SSL-Tools

SSL check results of kuhost.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for kuhost.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 06 Jul 2020 12:06:06 +0000

The mailservers of kuhost.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @kuhost.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
pim.kuhost.de
2a01:4f8:c17:9996::1
 10
supported
pim.kuhost.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
5 s
pim.kuhost.de
78.46.182.204
 10
supported
pim.kuhost.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
5 s
mgw1.kompeton.net
148.251.137.26
 50
supported
mgw1.kompeton.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
8 s

Outgoing Mails

We have received emails from these servers with @kuhost.de sender addresses. Test mail delivery

Host TLS Version & Cipher
mgw1.kompeton.net (148.251.137.26)
TLSv1.2 ADH-AES256-GCM-SHA384

Certificates

First seen at:

CN=mgw1.kompeton.net

Certificate chain
Subject
Common Name (CN)
  • mgw1.kompeton.net
Alternative Names
  • mgw1.kompeton.net
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • Let's Encrypt Authority X3
validity period
Not valid before
2020-05-20
Not valid after
2020-08-18
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
AA:33:8B:59:76:58:4B:EA:15:FB:5F:40:B9:20:62:BB:AF:03:AC:1F:08:A1:3F:32:33:91:D2:92:C2:6A:6F:54
SHA1
AC:57:77:82:59:46:C3:47:8F:C3:45:CB:D3:38:63:16:49:C6:B8:1F
X509v3 extensions
subjectKeyIdentifier
  • 23:34:DA:9F:72:3A:8D:CD:5F:36:42:9D:A7:8E:BC:45:94:32:79:7A
authorityKeyIdentifier
  • keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
authorityInfoAccess
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E7:12:F2:B0:37:7E:1A:62:FB:8E:C9:0C:61:84:F1:EA:
  • 7B:37:CB:56:1D:11:26:5B:F3:E0:F3:4B:F2:41:54:6E
  • Timestamp : May 20 03:46:35.955 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:A6:37:15:0E:71:05:60:72:24:18:83:
  • 17:4B:8C:E7:E5:F1:62:5E:1A:54:A4:DB:5D:D2:A9:BE:
  • 46:04:4A:A8:52:02:21:00:AD:2C:DD:43:A5:37:2B:34:
  • 8C:E2:C6:B7:69:A2:75:2E:55:AF:8B:A5:7F:A0:28:41:
  • 1E:9A:76:C8:86:BD:82:E2
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 07:B7:5C:1B:E5:7D:68:FF:F1:B0:C6:1D:23:15:C7:BA:
  • E6:57:7C:57:94:B7:6A:EE:BC:61:3A:1A:69:D3:A2:1C
  • Timestamp : May 20 03:46:35.996 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:CD:E2:70:86:75:34:13:8B:7A:5E:FC:
  • 00:FB:BD:B6:F5:C0:4C:2A:AB:97:7C:B8:09:73:B2:02:
  • 2A:9C:54:31:F5:02:20:3C:BA:D3:9B:B1:1A:97:F9:45:
  • 43:0A:02:91:5E:E1:91:A3:D2:84:FB:C6:C6:AA:4B:EF:
  • B8:5F:CE:61:FE:52:19
First seen at:

CN=pim.kuhost.de

Certificate chain
Subject
Common Name (CN)
  • pim.kuhost.de
Alternative Names
  • pim.kuhost.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • Let's Encrypt Authority X3
validity period
Not valid before
2020-07-05
Not valid after
2020-10-03
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
70:20:59:29:0C:83:81:37:A8:B9:DF:C0:DE:B0:4B:A9:83:00:ED:1C:49:C8:85:B0:C3:B6:AC:7A:9B:C0:33:19
SHA1
F7:9A:EE:E1:EC:75:D9:2E:9F:80:42:95:1F:C0:BB:E4:8B:39:B6:F9
X509v3 extensions
subjectKeyIdentifier
  • 95:88:E7:8C:C8:1B:59:74:C2:8F:EE:5D:2B:5B:8C:F0:D4:FE:E1:AF
authorityKeyIdentifier
  • keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
authorityInfoAccess
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • Policy: 1.3.6.1.4.1.44947.1.1.1
  • CPS: http://cps.letsencrypt.org
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : F0:95:A4:59:F2:00:D1:82:40:10:2D:2F:93:88:8E:AD:
  • 4B:FE:1D:47:E3:99:E1:D0:34:A6:B0:A8:AA:8E:B2:73
  • Timestamp : Jul 5 18:59:37.830 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:8A:AA:81:AC:67:A0:60:AB:E3:30:D8:
  • 18:11:02:0B:27:7F:ED:D5:D6:15:17:07:00:7E:0D:19:
  • 60:0F:15:A8:1A:02:21:00:9A:A2:28:2B:EE:2A:53:E9:
  • BC:33:3F:30:22:11:A7:9F:A4:D3:2A:2B:7D:F6:B8:67:
  • 45:0B:2F:96:A1:07:73:42
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 07:B7:5C:1B:E5:7D:68:FF:F1:B0:C6:1D:23:15:C7:BA:
  • E6:57:7C:57:94:B7:6A:EE:BC:61:3A:1A:69:D3:A2:1C
  • Timestamp : Jul 5 18:59:37.875 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:21:91:0D:0A:9D:75:0E:3F:0B:A3:0F:4F:
  • 7C:BC:61:0F:ED:AC:F6:F2:A8:70:B0:57:72:79:55:CB:
  • 61:E2:53:B8:02:21:00:95:32:1F:EF:F1:C6:AD:11:24:
  • B5:C0:88:F6:05:6B:5F:B4:E2:CA:75:2E:72:1A:DF:44:
  • 4D:56:D4:1D:C4:63:BA

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.pim.kuhost.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid