SSL-Tools

SSL check results of hlm.support

NEW You can also bulk check multiple servers.

Discover if the mail servers for hlm.support can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Mon, 18 May 2026 00:31:03 +0000

The mailservers of hlm.support can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @hlm.support addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
atl-edge-rtr.hlm.wtf
23.92.30.57
 5
supported
atl-edge-rtr.hlm.wtf
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
17 s

Outgoing Mails

We have not received any emails from a @hlm.support address so far. Test mail delivery

Certificates

First seen at:

CN=atl-edge-rtr.hlm.wtf

Certificate chain
  • atl-edge-rtr.hlm.wtf
    • remaining
    • 4096 bit
    • sha256WithRSAEncryption
      • R13
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • atl-edge-rtr.hlm.wtf
Alternative Names
  • atl-edge-rtr.hlm.wtf
  • autoconfig.hlm.wtf
  • autoconfig.hlmtechnologies.net
  • autoconfig.onlinetraceroute.info
  • autodiscover.hlm.wtf
  • autodiscover.hlmtechnologies.net
  • autodiscover.onlinetraceroute.info
  • mta-sts.hlm.support
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R13
validity period
Not valid before
2026-05-09
Not valid after
2026-08-07
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
Fingerprints
SHA256
3C:18:3B:04:86:4D:F6:74:F2:B9:12:86:C8:E8:44:A6:AD:EE:F3:20:4B:48:68:8B:DF:ED:B5:A1:C1:16:83:1C
SHA1
5D:FC:7D:6A:8B:58:0F:97:74:EF:8F:93:36:5D:FD:9D:90:3D:2F:EA
X509v3 extensions
subjectKeyIdentifier
  • F9:0E:4E:75:75:36:E6:FC:96:9E:DB:C2:C8:19:34:2A:57:FE:AE:E4
authorityKeyIdentifier
  • keyid:E7:AB:9F:0F:2C:33:A0:53:D3:5E:4F:78:C8:B2:84:0E:3B:D6:92:33
authorityInfoAccess
  • CA Issuers - URI:http://r13.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r13.c.lencr.org/125.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 46:AF:86:3D:3B:3E:E5:9F:A5:77:DE:A8:24:5D:36:B0:
  • D9:ED:22:A2:23:F4:61:77:41:22:94:52:EE:95:50:5F
  • Timestamp : May 9 08:33:16.330 2026 GMT
  • Extensions: 00:00:05:00:06:1B:82:89
  • Signature : ecdsa-with-SHA256
  • 30:46:02:21:00:BF:59:A6:66:79:5B:BC:67:5B:E1:8E:
  • 32:9D:58:C0:8C:F6:BC:89:64:C0:74:0F:CF:BB:AC:9D:
  • FB:92:5A:7A:93:02:21:00:CC:AE:C7:54:6B:8A:4B:17:
  • 92:F4:94:FA:38:F3:A7:E2:C6:0A:8F:3E:25:A3:29:14:
  • EE:56:D4:A6:7C:49:3D:17
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : AF:67:88:3B:57:B0:4E:DD:8F:A6:D9:7E:F6:2E:A8:EB:
  • 81:0A:C7:71:60:F0:24:5E:55:D6:0C:2F:E7:85:87:3A
  • Timestamp : May 9 08:33:16.468 2026 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:F5:B4:6B:AA:FE:9E:9F:3C:88:79:49:
  • 2C:15:48:76:40:20:C1:58:26:04:49:EC:4B:19:6E:92:
  • 8D:E0:DE:73:9F:02:20:1C:61:57:07:28:E6:A0:29:BF:
  • 48:67:B8:84:36:79:CD:33:2D:8E:5C:E4:4F:82:F1:4B:
  • E7:24:58:A8:89:BF:38

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.atl-edge-rtr.hlm.wtf
  • DANE-TA: Trust Anchor Assertion
  • Use full certificate
  • SHA-256 Hash
valid
valid