SSL-Tools

SSL check results of thermona-shop.de

NEW You can also bulk check multiple servers.

Discover if the mail servers for thermona-shop.de can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 18 Oct 2025 16:40:30 +0000

The mailservers of thermona-shop.de can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @thermona-shop.de addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.thermona-shop.de
2a03:4000:20:2a4:45:90:5:200
 10
supported
mail.thermona-shop.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
8 s
mail.thermona-shop.de
45.90.5.200
 10
supported
mail.thermona-shop.de
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
8 s

Outgoing Mails

We have not received any emails from a @thermona-shop.de address so far. Test mail delivery

Certificates

First seen at:

CN=mail.thermona-shop.de

Certificate chain
  • mail.thermona-shop.de
    • remaining
    • 384 bit
    • ecdsa-with-SHA384
      • E7
        • remaining
        • 384 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.thermona-shop.de
Alternative Names
  • mail.thermona-shop.de
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • E7
validity period
Not valid before
2025-09-11
Not valid after
2025-12-10
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
94:AC:E3:37:7D:28:16:E1:E6:D9:E5:1D:58:C1:83:90:E2:4C:E1:9F:1C:A3:3D:59:08:A0:07:0F:63:DA:88:8E
SHA1
6C:98:C4:FC:A9:C5:7F:88:5E:92:0C:6F:56:9F:AD:B0:60:D0:5F:D4
X509v3 extensions
subjectKeyIdentifier
  • 3C:56:6A:AA:8B:5D:80:98:56:DC:50:81:CE:FD:79:FA:2D:2D:50:FB
authorityKeyIdentifier
  • keyid:AE:48:9E:DC:87:1D:44:A0:6F:DA:A2:E5:60:74:04:78:C2:9C:00:80
authorityInfoAccess
  • CA Issuers - URI:http://e7.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://e7.c.lencr.org/103.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A4:42:C5:06:49:60:61:54:8F:0F:D4:EA:9C:FB:7A:2D:
  • 26:45:4D:87:A9:7F:2F:DF:45:59:F6:27:4F:3A:84:54
  • Timestamp : Sep 11 03:10:16.060 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:62:F3:A9:F9:C7:22:B3:6A:EB:31:C3:A8:
  • 47:FC:7F:13:A3:17:08:99:33:D2:86:36:FC:44:9F:4E:
  • 5C:31:F5:AE:02:20:65:15:65:07:CE:0D:FD:3D:C7:4F:
  • F5:07:1C:8F:A8:C4:D2:4F:93:06:24:BF:D4:48:15:45:
  • AE:86:A3:F6:1E:71
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 1A:04:FF:49:D0:54:1D:40:AF:F6:A0:C3:BF:F1:D8:C4:
  • 67:2F:4E:EC:EE:23:40:68:98:6B:17:40:2E:DC:89:7D
  • Timestamp : Sep 11 03:10:16.103 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:D2:18:57:F8:02:32:87:A4:83:6E:31:
  • 5E:2D:DE:DA:93:FC:A4:D9:53:15:5B:62:4A:7A:4F:55:
  • 72:25:61:49:E9:02:21:00:8F:0D:C6:8E:2D:41:F9:F5:
  • A7:C7:AF:D5:A1:80:A0:8E:AA:13:2B:53:D7:EA:60:3F:
  • C2:E7:E2:D2:97:38:F2:B2

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.thermona-shop.de
  • DANE-EE: Domain Issued Certificate
  • Use subject public key
  • SHA-256 Hash
valid
valid