SSL-Tools

SSL check results of mail.jt.capital

NEW You can also bulk check multiple servers.

Discover if the mail servers for mail.jt.capital can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Thu, 09 Apr 2026 02:34:40 +0000

The mailservers of mail.jt.capital can be reached through a secure connection.

Servers

Incoming Mails

These servers are responsible for incoming mails to @mail.jt.capital addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
mail.jt.capital
61.244.181.34
 -
supported
mail.jt.capital
DANE
valid
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
  • TLSv1.2
  • SSLv3
10 s

Outgoing Mails

We have not received any emails from a @mail.jt.capital address so far. Test mail delivery

Certificates

First seen at:

CN=mail.jt.capital

Certificate chain
  • mail.jt.capital
    • remaining
    • 2048 bit
    • sha256WithRSAEncryption
      • R13
        • remaining
        • 2048 bit
        • sha256WithRSAEncryption
          • ISRG Root X1 (Certificate is self-signed.)
            • remaining
            • 4096 bit
            • sha256WithRSAEncryption
Subject
Common Name (CN)
  • mail.jt.capital
Alternative Names
  • mail.alphakingtrustee.com
  • mail.corecapital.com.hk
  • mail.jt.capital
  • mail.jtcam.com.hk
  • mail.jtcpg.com
  • mail.jtfhk.org
  • mail.jth.group
  • mta-sts.jt.capital
Issuer
Country (C)
  • US
Organization (O)
  • Let's Encrypt
Common Name (CN)
  • R13
validity period
Not valid before
2026-04-04
Not valid after
2026-07-03
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
Fingerprints
SHA256
5D:64:0A:2D:68:E8:0D:D7:AF:24:D8:9B:D4:82:30:69:27:5C:4C:0F:EF:6E:91:0C:1B:96:C7:13:12:B6:B5:7A
SHA1
D7:91:1E:55:C2:37:44:A5:6E:76:FC:FB:2C:2C:0F:46:71:DF:0F:6D
X509v3 extensions
subjectKeyIdentifier
  • F4:AF:69:3F:BB:26:86:18:3D:CB:88:36:CE:99:40:D0:94:E7:E5:58
authorityKeyIdentifier
  • keyid:E7:AB:9F:0F:2C:33:A0:53:D3:5E:4F:78:C8:B2:84:0E:3B:D6:92:33
authorityInfoAccess
  • CA Issuers - URI:http://r13.i.lencr.org/
certificatePolicies
  • Policy: 2.23.140.1.2.1
crlDistributionPoints
  • Full Name:
  • URI:http://r13.c.lencr.org/3.crl
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : D8:09:55:3B:94:4F:7A:FF:C8:16:19:6F:94:4F:85:AB:
  • B0:F8:FC:5E:87:55:26:0F:15:D1:2E:72:BB:45:4B:14
  • Timestamp : Apr 4 19:19:22.559 2026 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:79:42:5D:14:61:11:35:B8:22:A3:8D:F7:
  • 8F:21:92:D3:1A:1E:0A:38:07:C1:1F:4B:0F:3A:C7:E2:
  • 95:D9:44:52:02:21:00:BC:75:F7:5A:E7:09:D9:D4:95:
  • BB:58:AF:39:FB:29:2E:AA:81:19:4A:6F:1C:E7:24:AD:
  • 0F:FB:DF:70:14:BA:29
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 46:AF:86:3D:3B:3E:E5:9F:A5:77:DE:A8:24:5D:36:B0:
  • D9:ED:22:A2:23:F4:61:77:41:22:94:52:EE:95:50:5F
  • Timestamp : Apr 4 19:19:22.730 2026 GMT
  • Extensions: 00:00:05:00:02:FE:21:59
  • Signature : ecdsa-with-SHA256
  • 30:45:02:21:00:F4:60:75:5A:AF:4F:A3:DE:0F:AB:F2:
  • 06:E6:00:33:40:E5:25:E1:CF:BD:53:0E:28:61:DF:02:
  • 50:A0:40:16:FD:02:20:67:80:9A:04:32:D5:6C:02:87:
  • B7:74:96:6A:1A:0A:CD:B5:03:47:3F:D0:D7:DD:96:7C:
  • 3B:6B:FD:EF:54:D6:B4

DANE

DNS-based Authentication of Named Entities (DANE) is a protocol to allow X.509 certificates to be bound to DNS using TLSA records and DNSSEC.

Name Options DNSSEC Matches
_25._tcp.mail.jt.capital
  • DANE-EE: Domain Issued Certificate
  • Use full certificate
  • SHA-256 Hash
valid
valid