SSL-Tools

SSL check results of safo.at

NEW You can also bulk check multiple servers.

Discover if the mail servers for safo.at can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 14 Aug 2025 14:30:36 +0000

The mailservers of safo.at can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @safo.at addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1.safo.at
185.35.181.194
 10
supported
mx1.safo.at
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mx2.safo.at
185.35.181.195
 20
supported
mx2.safo.at
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s

Outgoing Mails

We have not received any emails from a @safo.at address so far. Test mail delivery

Certificates

First seen at:

CN=mx1.safo.at

Certificate chain
  • mx1.safo.at
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mx1.safo.at
Alternative Names
  • mx1.safo.at
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2025-07-23
Not valid after
2025-10-21
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
0F:16:1B:41:B7:DC:16:95:45:8E:B2:C5:7B:CE:25:16:F8:D6:0D:3A:09:53:41:A9:45:6C:E9:5C:1A:BB:E6:AB
SHA1
79:DD:ED:61:59:4B:02:37:E8:44:2F:E0:65:27:F3:6F:6B:B5:55:6C
X509v3 extensions
subjectKeyIdentifier
  • F1:B7:2E:23:AF:25:A0:03:D0:DA:2C:AA:55:0E:B7:A4:1E:E2:5C:54
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r11.c.lencr.org/7.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : Jul 23 01:00:14.736 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:43:62:7E:CE:89:AF:14:1C:D8:81:EF:99:
  • 13:EA:4E:E8:82:7B:27:73:7E:BD:6F:D5:00:69:13:15:
  • 3A:A5:D1:07:02:21:00:FB:8D:56:8E:8F:55:E6:FC:99:
  • 31:8B:D2:2A:16:43:CC:8F:83:61:F4:91:3E:1D:14:44:
  • 4B:77:C5:2F:9D:A8:78
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 1A:04:FF:49:D0:54:1D:40:AF:F6:A0:C3:BF:F1:D8:C4:
  • 67:2F:4E:EC:EE:23:40:68:98:6B:17:40:2E:DC:89:7D
  • Timestamp : Jul 23 01:00:14.740 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:FB:09:5A:78:62:E8:24:54:1C:26:A8:
  • 55:C9:2E:73:0F:12:AA:16:47:65:9A:FC:BE:B8:7B:4C:
  • 99:36:E0:9A:52:02:20:45:F1:0D:6E:71:50:CF:59:07:
  • 61:6E:67:99:BA:48:5B:8E:01:FD:0B:C9:BE:F4:AF:BD:
  • CB:01:AD:B9:1B:60:D5
First seen at:

CN=mx2.safo.at

Certificate chain
  • mx2.safo.at
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R10
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mx2.safo.at
Alternative Names
  • mx2.safo.at
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R10
validity period
Not valid before
2025-08-14
Not valid after
2025-11-12
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
5E:88:05:17:AF:DB:C9:4A:93:D8:A0:4B:0A:86:4B:86:95:76:9B:73:AA:07:C2:08:A8:64:29:4F:ED:61:5D:4F
SHA1
1A:8E:36:62:B3:5E:11:C5:61:30:6C:AC:8D:EB:1E:17:F9:30:6F:15
X509v3 extensions
subjectKeyIdentifier
  • 60:02:77:F0:AF:41:61:31:A2:6C:2A:84:83:4D:67:87:D1:2D:7B:25
authorityKeyIdentifier
  • keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
authorityInfoAccess
  • CA Issuers - URI:http://r10.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r10.c.lencr.org/62.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : Aug 14 14:26:41.222 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:17:25:E5:AB:5A:45:2D:2F:63:07:E7:5D:
  • 72:11:7C:60:4B:CE:05:34:C6:1B:8B:FC:57:17:19:1F:
  • 02:F8:7A:D3:02:21:00:A4:35:5A:C4:48:85:D9:FA:5D:
  • 23:B5:37:77:56:12:F6:8E:4C:99:F3:E2:42:2B:9F:39:
  • F1:62:14:90:FB:B7:75
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
  • 47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
  • Timestamp : Aug 14 14:26:43.195 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:2C:12:17:45:58:10:82:14:DB:78:91:44:
  • 31:68:00:34:E6:9B:AD:C1:BD:A1:B6:5E:4F:67:AD:8D:
  • 8A:F5:8D:71:02:20:69:44:02:48:E8:0A:19:E1:82:C4:
  • 83:33:38:BD:DC:AC:42:B4:4D:9F:5C:7D:C0:5D:97:99:
  • 58:99:52:F8:62:D6