bica.com.ar - TLS / STARTTLS Test

Discover if the mail servers for bica.com.ar can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 28 Jan 2021 14:53:26 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Missing

The mailservers of bica.com.ar can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @bica.com.ar addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
aspmx.l.google.com 2a00:1450:4013:c00::1a	1	supported	mx.google.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2021-01-28 2 s
aspmx.l.google.com 108.177.119.26	1	supported	mx.google.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2021-01-28 3 s
alt1.aspmx.l.google.com 2404:6800:4003:c06::1a	5	supported	mx.google.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2021-01-28 18 s
alt1.aspmx.l.google.com 142.250.4.26	5	supported	mx.google.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2021-01-28 18 s
alt2.aspmx.l.google.com 2404:6800:4008:c00::1a	5	supported	mx.google.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2021-01-27 15 s
alt2.aspmx.l.google.com 108.177.97.26	5	supported	mx.google.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2021-01-28 16 s
alt4.aspmx.l.google.com 2607:f8b0:4023:c03::1b	10	supported	mx.google.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2021-01-28 10 s
alt4.aspmx.l.google.com 74.125.137.26	10	supported	mx.google.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2021-01-28 10 s
alt3.aspmx.l.google.com 2607:f8b0:400e:c04::1b	10	supported	mx.google.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2021-01-28 9 s
alt3.aspmx.l.google.com 74.125.28.26	10	supported	mx.google.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2021-01-28 10 s

Outgoing Mails

We have not received any emails from a @bica.com.ar address so far. Test mail delivery

Certificates

First seen at: 2021-01-19

CN=mx.google.com,O=Google LLC,L=Mountain View,ST=California,C=US

Certificate chain

mx.google.com
- 2021-03-30 remaining
- 256 bit
- sha256WithRSAEncryption

Subject

Country (C)

State (ST)

California

Locality (L)

Mountain View

Organization (O)

Google LLC

Common Name (CN)

mx.google.com

Alternative Names

mx.google.com
alt1.aspmx.l.google.com
alt1.gmail-smtp-in.l.google.com
alt1.gmr-smtp-in.l.google.com
alt2.aspmx.l.google.com
alt2.gmail-smtp-in.l.google.com
alt2.gmr-smtp-in.l.google.com
alt3.aspmx.l.google.com
alt3.gmail-smtp-in.l.google.com
alt3.gmr-smtp-in.l.google.com
alt4.aspmx.l.google.com
alt4.gmail-smtp-in.l.google.com
alt4.gmr-smtp-in.l.google.com
aspmx.l.google.com
aspmx2.googlemail.com
aspmx3.googlemail.com
aspmx4.googlemail.com
aspmx5.googlemail.com
gmail-smtp-in.l.google.com
gmr-mx.google.com
gmr-smtp-in.l.google.com
mx1.smtp.goog
mx2.smtp.goog
mx3.smtp.goog
mx4.smtp.goog
smtp.google.com

Issuer

Country (C)

Organization (O)

Google Trust Services

Common Name (CN)

GTS CA 1O1

validity period

Not valid before: 2021-01-05
Not valid after: 2021-03-30

This certifcate has been verified for the following usages:

Digital Signature
TLS Web Server Authentication

Fingerprints

SHA256: 3F:06:B6:BB:9A:1D:54:0F:CE:C2:14:A1:D0:77:52:94:7D:E5:29:FE:A2:F2:A1:69:E8:E0:67:34:3E:6E:E7:74
SHA1: 42:05:99:31:41:AF:23:65:ED:D6:FF:EA:B3:01:1E:53:7D:F1:AE:CB

X509v3 extensions

subjectKeyIdentifier

19:13:C6:01:08:AE:12:F9:3D:33:22:F6:84:8C:81:22:6F:EB:95:FF

authorityKeyIdentifier

keyid:98:D1:F8:6E:10:EB:CF:9B:EC:60:9F:18:90:1B:A0:EB:7D:09:FD:2B

authorityInfoAccess

OCSP - URI:http://ocsp.pki.goog/gts1o1core
CA Issuers - URI:http://pki.goog/gsr2/GTS1O1.crt

certificatePolicies

Policy: 2.23.140.1.2.2
Policy: 1.3.6.1.4.1.11129.2.5.3

crlDistributionPoints

Full Name:
URI:http://crl.pki.goog/GTS1O1core.crl

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
Timestamp : Jan 5 13:11:23.997 2021 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:59:52:38:36:33:69:7C:EA:AB:C7:E1:93:
CE:7F:16:1C:34:D7:E1:DE:4E:98:9F:12:9C:10:FE:5E:
1C:64:B4:86:02:20:20:A3:CF:10:7C:2F:5C:C9:55:FB:
D6:46:74:5A:C8:DE:C9:D7:78:C9:BE:85:73:C4:6F:15:
18:23:44:15:B1:53
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
Timestamp : Jan 5 13:11:24.038 2021 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:EF:BF:E3:D1:EC:34:2F:67:01:52:4F:
63:D8:29:03:8F:C7:D2:84:79:9E:E8:40:A1:5E:F0:98:
43:08:95:B2:EC:02:21:00:98:CB:7C:CB:0D:D6:33:74:
FE:D2:A5:A1:A8:99:B1:2D:C6:90:8E:60:70:D0:2A:22:
73:49:BC:57:E3:FA:94:AE

SSL check results of bica.com.ar