SSL-Tools

SSL check results of lancome.ch

NEW You can also bulk check multiple servers.

Discover if the mail servers for lancome.ch can be reached through a secure connection.

To establish a secure connection a mail server has to offer STARTTLS (SSL), a trustworthy SSL certificate, support for the Diffie-Hellman-Algorithm to guarantee Perfect Forward Secrecy and must not be vulnerable against the Heartbleed attack. Futhermore we recommend using end-to-end encryption with GnuPG.

Summary

JSON Refresh

Report created Sat, 27 Jun 2020 02:35:56 +0000

We can not guarantee a secure connection to the mailservers of lancome.ch!

Please contact the operator of lancome.ch and ask him or her to solve this problem. This result stays accessible under the following address:

/mailservers/lancome.ch

Servers

Incoming Mails

These servers are responsible for incoming mails to @lancome.ch addresses.

Hostname / IP address Priority STARTTLS Certificates Protocol
ora-webmail.int-hosting.net
212.121.177.202
 10
supported
ora-webmail.int-hosting.net
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
supported
  • ECDHE_RSA_WITH_RC4_128_SHA
  • TLSv1.2
  • TLSv1.1
  • TLSv1.0
  • SSLv3
3 s
mailhub.btfrance.fr
193.149.97.85
Results incomplete
100 not checked
DANE
missing
PFS
not checked
Heartbleed
not checked
Weak ciphers
not checked
11 s

Outgoing Mails

We have not received any emails from a @lancome.ch address so far. Test mail delivery

Certificates

First seen at:

CN=ora-webmail.int-hosting.net,OU=LOREAL IT,O=L’OREAL,L=Clichy,ST=Ile de france,C=FR

Certificate chain
Subject
Country (C)
  • FR
State (ST)
  • Ile de france
Locality (L)
  • Clichy
Organization (O)
  • L’OREAL
Organizational Unit (OU)
  • LOREAL IT
Common Name (CN)
  • ora-webmail.int-hosting.net
Alternative Names
  • ora-webmail.int-hosting.net
Issuer
Country (C)
  • US
Organization (O)
  • DigiCert Inc
Common Name (CN)
  • DigiCert SHA2 Secure Server CA
validity period
Not valid before
2020-04-23
Not valid after
2021-05-23
This certifcate has been verified for the following usages:
  • Digital Signature
  • Key Encipherment
  • TLS Web Server Authentication
  • TLS Web Client Authentication
Fingerprints
SHA256
4A:83:B2:B2:20:D7:1E:75:A5:E9:1C:DA:BC:DE:B1:EE:06:59:BB:72:61:9C:13:37:F3:32:7B:79:D1:3B:FA:75
SHA1
7F:78:C3:EF:27:0B:94:E1:45:3F:88:DC:D9:69:C4:EF:3C:44:31:65
X509v3 extensions
authorityKeyIdentifier
  • keyid:0F:80:61:1C:82:31:61:D5:2F:28:E7:8D:46:38:B4:2C:E1:C6:D9:E2
subjectKeyIdentifier
  • 1B:AF:9C:57:38:DC:85:3C:67:7C:DD:14:9B:8E:1C:48:7A:6C:44:8A
crlDistributionPoints
  • Full Name:
  • URI:http://crl3.digicert.com/ssca-sha2-g6.crl
  • Full Name:
  • URI:http://crl4.digicert.com/ssca-sha2-g6.crl
certificatePolicies
  • Policy: 2.16.840.1.114412.1.1
  • CPS: https://www.digicert.com/CPS
  • Policy: 2.23.140.1.2.2
authorityInfoAccess
  • OCSP - URI:http://ocsp.digicert.com
  • CA Issuers - URI:http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt
ct_precert_scts
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
  • E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
  • Timestamp : Apr 23 09:44:46.969 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:64:09:E8:70:E8:2B:3F:40:FA:70:99:94:
  • 8F:CC:7A:0A:92:5D:54:8A:EB:6E:91:EA:12:96:F6:D1:
  • A3:CF:F2:CA:02:21:00:C1:B5:CF:E6:2C:0C:53:DF:40:
  • 6A:CE:03:54:B9:22:45:2C:E9:46:D0:94:17:42:0C:1D:
  • A8:ED:28:33:DC:68:92
  • Signed Certificate Timestamp:
  • Version : v1 (0x0)
  • Log ID : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
  • DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
  • Timestamp : Apr 23 09:44:46.848 2020 GMT
  • Extensions: none
  • Signature : ecdsa-with-SHA256
  • 30:45:02:20:51:F8:77:1A:12:C1:1F:CA:D6:62:C8:8F:
  • 5B:E1:A2:DD:46:54:E5:04:18:01:A5:48:26:A4:71:90:
  • 73:C9:7E:06:02:21:00:94:13:B7:C8:83:98:0C:49:20:
  • 00:D5:2D:D6:93:C6:1C:58:5E:9E:B4:D4:C2:B4:C6:0D:
  • 47:51:28:53:9A:7F:F6