SSL-Tools

SSL check results of thomas-live.com

NEW You can also bulk check multiple servers.

Discover if the mail servers for thomas-live.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 22 May 2025 10:23:33 +0000

We can not guarantee a secure connection to the mailservers of thomas-live.com!

Please contact the operator of thomas-live.com and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/thomas-live.com

Servers

Incoming Mails

These servers are responsible for incoming mails to @thomas-live.com addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx-mail.thomas-live.com
185.62.150.136
 10
supported
mail.thomas-live.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • TLSv1.1
  • SSLv3
2 s
mxbackup1.junkemailfilter.com
184.105.182.140
 30
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
9 s
mxbackup2.junkemailfilter.com
184.105.182.212
 40
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
31 s
mxbackup2.junkemailfilter.com
184.105.182.210
 40
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
31 s
mxbackup2.junkemailfilter.com
184.105.182.220
 40
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
31 s
mxbackup2.junkemailfilter.com
184.105.182.221
 40
supported
junkemailfilter.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • SSL_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
31 s
mxbackup2.junkemailfilter.com
184.105.182.211
Results incomplete
40
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s
mxbackup2.junkemailfilter.com
184.105.182.222
Results incomplete
40
unsupported
not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
1 s

Outgoing Mails

We have received emails from these servers with @thomas-live.com sender addresses. Test mail delivery

Host TLS Version & Cipher
mx-mail.thomas-live.com (185.62.150.136)
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384

Certificates

First seen at:

CN=mail.thomas-live.com

Certificate chain
Subject
Common Name (CN)
  • mail.thomas-live.com
Alternative Names
  • autodiscover.thomas-live.com
  • mail.thomas-live.com
  • mx-mail.thomas-live.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • E5
validity period
Not valid before
2025-05-02
Not valid after
2025-07-31
This certifcate has been verified for the following usages:
  • Digital Signature
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
10:B0:33:30:3F:23:D0:19:0E:12:21:6C:E5:39:65:0B:2D:74:E0:79:72:C9:FB:CB:13:C3:A6:7D:B4:58:43:F3
SHA1
E7:BB:9E:58:73:85:15:32:75:71:FA:C9:AD:AF:48:F1:44:90:6C:32
X509v3 extensions
subjectKeyIdentifier
  • A7:85:45:EC:3D:BA:08:E0:10:14:81:E9:83:52:EA:6B:A8:8C:F9:77
authorityKeyIdentifier
  • keyid:9F:2B:5F:CF:3C:21:4F:9D:04:B7:ED:2B:2C:C4:C6:70:8B:D2:D7:0D
authorityInfoAccess
  • OCSP - URI:http://e5.o.lencr.org
  • CA Issuers - URI:http://e5.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://e5.c.lencr.org/33.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
  • 22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
  • Timestamp : May 2 20:00:10.863 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:8E:F0:C4:08:89:8C:76:A9:BE:15:17:
  • 5C:21:0B:A5:98:90:BE:C3:93:79:1D:3D:1A:F8:59:A7:
  • B8:27:0D:02:DA:02:20:22:02:2C:58:38:9B:F7:80:95:
  • 2E:36:26:BC:67:AA:64:EC:77:04:21:98:A9:59:41:51:
  • A7:24:D7:2E:69:D6:A9
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : AF:18:1A:28:D6:8C:A3:E0:A9:8A:4C:9C:67:AB:09:F8:
  • BB:BC:22:BA:AE:BC:B1:38:A3:A1:9D:D3:F9:B6:03:0D
  • Timestamp : May 2 20:00:11.151 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:5B:49:5D:09:06:E6:B7:DA:82:05:AA:AA:
  • E4:A0:2A:81:B9:93:B8:3B:FF:1E:EE:F1:66:40:91:F8:
  • 40:2D:20:61:02:20:07:F7:05:D8:AA:9D:2A:8C:CB:A1:
  • 45:5A:19:76:2C:71:53:CE:70:F9:93:D3:BA:14:AD:EA:
  • 15:09:2C:99:22:6B
First seen at:

CN=junkemailfilter.com

Certificate chain
  • junkemailfilter.com
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • junkemailfilter.com
Alternative Names
  • *.junkemailfilter.com
  • junkemailfilter.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2025-04-17
Not valid after
2025-07-16
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
A6:EE:81:41:4B:BA:41:1A:D2:B1:C8:9C:5F:92:01:8E:DA:B0:AE:0D:8F:68:D9:EA:7C:6A:1D:FE:D6:87:92:88
SHA1
A9:C1:57:2E:14:78:9E:08:53:62:4B:24:80:DC:73:A7:D9:D0:C1:8E
X509v3 extensions
subjectKeyIdentifier
  • 88:BE:49:52:29:A3:13:FE:14:BB:C5:AB:90:D9:7A:80:0A:2B:05:4B
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • OCSP - URI:http://r11.o.lencr.org
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r11.c.lencr.org/91.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
  • F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
  • Timestamp : Apr 17 10:34:42.956 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:50:0B:AC:78:29:0D:51:D9:92:55:0F:57:
  • 2D:53:C1:E2:78:C3:E8:F3:3A:55:44:05:55:1F:4B:58:
  • FC:99:9C:CD:02:21:00:D6:A6:1A:D5:6F:91:32:17:43:
  • 08:F4:7F:CC:F8:1C:3A:EE:51:80:E0:0C:62:D2:21:FE:
  • 0E:F4:4E:E0:71:E5:91
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : A4:42:C5:06:49:60:61:54:8F:0F:D4:EA:9C:FB:7A:2D:
  • 26:45:4D:87:A9:7F:2F:DF:45:59:F6:27:4F:3A:84:54
  • Timestamp : Apr 17 10:34:42.961 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:4A:0A:3D:25:D3:C4:20:3E:B9:16:93:BD:
  • 6A:14:D2:51:6B:CC:AA:3E:7F:A6:21:81:4F:EF:32:EF:
  • 73:4D:44:44:02:20:63:B8:1E:F1:E2:EE:7D:FA:2B:AB:
  • F7:18:F1:61:8F:35:BC:A0:8A:1E:53:14:57:3F:33:D5:
  • DE:AE:C6:4B:22:18