SSL check results of zelx.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for zelx.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Mon, 22 Feb 2021 13:27:47 +0000

The mailservers of zelx.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @zelx.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
zelx.de
2a01:238:4203:5300:b5b5:7023:a56d:1b33
Results incomplete
10 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
zelx.de
81.169.137.219
10
supported
zelx.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
17 s
zelx.de
2a01:238:4203:5300:b5b5:7023:a56d:1b33
Results incomplete
20 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
zelx.de
81.169.137.219
20
supported
zelx.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
16 s

Outgoing Mails

We have received emails from these servers with @zelx.de sender addresses. Test mail delivery

Host TLS Version & Cipher
server.zelx.de (81.169.200.227)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=zelx.de

Certificate chain
  • zelx.de
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption

      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption

          • DST Root CA X3 (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha1WithRSAEncryption

Subject
Common Name (CN)
  • zelx.de
Alternative Names
  • *.zelx.de
  • zelx.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2021-02-07
Not valid after
2021-05-08
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
C9:0C:EB:02:9B:A4:1B:E7:CC:41:0E:9A:C5:3D:47:4F:C1:F8:09:FA:58:93:8E:40:6A:AC:EE:5C:DF:23:31:A7
SHA1
B4:B2:F8:6C:30:9F:89:D6:F9:1E:48:38:06:AA:FB:85:EB:22:23:DD
X509v3 extensions
subjectKeyIdentifier
  • 0F:94:9C:28:E8:9B:93:19:6B:0A:8B:38:61:FC:2D:CD:EC:21:CF:4D
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 94:20:BC:1E:8E:D5:8D:6C:88:73:1F:82:8B:22:2C:0D:
  • D1:DA:4D:5E:6C:4F:94:3D:61:DB:4E:2F:58:4D:A2:C2
  • Timestamp : Feb 7 11:04:26.342 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:FF:44:E4:17:01:E8:1D:8C:A4:51:35:
  • F0:D1:9B:61:A9:CF:63:D0:C3:D4:A7:A7:16:AD:97:99:
  • F3:E1:E8:E3:F8:02:21:00:AD:79:06:5A:F8:44:59:EC:
  • 92:42:62:55:55:EA:A7:86:82:89:68:9E:8B:18:B8:1C:
  • 69:D5:85:AC:F2:F9:87:A7
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
  • 79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
  • Timestamp : Feb 7 11:04:26.404 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:6A:5C:15:F4:54:C6:14:0A:FA:72:1D:10:
  • 14:D3:5E:D4:F6:C4:2B:52:CD:25:15:58:0B:BF:19:1B:
  • BE:13:38:00:02:20:21:E9:F8:0C:F0:1B:DC:E2:32:40:
  • 01:20:C2:E5:A0:CB:AD:CF:B2:29:DF:C6:DB:97:FF:89:
  • C5:7A:DA:38:4D:64