SSL check results of vbv.at

NEW You can also bulk check multiple servers.

Discover if the mail servers for vbv.at can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

Report created Fri, 05 Aug 2022 08:41:13 +0000

We can not guarantee a secure connection to the mailservers of vbv.at!

Please contact the operator of vbv.at and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/vbv.at

Servers

Incoming Mails

These servers are responsible for incoming mails to @vbv.at addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1.vbv.ag
62.84.213.50
Results incomplete
10
supported
mx1.vbv.ag
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
1 s
mx1b.vbv.ag
213.208.138.132
20
supported
mx1.vbv.ag
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mail1.vbv.at
62.84.213.5
Results incomplete
30
supported
mail1.vbv.at
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
2 s
mail2.vbv.at
37.252.189.36
Results incomplete
100 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s

Outgoing Mails

We have not received any emails from a @vbv.at address so far. Test mail delivery

Certificates

First seen at:

CN=mx1.vbv.ag,O=VBV - Betriebliche Altersvorsorge AG,L=Wien,ST=Wien,C=AT

Certificate chain
  • mx1.vbv.ag
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
    • Unknown Authority

      DigiCert TLS RSA SHA256 2020 CA1
Subject
Country (C)
  • AT
State (ST)
  • Wien
Locality (L)
  • Wien
Organization (O)
  • VBV - Betriebliche Altersvorsorge AG
Common Name (CN)
  • mx1.vbv.ag
Alternative Names
  • mx1.vbv.ag
  • mx1b.vbv.ag
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Common Name (CN)
  • DigiCert TLS RSA SHA256 2020 CA1
validity period
Not valid before
2021-12-15
Not valid after
2023-01-15
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
6B:F3:31:9B:A3:91:05:A0:26:DD:13:AE:2C:B5:72:E8:46:CB:20:D2:29:98:E9:99:3D:CF:8B:98:AE:19:D9:81
SHA1
E0:1C:71:D1:57:CA:C1:75:6E:0C:D4:6E:A6:C0:22:99:F4:41:86:26
X509v3 extensions
authorityKeyIdentifier
  • keyid:B7:6B:A2:EA:A8:AA:84:8C:79:EA:B4:DA:0F:98:B2:C5:95:76:B9:F4
subjectKeyIdentifier
  • 53:2B:52:63:6F:6D:44:4A:38:2A:4D:DC:62:A7:0D:86:D0:2A:F3:1C
crlDistributionPoints
  • Full Name:
  • URI:http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
  • Full Name:
  • URI:http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
certificatePolicies
  • Policy: 2.23.140.1.2.2
  • CPS: http://www.digicert.com/CPS
authorityInfoAccess
  • OCSP - URI:http://ocsp.digicert.com
  • CA Issuers - URI:http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : AD:F7:BE:FA:7C:FF:10:C8:8B:9D:3D:9C:1E:3E:18:6A:
  • B4:67:29:5D:CF:B1:0C:24:CA:85:86:34:EB:DC:82:8A
  • Timestamp : Dec 15 20:15:06.453 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:9B:10:DA:5A:21:B9:77:59:BA:18:67:
  • 28:B4:4A:9C:7A:76:D2:1A:E9:A7:60:53:C7:65:AF:D2:
  • E6:41:95:89:2C:02:21:00:C9:50:3C:82:0E:01:06:5D:
  • 64:4F:25:A9:29:C5:7C:AC:19:A1:4C:6C:72:5C:D8:05:
  • 3E:D4:A6:22:27:C8:96:07
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 35:CF:19:1B:BF:B1:6C:57:BF:0F:AD:4C:6D:42:CB:BB:
  • B6:27:20:26:51:EA:3F:E1:2A:EF:A8:03:C3:3B:D6:4C
  • Timestamp : Dec 15 20:15:06.423 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:77:CE:84:D0:24:53:29:4D:3A:67:37:24:
  • 85:9E:0A:AA:65:31:82:91:F2:E5:D4:20:D2:AF:B7:CF:
  • 15:EE:8E:21:02:20:23:9A:B3:93:63:5B:9A:3E:3B:6C:
  • 60:A0:7D:CD:A0:89:B9:39:F9:5C:34:A0:EB:F6:12:88:
  • F2:AB:32:8A:9E:5C
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : B3:73:77:07:E1:84:50:F8:63:86:D6:05:A9:DC:11:09:
  • 4A:79:2D:B1:67:0C:0B:87:DC:F0:03:0E:79:36:A5:9A
  • Timestamp : Dec 15 20:15:06.459 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:82:B4:59:61:02:EF:C7:9E:19:C1:E3:
  • 99:10:6A:F3:55:CD:A9:2E:96:5C:DF:1A:8A:83:E0:22:
  • 27:C5:ED:CE:0E:02:21:00:82:17:4D:77:F0:A7:94:3D:
  • D6:C2:17:B4:D2:B7:A8:1E:EB:F0:94:DF:6F:A7:04:DD:
  • 24:E8:D6:DC:37:B2:63:BA
First seen at:

CN=mail1.vbv.at

Certificate chain
Subject
Common Name (CN)
  • mail1.vbv.at
Alternative Names
  • mail1.vbv.at
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Organizational Unit (OU)
  • www.digicert.com
Common Name (CN)
  • Thawte RSA CA 2018
validity period
Not valid before
2021-10-07
Not valid after
2022-11-07
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
7E:29:91:2B:5D:C5:D1:12:1A:89:61:B7:76:3A:BC:B6:34:12:D3:61:5E:48:4C:31:39:16:D9:0F:4E:72:37:FD
SHA1
E2:07:78:48:C9:8F:0F:65:42:56:12:7B:39:89:A0:E2:71:0C:3B:F2
X509v3 extensions
authorityKeyIdentifier
  • keyid:A3:C8:5E:65:54:E5:30:78:C1:05:EA:07:0A:6A:59:CC:B9:FE:DE:5A
subjectKeyIdentifier
  • 21:C8:A4:CC:45:2E:F1:0A:FC:C0:67:19:8B:85:3C:64:9E:26:0A:28
crlDistributionPoints
  • Full Name:
  • URI:http://cdp.thawte.com/ThawteRSACA2018.crl
certificatePolicies
  • Policy: 2.23.140.1.2.1
  • CPS: http://www.digicert.com/CPS
authorityInfoAccess
  • OCSP - URI:http://status.thawte.com
  • CA Issuers - URI:http://cacerts.thawte.com/ThawteRSACA2018.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 29:79:BE:F0:9E:39:39:21:F0:56:73:9F:63:A5:77:E5:
  • BE:57:7D:9C:60:0A:F8:F9:4D:5D:26:5C:25:5D:C7:84
  • Timestamp : Oct 7 12:24:06.424 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:E4:AB:D8:FD:1E:B9:12:B3:1B:F0:15:
  • 19:27:69:5C:57:A9:CE:DA:32:4F:17:33:17:67:B4:34:
  • 9C:68:31:FB:25:02:20:25:2F:61:C1:03:41:CF:9F:BD:
  • 5A:CA:F6:F4:8F:62:D1:22:34:2A:11:7F:FB:DA:91:8C:
  • 05:45:55:76:7F:DD:23
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 51:A3:B0:F5:FD:01:79:9C:56:6D:B8:37:78:8F:0C:A4:
  • 7A:CC:1B:27:CB:F7:9E:88:42:9A:0D:FE:D4:8B:05:E5
  • Timestamp : Oct 7 12:24:06.452 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:42:DF:0A:EB:81:4A:FD:6F:6A:ED:8C:B1:
  • 4E:C1:91:B9:C0:5E:8D:08:AE:77:C3:92:23:0A:C0:25:
  • 8A:C9:80:1C:02:21:00:EF:4E:46:6D:A7:B9:72:94:3E:
  • 41:F4:CC:18:33:92:34:CA:F3:1F:42:31:00:73:27:78:
  • E5:A3:58:8E:1A:99:33
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:
  • 4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6
  • Timestamp : Oct 7 12:24:06.381 2021 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:F0:29:05:A2:08:25:24:C3:FD:F3:8E:
  • 24:0F:4D:D4:EB:F1:F2:50:7B:4D:9A:D5:5B:27:35:42:
  • 2E:FC:AD:2F:77:02:20:02:E1:4F:BA:5C:E6:DB:72:EA:
  • 3E:08:31:77:2F:79:01:1B:6C:64:6F:37:57:E9:69:0D:
  • D5:5F:4B:D3:B1:AB:F1

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mx1.vbv.ag
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid