SSL-Tools

SSL check results of thnhan.com

NEW You can also bulk check multiple servers.

Discover if the mail servers for thnhan.com can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Fri, 01 Aug 2025 00:30:42 +0000

The mailservers of thnhan.com can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @thnhan.com addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mx1.improvmx.com
2a05:d012:412:e203:373a:f51a:4a85:1d25
 10
supported
mx1.improvmx.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
12 s
mx1.improvmx.com
2a05:d012:412:e201:88aa:e7b9:7a43:12d7
 10
supported
mx1.improvmx.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
9 s
mx1.improvmx.com
2a05:d012:412:e202:f36:2c1f:1a49:d38a
 10
supported
mx1.improvmx.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
11 s
mx1.improvmx.com
13.37.195.136
 10
supported
mx1.improvmx.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
11 s
mx1.improvmx.com
15.236.236.160
 10
supported
mx1.improvmx.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
10 s
mx1.improvmx.com
35.181.18.45
 10
supported
mx1.improvmx.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
15 s
mx2.improvmx.com
2a05:d012:412:e201:1f6e:f6e4:8fd7:4678
 20
supported
mx2.improvmx.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
10 s
mx2.improvmx.com
2a05:d012:412:e202:e81e:cc44:3b53:8a3d
 20
supported
mx2.improvmx.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
14 s
mx2.improvmx.com
2a05:d012:412:e203:7e33:3d9c:28d7:ee20
 20
supported
mx2.improvmx.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
9 s
mx2.improvmx.com
13.36.107.63
 20
supported
mx2.improvmx.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
5 s
mx2.improvmx.com
15.236.61.92
 20
supported
mx2.improvmx.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
9 s
mx2.improvmx.com
13.36.222.39
 20
supported
mx2.improvmx.com
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
9 s

Outgoing Mails

We have not received any emails from a @thnhan.com address so far. Test mail delivery

Certificates

First seen at:

CN=mx2.improvmx.com

Certificate chain
  • mx2.improvmx.com
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R11
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mx2.improvmx.com
Alternative Names
  • mx2.improvmx.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R11
validity period
Not valid before
2025-06-18
Not valid after
2025-09-16
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
2E:56:AC:E4:5A:4E:D9:B6:E7:9B:E4:82:6A:96:09:35:F8:09:C1:8A:C7:A2:58:AB:E1:CE:6E:A0:9E:B6:47:EF
SHA1
10:9A:EE:00:87:FD:71:F9:7A:94:7F:C2:4E:E4:3E:18:39:B7:71:67
X509v3 extensions
subjectKeyIdentifier
  • 85:8B:E6:B7:24:1A:84:8D:BF:03:79:7B:2C:B5:CF:D8:9F:3B:5F:B2
authorityKeyIdentifier
  • keyid:C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
authorityInfoAccess
  • CA Issuers - URI:http://r11.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r11.c.lencr.org/73.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
  • 47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
  • Timestamp : Jun 19 00:07:30.156 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:69:37:9D:5A:EB:7E:C3:E8:C2:1B:62:7D:
  • 81:9C:0E:D8:55:DD:D0:88:68:4F:EE:1B:72:CD:2F:EA:
  • 26:78:03:D8:02:20:19:47:B8:54:4C:9B:8A:74:D3:18:
  • FF:BA:56:DC:00:37:F0:F4:B1:74:3C:5E:80:5A:D5:D7:
  • 74:B6:DB:29:ED:B4
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
  • 3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
  • Timestamp : Jun 19 00:07:30.221 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:35:DE:A9:AA:8B:E8:E8:B8:D7:0D:10:1A:
  • 49:A8:EF:1B:09:58:4C:D3:85:AA:93:C9:D9:2F:97:59:
  • 3E:33:50:FE:02:20:4F:2D:82:36:A2:A0:21:81:91:39:
  • 5C:37:F8:43:C2:2C:46:D7:5D:37:91:75:A5:CF:1F:70:
  • 5C:94:58:3D:63:BF
First seen at:

CN=mx1.improvmx.com

Certificate chain
  • mx1.improvmx.com
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R10
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mx1.improvmx.com
Alternative Names
  • mx1.improvmx.com
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R10
validity period
Not valid before
2025-06-18
Not valid after
2025-09-16
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
4A:6C:7F:0B:9D:D1:57:B8:55:74:EF:B5:E4:43:3C:8B:3A:9C:9F:92:4B:D7:80:7E:18:4C:27:1C:90:97:7E:1F
SHA1
AD:57:8E:3F:34:BE:04:86:8C:3B:F4:02:B1:DA:AD:64:32:B2:C7:3B
X509v3 extensions
subjectKeyIdentifier
  • 7A:B9:2D:3E:44:1D:B4:61:5F:94:56:7A:FC:23:1C:74:1E:E5:76:51
authorityKeyIdentifier
  • keyid:BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
authorityInfoAccess
  • CA Issuers - URI:http://r10.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r10.c.lencr.org/101.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : ED:3C:4B:D6:E8:06:C2:A4:A2:00:57:DB:CB:24:E2:38:
  • 01:DF:51:2F:ED:C4:86:C5:70:0F:20:DD:B7:3E:3F:E0
  • Timestamp : Jun 19 00:07:04.495 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:44:02:20:4E:26:1E:E2:B3:A6:F8:A8:FC:E7:EE:33:
  • 3A:3C:E1:C1:51:AE:DE:0C:E8:35:1C:27:60:28:51:5F:
  • D6:7A:AD:94:02:20:34:2D:97:75:2E:A8:32:AD:70:7F:
  • 49:E8:D7:4D:2B:68:8D:0C:04:D8:BA:D1:B5:59:0F:75:
  • 24:88:28:2B:F2:8E
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
  • 3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
  • Timestamp : Jun 19 00:07:08.557 2025 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:B0:6C:72:85:A3:6D:4B:AF:DF:D6:6A:
  • D4:D9:56:BB:EB:DF:1A:07:42:04:E4:47:7E:C2:9F:AE:
  • F8:39:C0:9A:C2:02:20:26:CC:3B:1B:42:6F:5A:ED:D9:
  • 2F:29:59:F1:04:B3:3C:DA:83:0C:21:8D:AF:D3:34:0C:
  • A9:C3:14:A1:71:63:BA