germany.travel - TLS / STARTTLS Test

Discover if the mail servers for germany.travel can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 23 Jan 2025 08:58:15 +0000

Certificates

Trustworthy
Protocol

Secure
DANE

Missing

The mailservers of germany.travel can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @germany.travel addresses.

Hostname / IP address	Priority	STARTTLS	Certificates	Protocol
germany-travel.mail.protection.outlook.com 2a01:111:f403:ca04::e Results incomplete	0	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2025-01-23 1 s
germany-travel.mail.protection.outlook.com 2a01:111:f403:ca09::a Results incomplete	0	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2025-01-23 1 s
germany-travel.mail.protection.outlook.com 2a01:111:f403:ca09::7 Results incomplete	0	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2025-01-23 1 s
germany-travel.mail.protection.outlook.com 2a01:111:f403:ca09::e Results incomplete	0	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2025-01-23 1 s
germany-travel.mail.protection.outlook.com 52.101.73.1 Results incomplete	0	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2025-01-23 1 s
germany-travel.mail.protection.outlook.com 52.101.68.32 Results incomplete	0	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2025-01-23 1 s
germany-travel.mail.protection.outlook.com 52.101.73.22 Results incomplete	0	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2025-01-23 1 s
germany-travel.mail.protection.outlook.com 52.101.73.8 Results incomplete	0	supported	not checked	DANE missing PFS not checked Heartbleed not vulnerable Weak ciphers not checked		2025-01-23 1 s
mx10.d-z-t.com 2a03:57e0:d::185:78:40:140 Results incomplete	10		not checked	DANE missing PFS not checked Heartbleed not checked Weak ciphers not checked		2025-01-23 11 s
mx10.d-z-t.com 185.78.40.140 Results incomplete	10		not checked	DANE missing PFS not checked Heartbleed not checked Weak ciphers not checked		2025-01-23 11 s
mx20.d-z-t.com 2a01:488:66:1000:5c33:977d::1	20	supported	*.d-z-t.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2025-01-23 18 s
mx20.d-z-t.com 92.51.151.125	20	supported	*.d-z-t.com	DANE missing PFS supported Heartbleed not vulnerable Weak ciphers not found	TLSv1.2 TLSv1.1 TLSv1.0 ~~SSLv3~~	2025-01-23 18 s

Outgoing Mails

We have not received any emails from a @germany.travel address so far. Test mail delivery

Certificates

First seen at: 2024-11-28

CN=*.d-z-t.com,O=Deutsche Zentrale fuer Tourismus e.V.,L=Frankfurt am Main,ST=Hessen,C=DE

Certificate chain

*.d-z-t.com
- 2025-12-02 remaining
- 2048 bit
- sha256WithRSAEncryption

Subject

Country (C)

State (ST)

Hessen

Locality (L)

Frankfurt am Main

Organization (O)

Deutsche Zentrale fuer Tourismus e.V.

Common Name (CN)

*.d-z-t.com

Alternative Names

*.d-z-t.com
d-z-t.com

Issuer

Country (C)

Organization (O)

DigiCert Inc

Organizational Unit (OU)

www.digicert.com

Common Name (CN)

GeoTrust TLS RSA CA G1

validity period

Not valid before: 2024-11-28
Not valid after: 2025-12-02

This certifcate has been verified for the following usages:

Digital Signature
Key Encipherment
TLS Web Server Authentication
TLS Web Client Authentication

Fingerprints

SHA256: F8:9A:75:9F:FD:B2:D2:F0:45:00:AF:ED:F2:5F:FE:88:5B:25:0A:EB:CA:B1:40:2A:20:45:EE:27:39:8B:91:20
SHA1: 54:95:15:85:30:99:41:F6:CD:7D:BB:58:DC:98:0C:81:EC:33:61:0F

X509v3 extensions

authorityKeyIdentifier

keyid:94:4F:D4:5D:8B:E4:A4:E2:A6:80:FE:FD:D8:F9:00:EF:A3:BE:02:57

subjectKeyIdentifier

96:F3:78:EE:2B:7E:D5:45:BB:A4:28:AE:A7:AD:6D:CA:E9:B7:FD:2D

certificatePolicies

Policy: 2.23.140.1.2.2
CPS: http://www.digicert.com/CPS

crlDistributionPoints

Full Name:
URI:http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl

authorityInfoAccess

OCSP - URI:http://status.geotrust.com
CA Issuers - URI:http://cacerts.geotrust.com/GeoTrustTLSRSACAG1.crt

ct_precert_scts

Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
Timestamp : Nov 28 08:44:08.395 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:47:FA:40:03:13:EA:37:2C:A9:4D:EA:B0:
29:D9:26:66:E8:3A:DC:E5:5C:83:DA:7C:B6:68:FD:FA:
1C:8B:19:7D:02:21:00:D5:C2:AB:20:64:40:81:E3:4A:
48:AE:14:44:11:84:DD:FE:14:30:14:CE:10:86:65:38:
89:F3:B8:F7:AF:78:97
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : ED:3C:4B:D6:E8:06:C2:A4:A2:00:57:DB:CB:24:E2:38:
01:DF:51:2F:ED:C4:86:C5:70:0F:20:DD:B7:3E:3F:E0
Timestamp : Nov 28 08:44:08.362 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:F5:E6:C6:5F:8F:90:B1:2E:93:12:8A:
28:1A:4E:FD:98:D0:2E:0E:26:90:1B:F8:F8:85:8A:69:
57:D3:27:BA:96:02:21:00:F9:37:83:07:A8:70:1C:ED:
8A:A0:73:0A:CB:45:29:22:74:55:F1:DA:12:32:22:31:
DA:E6:53:42:EA:24:ED:80
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
Timestamp : Nov 28 08:44:08.375 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:39:1B:77:BB:DA:B0:B3:A9:A7:56:FF:DF:
20:98:A0:DE:B3:04:29:0E:40:CD:28:DF:45:47:14:69:
93:02:7C:14:02:20:66:09:96:53:06:03:04:1E:63:D1:
DC:EA:BE:F4:17:1B:1C:C0:4B:2B:CE:57:D5:E8:65:C6:
6C:E2:7B:36:28:60

SSL check results of germany.travel