SSL-Tools

SSL check results of mos.at

NEW You can also bulk check multiple servers.

Discover if the mail servers for mos.at can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 20 Jan 2025 15:18:00 +0000

The mailservers of mos.at can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @mos.at addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
archimedes.d0mini0n.net
89.185.109.180
 10
supported
d0mini0n.net
DANE
errors
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @mos.at address so far. Test mail delivery

Certificates

First seen at:

CN=d0mini0n.net

Certificate chain
  • d0mini0n.net
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • d0mini0n.net
Alternative Names
  • archimedes.d0mini0n.net
  • d0mini0n.net
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2025-01-04
Not valid after
2025-04-04
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
B7:C5:C1:B2:F0:0F:04:E6:02:D3:3D:99:33:B4:11:CE:29:9A:70:3A:C1:BA:EC:ED:49:36:8A:87:D3:9C:46:48
SHA1
B0:C0:DA:ED:02:D1:07:A2:E5:52:BE:B7:2D:79:36:5B:D3:34:DD:A7
X509v3 extensions
subjectKeyIdentifier
  • D6:47:F3:F8:3C:43:20:54:4C:C2:E1:2C:62:8E:5B:1F:76:B9:CD:EA
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
  • D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
  • Timestamp : Jan 4 20:09:32.464 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:9E:BC:75:6B:CF:92:A4:1F:60:BC:18:
  • 9C:DD:8A:73:D8:97:E9:5F:9C:F1:48:C6:7C:CE:B0:96:
  • 09:33:4E:5A:92:02:20:48:35:DE:E7:3B:97:5B:54:CD:
  • 77:64:F1:A5:45:83:42:1D:2F:5E:A6:13:DD:D9:85:00:
  • C7:F4:54:94:2C:2E:9B
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
  • 16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
  • Timestamp : Jan 4 20:09:32.652 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:A4:9C:BA:2C:B8:74:5C:0A:EE:B1:0B:
  • C7:26:25:25:C7:14:E3:74:5E:70:57:F8:FC:9D:4D:FF:
  • EE:73:C2:A5:E4:02:20:51:47:77:5D:72:E3:11:EA:71:
  • 11:17:41:6A:56:B4:43:E1:07:EE:B9:78:7F:A2:9A:0A:
  • D4:CB:0B:71:F7:00:28

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.archimedes.d0mini0n.net
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid