SSL check results of xela.codes

NEW You can also bulk check multiple servers.

Discover if the mail servers for xela.codes can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Sun, 19 Jul 2026 00:31:13 +0000

The mailservers of xela.codes can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @xela.codes addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.xela.codes
2a0a:4cc0:2000:a0bb::1
10
supported
mail.xela.codes
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
10 s
mail.xela.codes
152.53.171.231
10
supported
mail.xela.codes
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
6 s

Outgoing Mails

We have not received any emails from a @xela.codes address so far. Test mail delivery

Certificates

First seen at:

CN=mail.xela.codes

Certificate chain
  • mail.xela.codes
    • remaining
    • 256 bit
    • ecdsa-with-SHA384

      • YE2
        • remaining
        • 384 bit
        • ecdsa-with-SHA384

          • Root YE
            • remaining
            • 384 bit
            • ecdsa-with-SHA384

              • ISRG Root X2 (Certificate is self-signed.)
                • remaining
                • 384 bit
                • ecdsa-with-SHA384

Subject
Common Name (CN)
  • mail.xela.codes
Alternative Names
  • autoconfig.xela.codes
  • autodiscover.xela.codes
  • mail.xela.codes
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • YE2
validity period
Not valid before
2026-06-28
Not valid after
2026-09-26
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
Fingerprints
SHA256
23:03:38:9B:F2:74:E0:E6:C4:39:B6:F7:9B:E6:C3:AD:02:51:E7:02:2A:CC:EF:23:68:12:D0:AC:60:A8:B7:91
SHA1
6C:A8:9D:CC:18:29:0E:18:35:1A:B7:95:A4:EC:E9:5D:53:7E:49:97
X509v3 extensions
subjectKeyIdentifier
  • A2:A7:40:17:BD:0D:8F:3C:86:E5:A4:4A:37:0F:C8:40:0A:14:8B:CA
authorityKeyIdentifier
  • keyid:B9:59:F2:8E:CF:22:F0:86:D3:37:48:FF:76:14:18:BA:82:D8:55:87
authorityInfoAccess
  • CA Issuers - URI:http://ye2.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://ye2.c.lencr.org/2.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : C2:31:7E:57:45:19:A3:45:EE:7F:38:DE:B2:90:41:EB:
  • C7:C2:21:5A:22:BF:7F:D5:B5:AD:76:9A:D9:0E:52:CD
  • Timestamp : Jun 28 05:10:18.656 2026 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:38:89:F5:A3:E4:7D:99:FC:D6:01:FC:3F:
  • 10:06:4C:CB:FE:42:93:CB:AD:DA:F3:4F:1D:96:FC:BA:
  • B9:EB:03:24:02:21:00:9B:2A:0C:0D:61:B7:35:04:81:
  • DB:5C:95:C5:D2:FD:0C:90:58:5B:12:3C:E7:DF:9A:18:
  • 0B:4C:76:56:1E:30:A5
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 6C:FE:50:19:43:A8:5E:A9:16:BC:52:D1:33:E4:DC:C9:
  • 1E:F1:41:1C:7D:25:84:20:D1:73:80:9E:18:18:EB:3A
  • Timestamp : Jun 28 05:10:19.189 2026 GMT
  • Extensions: 00:00:05:00:12:6C:12:21
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:DC:2D:79:93:D0:78:19:B4:40:B8:F9:
  • F4:14:A6:43:35:3C:4C:86:80:88:6F:04:74:EC:3F:C0:
  • F8:7D:91:E8:EB:02:20:0A:8B:E4:95:24:60:4F:6B:65:
  • 95:1B:62:A3:D1:54:6C:7E:E4:28:0F:DA:B9:46:3E:65:
  • 5D:79:10:C9:AF:79:69

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.xela.codes
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid