SSL-Tools

SSL check results of hard.email

NEW You can also bulk check multiple servers.

Discover if the mail servers for hard.email can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 15 Apr 2024 17:49:09 +0000

We can not guarantee a secure connection to the mailservers of hard.email!

Please contact the operator of hard.email and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/hard.email

Servers

Incoming Mails

These servers are responsible for incoming mails to @hard.email addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
secure.hard.email
2a05:dfc1:7f00:1f::a
 0
supported
secure.hard.email
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
secure.hard.email
207.2.121.46
 0
supported
secure.hard.email
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
3 s
reliable.hard.email
2602:f953:6:6::a
Results incomplete
20
supported
not checked
DANE
errors
PFS
not checked
Heartbleed
not vulnerable
Weak ciphers
not checked
2 s
reliable.hard.email
104.234.231.135
Results incomplete
20
supported
not checked
DANE
errors
PFS
not checked
Heartbleed
not vulnerable
Weak ciphers
not checked
2 s

Outgoing Mails

We have not received any emails from a @hard.email address so far. Test mail delivery

Certificates

First seen at:

CN=secure.hard.email

Certificate chain
  • secure.hard.email
    • remaining
    • 384 bit
    • sha256WithRSAEncryption
      • R3
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • secure.hard.email
Alternative Names
  • admin.hard.email
  • hard.email
  • mta-sts.hard.email
  • secure.hard.email
  • web.hard.email
  • www.hard.email
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R3
validity period
Not valid before
2024-04-10
Not valid after
2024-07-09
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
BA:77:BE:75:86:99:52:71:E6:CB:E5:B7:33:59:4A:A8:86:7A:D7:EF:DF:88:EF:62:A4:62:71:78:81:B3:DC:4A
SHA1
06:51:92:DC:A5:98:38:38:E2:44:2C:5D:3B:D6:10:D1:C4:AA:BE:A3
X509v3 extensions
subjectKeyIdentifier
  • CD:3C:3A:87:1D:DC:65:A2:9B:5F:80:91:27:BB:05:CD:1E:7F:FC:DD
authorityKeyIdentifier
  • keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
authorityInfoAccess
  • OCSP - URI:http://r3.o.lencr.org
  • CA Issuers - URI:http://r3.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
  • ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
  • Timestamp : Apr 10 17:30:25.859 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:6D:D5:3B:9B:7D:D5:9D:B1:47:21:7E:9E:
  • A8:3F:1F:33:3A:47:2B:36:DE:CF:46:43:54:D4:B2:BA:
  • F3:7F:FF:56:02:20:7C:84:35:4A:E1:9E:CE:5E:70:3B:
  • 29:A5:16:8B:79:6D:B3:D2:01:C5:15:DA:0F:AF:E3:30:
  • CF:97:40:E7:9F:F9
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
  • 83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
  • Timestamp : Apr 10 17:30:25.876 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:BE:A2:31:FD:73:92:79:06:89:F9:3A:
  • C5:FD:5C:D2:6F:A5:5F:07:5B:96:E1:C6:96:63:9D:C3:
  • 59:F2:EB:51:F7:02:21:00:E2:94:2C:FF:CB:28:3F:6D:
  • 22:D1:7C:C3:C6:24:D2:E8:84:C8:A0:FD:DA:94:44:BA:
  • 97:D5:EB:2E:A7:A0:AA:9D

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.secure.hard.email
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.secure.hard.email
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.reliable.hard.email
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.reliable.hard.email
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid