SSL-Tools

SSL check results of hitch.fr

NEW You can also bulk check multiple servers.

Discover if the mail servers for hitch.fr can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Wed, 12 Mar 2025 14:25:14 +0000

The mailservers of hitch.fr can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @hitch.fr addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
hitch.fr
2a02:c207:2024:8359::1
 1
supported
hitch.fr
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s
hitch.fr
173.212.195.68
 1
supported
hitch.fr
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @hitch.fr address so far. Test mail delivery

Certificates

First seen at:

CN=hitch.fr

Certificate chain
  • hitch.fr
    • remaining
    • 384 bit
    • ecdsa-with-SHA384
      • E6
        • remaining
        • 384 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • hitch.fr
Alternative Names
  • *.hitch.fr
  • *.wiq.fr
  • hitch.fr
  • wiq.fr
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • E6
validity period
Not valid before
2025-01-13
Not valid after
2025-04-13
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
A6:CA:4F:6E:28:F0:8F:44:63:0E:7F:F2:D9:6B:1A:A7:A5:43:B9:21:70:89:32:38:99:B3:56:B3:8E:69:1B:83
SHA1
10:A9:AD:4B:08:22:D0:AB:42:C0:57:6A:30:20:E4:AE:0F:DD:42:2F
X509v3 extensions
subjectKeyIdentifier
  • A6:A1:BA:17:C7:5A:2C:61:AA:31:93:E5:3D:84:94:B7:F3:D7:71:D7
authorityKeyIdentifier
  • keyid:93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2
authorityInfoAccess
  • OCSP - URI:http://e6.o.lencr.org
  • CA Issuers - URI:http://e6.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
  • 87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
  • Timestamp : Jan 13 07:31:07.145 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:7D:D9:86:43:3C:20:B6:64:FB:06:43:2F:
  • 80:C6:F3:78:4F:0D:A2:3D:45:E2:FB:5F:C3:55:BC:6C:
  • 07:49:E2:D0:02:21:00:BA:51:4A:E4:AA:F0:CE:15:19:
  • EF:8E:8C:7E:53:E2:B5:0F:9C:0A:B3:28:FA:82:90:63:
  • B8:21:01:B2:FD:87:E0
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
  • 16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
  • Timestamp : Jan 13 07:31:07.340 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:73:C0:8B:06:58:BC:1B:4F:BD:86:04:CC:
  • DA:A5:1A:B2:24:17:70:F6:28:CF:C0:D2:67:D1:CD:42:
  • 01:73:96:F4:02:21:00:F8:35:1D:81:1B:E3:23:6B:D2:
  • A4:C0:AE:A5:AF:1C:A2:43:EB:CB:C7:B2:57:58:68:5C:
  • 38:29:FA:27:9F:5F:27

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.hitch.fr
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid