SSL-Tools

SSL check results of simonmicro.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for simonmicro.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 03 Oct 2024 09:35:48 +0000

The mailservers of simonmicro.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @simonmicro.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
eros-via-luke.simonmicro.de
188.192.201.70
 10
supported
eros.simonmicro.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
3 s
eros-via-jake.simonmicro.de
198.23.223.103
 20
supported
eros.simonmicro.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
9 s
mx2f71.netcup.net
188.68.47.113
Results incomplete
50
supported
*.netcup.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
6 s

Outgoing Mails

We have not received any emails from a @simonmicro.de address so far. Test mail delivery

Certificates

First seen at:

CN=eros.simonmicro.de

Certificate chain
  • eros.simonmicro.de
    • remaining
    • 256 bit
    • ecdsa-with-SHA384
      • E6
        • remaining
        • 384 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • eros.simonmicro.de
Alternative Names
  • eros-via-jake.simonmicro.de
  • eros-via-jake.simonmicros-super-systems.de
  • eros-via-luke.simonmicro.de
  • eros-via-luke.simonmicros-super-systems.de
  • eros.simonmicro.de
  • eros.simonmicros-super-systems.de
  • imap.simonmicro.de
  • smtp.simonmicro.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • E6
validity period
Not valid before
2024-08-16
Not valid after
2024-11-14
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
8B:86:73:C1:66:EB:A0:09:57:32:2D:FD:D7:C8:F0:C0:EE:90:FA:6F:B1:8B:5F:82:69:74:CD:43:E8:6E:9B:CF
SHA1
F3:D9:A3:1A:19:E4:96:B0:C3:D6:75:D7:AC:88:CF:91:B7:43:2C:F1
X509v3 extensions
subjectKeyIdentifier
  • 70:A3:55:43:79:E8:F5:78:A3:63:E0:28:50:D1:8D:96:4E:5C:64:E6
authorityKeyIdentifier
  • keyid:93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2
authorityInfoAccess
  • OCSP - URI:http://e6.o.lencr.org
  • CA Issuers - URI:http://e6.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
  • ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
  • Timestamp : Aug 16 14:18:38.022 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:16:93:B2:17:C5:5D:24:CA:BA:94:84:E2:
  • 31:3F:2C:43:D0:2A:D8:C4:97:8A:31:AA:2E:0E:0E:30:
  • F8:DA:1C:B1:02:20:22:1D:73:AA:88:F6:E0:D2:7A:B6:
  • 09:BB:1A:4C:2D:A4:99:AA:59:22:4A:22:F4:7F:DD:28:
  • AD:2C:DB:7B:DB:B1
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
  • B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
  • Timestamp : Aug 16 14:18:38.079 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:38:53:7C:37:EC:28:03:8E:5A:BE:30:54:
  • 67:B6:FA:8C:AA:CB:99:34:E6:67:29:CC:CE:1C:7A:E8:
  • 34:07:69:7A:02:21:00:FB:05:E4:DA:66:FE:9A:5E:D8:
  • F8:A3:FB:73:63:D3:0C:DA:8F:1D:E9:6A:A0:73:D9:92:
  • 5D:50:10:2A:BF:D1:B0
First seen at:

CN=*.netcup.net

Certificate chain
Subject
Common Name (CN)
  • *.netcup.net
Alternative Names
  • *.netcup.net
  • netcup.net
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • RapidSSL TLS RSA CA G1
validity period
Not valid before
2024-09-16
Not valid after
2025-09-15
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
AD:F1:75:D0:25:78:24:9A:89:61:7F:45:78:3A:39:7E:72:FE:A7:4A:15:AE:F2:6A:8E:C3:44:6A:73:77:0F:36
SHA1
0D:5D:FD:F5:15:2F:2B:5F:B6:86:EE:08:A0:A7:0C:61:22:B0:EA:19
X509v3 extensions
authorityKeyIdentifier
  • keyid:0C:DB:6C:82:49:0F:4A:67:0A:B8:14:EE:7A:C4:48:52:88:EB:56:38
subjectKeyIdentifier
  • EA:D7:B6:20:A8:5D:53:51:0D:5B:24:EB:07:67:13:21:0A:BD:2F:E4
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • CPS: http://www.digicert.com/CPS
crlDistributionPoints
  • Full Name:
  • URI:http://cdp.rapidssl.com/RapidSSLTLSRSACAG1.crl
authorityInfoAccess
  • OCSP - URI:http://status.rapidssl.com
  • CA Issuers - URI:http://cacerts.rapidssl.com/RapidSSLTLSRSACAG1.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
  • F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
  • Timestamp : Sep 16 11:03:04.377 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:06:34:DA:A9:EF:EF:E9:39:DB:F7:F3:D2:
  • 74:9B:99:2A:A2:90:F5:E3:30:63:7D:30:A2:11:63:50:
  • 93:07:87:00:02:20:5D:FB:30:C5:5E:3F:B2:40:13:8B:
  • F8:1E:38:68:7C:FA:35:2F:59:4E:97:2D:6A:66:B4:23:
  • 01:1E:6D:C7:22:B3
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
  • 87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
  • Timestamp : Sep 16 11:03:04.254 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:6F:10:DB:B9:07:29:56:D7:12:E2:4E:9D:
  • 54:BE:6C:D5:32:50:5D:73:76:5D:4B:C1:B8:C3:DE:3F:
  • 00:82:64:E3:02:20:19:D6:CF:24:A4:BA:78:33:2C:7A:
  • 39:86:2E:94:02:53:90:D9:0B:44:2C:16:4B:E8:7A:C3:
  • E2:31:ED:13:2F:2A
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
  • D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
  • Timestamp : Sep 16 11:03:04.278 2024 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:1A:04:C5:4A:44:92:CC:4E:20:0A:BB:39:
  • F1:4C:28:84:07:8B:6B:DF:F9:02:67:BC:10:BE:CC:09:
  • 03:FD:A5:E4:02:20:2F:54:19:9A:9F:76:71:C4:BF:EE:
  • 25:C7:25:83:DA:64:20:C0:E0:35:B4:14:7B:BB:1F:3F:
  • E2:AB:4C:5A:FA:F3

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.eros-via-luke.simonmicro.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid
_25._tcp.eros-via-luke.simonmicro.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.eros-via-jake.simonmicro.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
_25._tcp.eros-via-jake.simonmicro.de
  • DANE-TA: Trust Anchor Assertion
  • Use subject public key
  • SHA-256 Hash
valid
valid