384 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • www19.hi7.de
Alternative Names
  • mail19.ec-elements.com
  • mail19.hi7.de
  • www19.ec-elements.com
  • www19.hi7.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • E7
validity period
Not valid before
2026-03-30
Not valid after
2026-06-28
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
Fingerprints
SHA256
43:16:A9:C5:19:59:CF:92:50:0E:03:6E:65:15:42:3A:B3:A1:11:79:6C:32:10:2E:A4:4E:B2:96:24:BC:D1:3E
SHA1
3A:3A:F4:38:3A:D5:A3:FB:A2:D4:18:93:F1:9F:A5:E1:29:8D:2A:8A
X509v3 extensions
subjectKeyIdentifier
  • D8:DC:BA:80:83:88:DB:CF:30:6D:6F:D2:4C:4D:B2:D2:66:7B:EB:DA
authorityKeyIdentifier
  • keyid:AE:48:9E:DC:87:1D:44:A0:6F:DA:A2:E5:60:74:04:78:C2:9C:00:80
authorityInfoAccess
  • CA Issuers - URI:http://e7.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://e7.c.lencr.org/97.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A8:26:CB:E3:0A:C6:35:12:46:53:3F:E0:65:F1:4F:19:
  • D9:6E:19:08:13:C4:1D:D9:6D:79:00:B3:12:3C:55:27
  • Timestamp : Mar 30 09:07:25.497 2026 GMT
  • Extensions: 00:00:05:00:04:C5:FF:51
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:52:1D:1E:34:5D:86:44:A5:13:74:30:DB:
  • 42:D9:4F:91:3D:04:3A:EB:FD:94:56:CE:72:2F:71:48:
  • 84:B8:EF:0C:02:20:69:DD:2C:B5:EB:AA:73:B1:EC:DC:
  • D9:51:0F:CE:A0:93:C9:87:94:BD:30:53:5F:F8:76:76:
  • 77:5D:2C:74:E4:63
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : D1:6E:A9:A5:68:07:7E:66:35:A0:3F:37:A5:DD:BC:03:
  • A5:3C:41:12:14:D4:88:18:F5:E9:31:B3:23:CB:95:04
  • Timestamp : Mar 30 09:07:25.669 2026 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:2E:2C:68:A9:AA:DC:1B:AA:72:03:5E:C9:
  • C8:94:F5:C1:2F:18:70:37:C2:F4:87:B7:1B:94:DF:40:
  • BB:F6:A1:BE:02:20:79:BB:92:09:E0:6E:F6:DE:09:CE:
  • 97:8F:C2:C9:9C:30:35:C5:79:E5:B1:87:09:2D:B4:DE:
  • 2C:9E:54:90:AF:34

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.www19.hi7.de
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid