SSL-Tools

SSL check results of netcologne.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for netcologne.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 11 Apr 2024 05:09:39 +0000

We can not guarantee a secure connection to the mailservers of netcologne.de!

Please contact the operator of netcologne.de and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/netcologne.de

Servers

Incoming Mails

These servers are responsible for incoming mails to @netcologne.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
cc-mx2.netcologne.de
2001:4dd0:100:1062:25:3::2
Results incomplete
10
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
2 s
cc-mx2.netcologne.de
89.1.8.142
 10
supported
cc-mx2.netcologne.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
cc-mx3.netcologne.de
2001:4dd0:100:1062:25:3::3
Results incomplete
10
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
cc-mx3.netcologne.de
89.1.8.143
 10
supported
cc-mx3.netcologne.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
cc-mx4.netcologne.de
2001:4dd0:100:1062:25:3::4
Results incomplete
10
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
2 s
cc-mx4.netcologne.de
89.1.8.144
 10
supported
cc-mx4.netcologne.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s
cc-mx1.netcologne.de
2001:4dd0:100:1062:25:3::1
Results incomplete
10
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
cc-mx1.netcologne.de
89.1.8.141
 10
supported
cc-mx1.netcologne.de
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s

Outgoing Mails

We have received emails from these servers with @netcologne.de sender addresses. Test mail delivery

Host TLS Version & Cipher
cc-smtpout2.netcologne.de (89.1.8.212)
TLSv1.3 TLS_AES_256_GCM_SHA384
cc-smtpout1.netcologne.de (IPv6:2001:4dd0:100:1062:25:2:0:1)
TLSv1.3 TLS_AES_256_GCM_SHA384

Certificates

First seen at:

CN=cc-mx2.netcologne.de

Certificate chain
  • cc-mx2.netcologne.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • cc-mx2.netcologne.de
Alternative Names
  • cc-mx2.netcologne.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-03-19
Not valid after
2024-06-17
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
D1:B6:75:CB:44:4B:37:FE:7E:EF:2D:B4:BF:CC:28:5F:65:BD:F8:B0:46:42:75:D3:1E:D4:22:55:24:E8:86:E8
SHA1
6F:30:5B:67:42:F5:E2:F2:B6:6A:9A:59:1F:9D:E8:13:27:70:60:98
X509v3 extensions
subjectKeyIdentifier
  • 49:34:35:1C:4B:A7:A7:73:08:81:0C:D7:43:4B:81:18:8D:D2:96:EE
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
  • 67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
  • Timestamp : Mar 19 08:08:03.276 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:8B:A4:09:13:67:5C:53:0E:51:84:F3:
  • E8:F3:E6:E7:50:76:A7:8A:B5:C6:5E:40:DD:38:58:13:
  • 03:22:42:74:0B:02:20:1E:27:79:C3:75:B0:E9:43:E4:
  • 45:F8:66:A8:5A:A5:2A:E7:64:7F:48:2E:A8:FF:C1:F4:
  • 46:86:9B:28:E2:9E:C7
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Mar 19 08:08:03.282 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:FE:AE:06:16:D8:70:95:4D:E2:C6:E8:
  • B7:8B:DA:F6:3D:1B:FF:46:0A:F4:98:F3:19:7D:8F:12:
  • 27:EE:75:58:62:02:20:6F:0F:01:2B:2D:76:6E:8F:A5:
  • 46:1D:F8:CC:B4:A9:16:24:D9:63:F3:2B:F0:C4:94:94:
  • 61:5A:82:5B:74:C4:6C
First seen at:

CN=cc-mx3.netcologne.de

Certificate chain
  • cc-mx3.netcologne.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • cc-mx3.netcologne.de
Alternative Names
  • cc-mx3.netcologne.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-03-19
Not valid after
2024-06-17
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
7E:AB:28:34:CC:B4:D8:4C:12:F0:1F:DC:91:A6:B0:DE:E6:5F:D0:29:EC:4B:2C:3B:7C:25:1F:07:25:38:56:93
SHA1
90:E7:62:3C:5F:3B:B8:D6:12:3C:5E:9A:3C:80:E3:71:F4:45:39:A6
X509v3 extensions
subjectKeyIdentifier
  • D4:24:2C:ED:52:DC:08:8F:59:4F:5F:A4:54:A2:BD:F5:BA:D6:59:53
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Mar 19 08:08:21.210 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:FE:01:0D:FB:12:3A:E2:DE:C2:CB:7F:
  • 2C:83:F5:6D:FA:F9:D3:64:DE:08:6E:84:5B:F4:BE:CA:
  • ED:67:9E:A2:B7:02:20:53:6E:C6:BA:3C:21:D8:C8:77:
  • 31:27:9C:50:D0:7D:D5:83:2F:A3:9F:FD:CB:F6:70:77:
  • F4:B0:75:F3:AA:2A:93
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
  • 67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
  • Timestamp : Mar 19 08:08:21.782 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:87:87:C9:DB:17:BF:83:28:7D:81:B8:
  • 75:07:A7:37:C4:4F:DA:DF:41:9C:65:C3:18:E5:62:8F:
  • 62:CF:8D:6E:5E:02:21:00:AF:77:1F:52:B4:40:C6:DE:
  • C7:02:4C:86:9D:2A:4A:7E:72:5A:36:38:91:03:5B:85:
  • 21:61:F9:6A:AF:C6:29:22
First seen at:

CN=cc-mx4.netcologne.de

Certificate chain
  • cc-mx4.netcologne.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • cc-mx4.netcologne.de
Alternative Names
  • cc-mx4.netcologne.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-03-19
Not valid after
2024-06-17
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
1E:02:AE:06:FE:A9:B8:F3:A0:01:4C:FD:AC:55:ED:65:12:1D:97:4C:FC:DC:6D:78:97:85:F6:04:BD:96:DD:E4
SHA1
50:BA:4E:91:25:A1:C3:B2:E4:3C:53:51:F9:3B:BC:C5:41:E7:38:A1
X509v3 extensions
subjectKeyIdentifier
  • 13:1B:F9:11:83:32:4F:5B:38:78:03:48:4E:AE:3A:56:C0:46:40:9F
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
  • 67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
  • Timestamp : Mar 19 08:08:38.898 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:0E:B2:49:9C:43:1C:EA:75:3F:63:85:B6:
  • 5F:2F:26:3B:3A:6C:0A:8D:B1:0E:BE:D1:38:6C:FA:EF:
  • 95:0F:DC:B5:02:20:59:40:49:9F:52:A1:72:78:6A:7E:
  • E5:CF:62:F4:64:2D:FA:72:5E:EE:C2:47:C1:67:42:43:
  • D3:9B:83:66:B9:3C
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
  • 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
  • Timestamp : Mar 19 08:08:39.422 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:25:4B:F6:93:34:1E:26:86:F4:E6:0E:1C:
  • 21:27:FC:0C:F4:91:74:F2:87:B7:C3:C2:58:44:AC:A8:
  • F6:D0:F0:7E:02:21:00:9B:D3:E9:54:86:12:21:0F:F8:
  • F7:4A:3F:80:28:E7:E6:0C:6A:62:D5:22:96:92:C3:A9:
  • A9:40:AA:52:CF:12:FD
First seen at:

CN=cc-mx1.netcologne.de

Certificate chain
  • cc-mx1.netcologne.de
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • cc-mx1.netcologne.de
Alternative Names
  • cc-mx1.netcologne.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-03-19
Not valid after
2024-06-17
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
29:92:D4:D5:6B:A1:7D:B0:3D:FA:50:9C:9D:21:83:DB:AA:8E:3B:4F:EB:47:51:6D:96:F6:ED:09:5C:69:49:3C
SHA1
2A:36:55:58:AF:07:FA:CD:DC:3D:77:0D:D9:8C:4E:C6:FA:05:36:34
X509v3 extensions
subjectKeyIdentifier
  • 0D:27:A4:8E:09:68:5A:38:A2:6B:E4:B1:7E:4C:DF:76:E5:D6:8A:8B
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
  • 67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
  • Timestamp : Mar 19 08:07:47.860 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:45:DC:57:A1:AD:F0:85:D4:9D:38:EA:D2:
  • 05:42:EF:C4:CD:6A:C9:DA:DF:4D:EC:CE:B4:87:4B:80:
  • C2:82:26:7B:02:21:00:91:05:6D:B5:4C:AC:EA:ED:D7:
  • 3A:E3:FE:5F:2F:F3:0F:7A:E0:C4:DD:8F:5E:EC:A4:14:
  • 68:D1:FC:53:AC:79:33
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
  • 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
  • Timestamp : Mar 19 08:07:47.865 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:F7:AA:71:FA:DC:62:D1:A4:49:7E:A3:
  • AF:29:E3:E8:91:84:54:F4:A3:B8:1A:FE:F6:91:B3:3B:
  • FC:9E:D1:BC:F2:02:20:78:40:FE:AE:77:FC:E8:03:1D:
  • 4A:BC:66:C3:48:BC:B1:32:C7:DB:E9:D5:F3:77:F5:00:
  • C6:D2:CB:FE:E2:B4:DB