SSL check results of zelx.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for zelx.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Wed, 20 Jan 2021 10:41:08 +0000

The mailservers of zelx.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @zelx.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
zelx.de
2a01:238:4203:5300:b5b5:7023:a56d:1b33
Results incomplete
10 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
zelx.de
81.169.137.219
10
supported
zelx.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
16 s
zelx.de
2a01:238:4203:5300:b5b5:7023:a56d:1b33
Results incomplete
20 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s
zelx.de
81.169.137.219
20
supported
zelx.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
16 s

Outgoing Mails

We have received emails from these servers with @zelx.de sender addresses. Test mail delivery

Host TLS Version & Cipher
server.zelx.de (81.169.200.227)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=zelx.de

Certificate chain
  • zelx.de
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption

      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption

          • DST Root CA X3 (Certificate is self-signed.)
            • remaining
            • 2048 bit
            • sha1WithRSAEncryption

Subject
Common Name (CN)
  • zelx.de
Alternative Names
  • *.zelx.de
  • zelx.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2020-12-03
Not valid after
2021-03-03
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
DA:EC:75:F9:84:62:CC:BB:A0:7D:5B:36:34:05:14:7C:89:89:64:87:35:69:E0:DC:2B:69:9B:79:31:A8:71:F5
SHA1
DB:40:05:36:DC:69:2B:F4:15:E2:15:D8:16:A9:A0:DE:C4:66:F0:4C
X509v3 extensions
subjectKeyIdentifier
  • 94:E4:E5:9F:36:49:9F:DB:E1:4F:24:55:74:DC:F5:D1:19:F9:6F:1D
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
  • DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
  • Timestamp : Dec 3 09:12:23.678 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:15:88:D1:D3:E1:5C:CE:52:E6:7E:05:77:
  • BB:FB:9C:C0:4A:55:55:73:FE:DB:0F:62:49:5D:F7:4D:
  • D7:E5:2B:2B:02:20:0D:CE:A7:61:11:A6:68:CD:F0:EB:
  • F3:17:46:55:5D:EB:88:76:CA:3E:03:22:A8:2C:4C:8D:
  • 41:78:C6:38:4C:77
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
  • 79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
  • Timestamp : Dec 3 09:12:23.795 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:3B:14:76:8B:E5:01:51:C5:D9:B5:C9:2E:
  • 85:68:AF:BE:D6:B8:09:F3:07:9D:16:5B:ED:16:9C:E0:
  • FE:35:4C:64:02:21:00:BD:1D:29:C8:2E:0C:09:3B:64:
  • B2:12:9F:20:B3:61:FB:4F:34:85:CC:3C:B4:3A:3D:1B:
  • BE:5E:63:61:A3:DF:A0