SSL-Tools

SSL check results of znedw.com

NEW You can also bulk check multiple servers.

Discover if the mail servers for znedw.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Tue, 15 Oct 2024 20:48:27 +0000

The mailservers of znedw.com can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @znedw.com addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.znedw.com
2401:c080:1000:484b::1
 10
supported
mail.znedw.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
13 s
mail.znedw.com
45.77.16.193
 10
supported
mail.znedw.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
13 s
mail2.znedw.com
2a03:6000:6f67:635::110
 20
supported
mail2.znedw.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
4 s
mail2.znedw.com
46.23.94.110
 20
supported
mail2.znedw.com
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
4 s

Outgoing Mails

We have not received any emails from a @znedw.com address so far. Test mail delivery

Certificates

First seen at:

CN=mail.znedw.com

Certificate chain
  • mail.znedw.com
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.znedw.com
Alternative Names
  • mail.znedw.com
  • mta-sts.znedw.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2024-08-31
Not valid after
2024-11-29
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
70:50:DD:34:7B:C0:A2:A6:68:CD:23:4A:D6:26:D0:D7:F2:C6:81:35:02:ED:65:D0:1F:52:1B:6C:28:2B:27:62
SHA1
B1:07:E1:80:6D:5F:7E:63:AE:86:8F:C8:6A:AF:5C:C2:0D:4A:80:7A
X509v3 extensions
subjectKeyIdentifier
  • ED:2A:42:4D:14:7A:87:EB:BD:77:F4:3E:87:58:3E:69:AD:A9:5F:4D
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Aug 31 19:30:17.297 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:6C:F9:C2:E9:4A:0C:E6:87:C6:96:0B:48:
  • 1C:99:DA:A5:7E:72:6E:5F:2D:4F:D9:20:0A:B8:87:3B:
  • 2D:67:59:64:02:20:38:2A:79:FA:1E:53:7C:05:05:35:
  • 3B:29:71:24:9B:E4:80:2E:C5:4C:63:69:00:46:74:AF:
  • B4:B2:13:CD:7D:9B
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
  • 4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
  • Timestamp : Aug 31 19:30:17.476 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:A0:7F:92:EA:CE:AC:1F:03:46:86:08:
  • A4:0F:DF:B8:C1:88:0B:BA:97:3E:5F:0D:0D:71:45:0E:
  • 11:60:6E:86:68:02:20:21:3C:AF:9F:7C:48:E1:34:BB:
  • 46:C8:BC:B7:CB:9A:7D:6D:04:62:DE:E5:3E:FE:99:2F:
  • 4F:2C:37:86:8D:15:65
First seen at:

CN=mail2.znedw.com

Certificate chain
  • mail2.znedw.com
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R10
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail2.znedw.com
Alternative Names
  • mail2.znedw.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R10
validity period
Not valid before
2024-09-17
Not valid after
2024-12-16
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
65:88:66:EF:4F:DB:D6:FD:35:60:BB:50:40:A0:31:4E:EC:EB:8C:11:1F:4D:12:3A:4E:07:7D:FC:B6:98:5F:F2
SHA1
71:B3:22:6E:30:A0:73:71:D9:D1:C2:FF:EE:DD:01:1F:53:5A:21:75
X509v3 extensions
subjectKeyIdentifier
  • 88:A8:48:AD:AF:5F:39:2C:3C:5D:61:22:C4:BF:FD:00:93:F7:64:80
authorityKeyIdentifier
  • keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
authorityInfoAccess
  • OCSP - URI:http://r10.o.lencr.org
  • CA Issuers - URI:http://r10.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Sep 17 05:34:29.459 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:B5:E0:EB:30:0C:73:14:D2:FB:60:8A:
  • 32:D3:85:0E:5A:81:24:09:36:8D:36:47:71:09:2D:8D:
  • 30:4C:CD:40:54:02:20:00:A9:3A:24:99:E9:F9:4E:39:
  • F3:BB:1C:D8:E3:83:C8:63:13:F4:09:5C:35:D3:71:CA:
  • BF:74:6C:AE:8D:7C:BE
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
  • 83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
  • Timestamp : Sep 17 05:34:29.484 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:E8:13:40:94:85:1C:14:D4:8C:8B:5F:
  • F6:51:62:06:98:E6:C9:BD:CA:31:CB:38:C2:53:D7:2F:
  • 9A:BC:DA:99:7A:02:20:46:68:EE:89:22:54:AF:CD:BC:
  • F0:56:38:C9:4C:E3:19:1C:5E:36:FD:5E:44:A0:7B:4E:
  • 50:21:F3:C0:47:95:CF

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.znedw.com
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.mail2.znedw.com
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid