SSL-Tools

SSL check results of semtelco.com

NEW You can also bulk check multiple servers.

Discover if the mail servers for semtelco.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 30 Apr 2024 06:06:13 +0000

No connection to the mailservers of semtelco.com could be established.

Servers

Incoming Mails

These servers are responsible for incoming mails to @semtelco.com addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.semtelco.com
2602:fabc:15:1ff2:dc54:8dae:fcbf:125
Results incomplete
10
supported
mail.semtelco.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
5 s
mail.semtelco.com
206.183.158.8
Results incomplete
10
supported
mail.semtelco.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have received emails from these servers with @semtelco.com sender addresses. Test mail delivery

Host TLS Version & Cipher
mail.semtelco.com (208.115.112.248)
TLSv1.2 AECDH-AES256-SHA

Certificates

First seen at:

CN=mail.semtelco.com

Certificate chain
  • mail.semtelco.com
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.semtelco.com
Alternative Names
  • mail.semtelco.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-03-05
Not valid after
2024-06-03
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
26:BB:62:C5:F8:DF:39:3B:3D:E3:CB:50:5A:2B:EA:43:ED:03:79:C2:D0:2A:77:1F:91:39:DC:27:45:F1:8A:C0
SHA1
DF:83:3A:C3:8C:66:91:DF:29:3E:75:B2:00:54:D9:C4:F6:9E:34:7E
X509v3 extensions
subjectKeyIdentifier
  • 50:66:3A:E9:D9:A0:9A:44:B0:EB:9E:E8:A4:6D:6A:13:A1:0A:C1:A6
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
  • 67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
  • Timestamp : Mar 5 02:24:02.310 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:4E:69:E0:89:A4:63:2A:E9:EE:2C:65:F0:
  • 55:A6:30:8F:0F:16:6E:6F:2C:10:D9:D0:62:59:FE:BA:
  • 6F:E5:C2:4D:02:21:00:A7:D3:5C:50:44:72:96:EE:7A:
  • E6:94:2A:BA:6C:4A:1E:68:8B:48:24:C5:5B:9C:0D:43:
  • EF:BB:A9:EF:AB:03:C2
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Mar 5 02:24:03.313 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:C6:4C:00:E7:6E:87:5B:B8:51:D4:70:
  • BB:C1:4A:36:23:57:C0:F9:F8:68:6A:74:A1:04:EA:78:
  • 5F:38:2D:F5:70:02:20:3A:55:4C:56:51:77:19:31:91:
  • 6E:6E:68:22:48:E3:D3:E5:8E:CC:43:CB:E3:9A:85:F7:
  • 8A:D4:45:CC:5B:2F:3B
tlsfeature
  • status_request

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.semtelco.com
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid