Check DNS, Urls + Redirects, Certificates and Content of your Website

...

skip EDNS-Check

skip Content-Check

check links

Tls-Protocol error

Checked:
10.07.2024 16:14:40

Older results

No older results found

1. IP-Addresses

Host	Type	IP-Address	is auth.	∑ Queries	∑ Timeout
we2-shop.com	A	172.233.40.54 Amsterdam/North Holland/The Netherlands (NL) - Akamai Technologies, Inc. Hostname: 172-233-40-54.ip.linodeusercontent.com	yes	1	0
	AAAA		yes
www.we2-shop.com	A	217.19.237.54 Brussels/Brussels Capital/Belgium (BE) - HOSTING-SERVICE Hostname: 217.19.237.54.static.hosted.by.combell.com	yes	1	0
	AAAA		yes
*.we2-shop.com	A	Name Error	yes
	AAAA	Name Error	yes
	CNAME	Name Error	yes

2. DNSSEC

Zone (*)	DNSSEC - Informations

Zone: (root)
(root)	1 DS RR published


	DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=


	• Status: Valid because published


	3 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 5613, Flags 256


	Public Key with Algorithm 8, KeyTag 20038, Flags 256


	Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 22.07.2024, 00:00:00 +, Signature-Inception: 01.07.2024, 00:00:00 +, KeyTag 20326, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: com
com	1 DS RR in the parent zone found


	DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=


	1 RRSIG RR to validate DS RR found


	RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 23.07.2024, 05:00:00 +, Signature-Inception: 10.07.2024, 04:00:00 +, KeyTag 20038, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20038 used to validate the DS RRSet in the parent zone


	2 DNSKEY RR found


	Public Key with Algorithm 13, KeyTag 956, Flags 256


	Public Key with Algorithm 13, KeyTag 19718, Flags 257 (SEP = Secure Entry Point)


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner com., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 21.07.2024, 14:02:35 +, Signature-Inception: 06.07.2024, 13:57:35 +, KeyTag 19718, Signer-Name: com


	• Status: Good - Algorithmus 13 and DNSKEY with KeyTag 19718 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest "isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: we2-shop.com
we2-shop.com	1 DS RR in the parent zone found


	DS with Algorithm 13, KeyTag 978, DigestType 2 and Digest O1gsWrXLzWeEybH5r1BxF9982CVS5LoxTJJL12y3n0I=


	1 RRSIG RR to validate DS RR found


	RRSIG-Owner we2-shop.com., Algorithm: 13, 2 Labels, original TTL: 86400 sec, Signature-expiration: 17.07.2024, 00:38:57 +, Signature-Inception: 09.07.2024, 23:28:57 +, KeyTag 956, Signer-Name: com


	• Status: Good - Algorithmus 13 and DNSKEY with KeyTag 956 used to validate the DS RRSet in the parent zone


	1 DNSKEY RR found


	Public Key with Algorithm 13, KeyTag 978, Flags 257 (SEP = Secure Entry Point)


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner we2-shop.com., Algorithm: 13, 2 Labels, original TTL: 40000 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	• Status: Good - Algorithmus 13 and DNSKEY with KeyTag 978 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 978, DigestType 2 and Digest "O1gsWrXLzWeEybH5r1BxF9982CVS5LoxTJJL12y3n0I=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone


	RRSIG Type 1 validates the A - Result: 172.233.40.54 Validated: RRSIG-Owner we2-shop.com., Algorithm: 13, 2 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	RRSIG Type 16 validates the TXT - Result: v=spf1 mx a include:_spf.relay.mailprotect.be ~all Validated: RRSIG-Owner we2-shop.com., Algorithm: 13, 2 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	CNAME-Query sends a valid NSEC3 RR as result with the hashed query name "cq88ru3vcelli4g2drbrliam3mk0ib7i" equal the hashed NSEC3-owner "cq88ru3vcelli4g2drbrliam3mk0ib7i" and the hashed NextOwner "d128qsimkt34t72jvflfc5o6fc7qhj6l". So the zone confirmes the not-existence of that CNAME RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, NS, SOA, MX, TXT, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner cq88ru3vcelli4g2drbrliam3mk0ib7i.we2-shop.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	Status: Good. NoData-Proof required and found.


	AAAA-Query sends a valid NSEC3 RR as result with the hashed query name "cq88ru3vcelli4g2drbrliam3mk0ib7i" equal the hashed NSEC3-owner "cq88ru3vcelli4g2drbrliam3mk0ib7i" and the hashed NextOwner "d128qsimkt34t72jvflfc5o6fc7qhj6l". So the zone confirmes the not-existence of that AAAA RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, NS, SOA, MX, TXT, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner cq88ru3vcelli4g2drbrliam3mk0ib7i.we2-shop.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	Status: Good. NoData-Proof required and found.


	TLSA-Query (_443._tcp.we2-shop.com) sends a valid NSEC3 RR as result with the hashed owner name "8rp4f5cd80m55r5v9sn31mi0shlkvc19" (unhashed: _tcp.we2-shop.com). So that's the Closest Encloser of the query name. Bitmap: No Bitmap? Validated: RRSIG-Owner 8rp4f5cd80m55r5v9sn31mi0shlkvc19.we2-shop.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	Status: Good. NXDomain-Proof required and found.


	TLSA-Query sends a valid NSEC3 RR as result and covers the hashed Wildcard expansion of the ClosestEncloser "ju67l406rpk6nef3sfeuek2nreb4hape" (unhashed: *._tcp.we2-shop.com) with the owner "j2e6u55589lvi5euiiiritdk7shu1a3s" and the NextOwner "oi6htefvciltql1f9l81rlqlucqjkco0". So that NSEC3 confirms the not-existence of the Wildcard expansion. Bitmap: SRV, RRSIG Validated: RRSIG-Owner j2e6u55589lvi5euiiiritdk7shu1a3s.we2-shop.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	Status: Good. NXDomain-Proof required and found.


	TLSA-Query (_443._tcp.we2-shop.com) sends a valid NSEC3 RR as result with the owner name "vhrp8sk820d20om8dkg5m982p06ba9da" greater the NextOwner-Name "6r9frl286sg1eftrch89l82p1ihikpr3", so the NSEC3 covers the end of the zone. The hashed query name "5v2oor93c06418cotrg7lhncni68app0" comes before the hashed NextOwner, so the zone confirmes the not-existence of that TLSA RR. Bitmap: SRV, RRSIG Validated: RRSIG-Owner vhrp8sk820d20om8dkg5m982p06ba9da.we2-shop.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	Status: Good. NXDomain-Proof required and found.


	CAA-Query sends a valid NSEC3 RR as result with the hashed query name "cq88ru3vcelli4g2drbrliam3mk0ib7i" equal the hashed NSEC3-owner "cq88ru3vcelli4g2drbrliam3mk0ib7i" and the hashed NextOwner "d128qsimkt34t72jvflfc5o6fc7qhj6l". So the zone confirmes the not-existence of that CAA RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, NS, SOA, MX, TXT, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner cq88ru3vcelli4g2drbrliam3mk0ib7i.we2-shop.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	Status: Good. NoData-Proof required and found.

Zone: www.we2-shop.com
www.we2-shop.com	0 DS RR in the parent zone found


	DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "gi7jgmibobpi2sif1oc7eralg8f3sq2q" between the hashed NSEC3-owner "gi7jgmibobpi2sif1oc7eralg8f3sq2q" and the hashed NextOwner "j2e6u55589lvi5euiiiritdk7shu1a3s". So the parent zone confirmes the not-existence of a DS RR. Bitmap: A, RRSIG Validated: RRSIG-Owner gi7jgmibobpi2sif1oc7eralg8f3sq2q.we2-shop.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	RRSIG Type 1 validates the A - Result: 217.19.237.54 Validated: RRSIG-Owner www.we2-shop.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	CNAME-Query sends a valid NSEC3 RR as result with the hashed query name "gi7jgmibobpi2sif1oc7eralg8f3sq2q" equal the hashed NSEC3-owner "gi7jgmibobpi2sif1oc7eralg8f3sq2q" and the hashed NextOwner "j2e6u55589lvi5euiiiritdk7shu1a3s". So the zone confirmes the not-existence of that CNAME RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, RRSIG Validated: RRSIG-Owner gi7jgmibobpi2sif1oc7eralg8f3sq2q.we2-shop.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	Status: Good. NoData-Proof required and found.


	TXT-Query sends a valid NSEC3 RR as result with the hashed query name "gi7jgmibobpi2sif1oc7eralg8f3sq2q" equal the hashed NSEC3-owner "gi7jgmibobpi2sif1oc7eralg8f3sq2q" and the hashed NextOwner "j2e6u55589lvi5euiiiritdk7shu1a3s". So the zone confirmes the not-existence of that TXT RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, RRSIG Validated: RRSIG-Owner gi7jgmibobpi2sif1oc7eralg8f3sq2q.we2-shop.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	Status: Good. NoData-Proof required and found.


	AAAA-Query sends a valid NSEC3 RR as result with the hashed query name "gi7jgmibobpi2sif1oc7eralg8f3sq2q" equal the hashed NSEC3-owner "gi7jgmibobpi2sif1oc7eralg8f3sq2q" and the hashed NextOwner "j2e6u55589lvi5euiiiritdk7shu1a3s". So the zone confirmes the not-existence of that AAAA RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, RRSIG Validated: RRSIG-Owner gi7jgmibobpi2sif1oc7eralg8f3sq2q.we2-shop.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	Status: Good. NoData-Proof required and found.


	TLSA-Query (_443._tcp.www.we2-shop.com) sends a valid NSEC3 RR as result with the hashed owner name "gi7jgmibobpi2sif1oc7eralg8f3sq2q" (unhashed: www.we2-shop.com). So that's the Closest Encloser of the query name. Bitmap: A, RRSIG Validated: RRSIG-Owner gi7jgmibobpi2sif1oc7eralg8f3sq2q.we2-shop.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	Status: Good. NXDomain-Proof required and found.


	TLSA-Query sends a valid NSEC3 RR as result and covers the hashed Next Closer Name "dreiotfatfm2khg8qvq9jh4abhmg128b" (unhashed: _tcp.www.we2-shop.com) with the owner "d128qsimkt34t72jvflfc5o6fc7qhj6l" and the NextOwner "gi7jgmibobpi2sif1oc7eralg8f3sq2q". So that NSEC3 confirms the not-existence of the Next Closer Name. TLSA-Query sends a valid NSEC3 RR as result and covers the hashed Wildcard expansion of the ClosestEncloser "fhgth50qnjsmeb65ir6l73r2g5lt975d" (unhashed: *.www.we2-shop.com) with the owner "d128qsimkt34t72jvflfc5o6fc7qhj6l" and the NextOwner "gi7jgmibobpi2sif1oc7eralg8f3sq2q". So that NSEC3 confirms the not-existence of the Wildcard expansion. Bitmap: A, RRSIG Validated: RRSIG-Owner d128qsimkt34t72jvflfc5o6fc7qhj6l.we2-shop.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	Status: Good. NXDomain-Proof required and found.


	CAA-Query sends a valid NSEC3 RR as result with the hashed query name "gi7jgmibobpi2sif1oc7eralg8f3sq2q" equal the hashed NSEC3-owner "gi7jgmibobpi2sif1oc7eralg8f3sq2q" and the hashed NextOwner "j2e6u55589lvi5euiiiritdk7shu1a3s". So the zone confirmes the not-existence of that CAA RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, RRSIG Validated: RRSIG-Owner gi7jgmibobpi2sif1oc7eralg8f3sq2q.we2-shop.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 18.07.2024, 00:00:00 +, Signature-Inception: 27.06.2024, 00:00:00 +, KeyTag 978, Signer-Name: we2-shop.com


	Status: Good. NoData-Proof required and found.

3. Name Servers

Domain	Nameserver	NS-IP
www.we2-shop.com	• ns3.combell.net / com-pdnsback006.srv.combell-ops.net		•
we2-shop.com	• ns3.combell.net / com-pdnsback006.srv.combell-ops.net	83.217.73.172 Ghent/Flanders/Belgium (BE) - Sentia Network	•
	•	2a00:1c98::53:1 Ghent/Flanders/Belgium (BE) - COMBELL Network	•
	• ns4.combell.net / com-pdnsback007	86.39.202.67 Brussels/Brussels Capital/Belgium (BE) - Easyhost Network	•
	•	2001:1598:0:101::3 Ghent/Flanders/Belgium (BE) - Easyhost Network	•
com	• a.gtld-servers.net / nnn1-par6		•
	• b.gtld-servers.net / nnn1-elwaw4		•
	• c.gtld-servers.net / nnn1-par6		•
	• d.gtld-servers.net / nnn1-par6		•
	• e.gtld-servers.net / nnn1-par6		•
	• f.gtld-servers.net / nnn1-defra-4		•
	• g.gtld-servers.net / nnn1-defra-4		•
	• h.gtld-servers.net / nnn1-defra-4		•
	• i.gtld-servers.net / nnn1-defra-4		•
	• j.gtld-servers.net / nnn1-frmrs-2		•
	• k.gtld-servers.net / nnn1-ein1		•
	• l.gtld-servers.net / nnn1-nlams-2e		•
	• m.gtld-servers.net / nnn1-frmrs-2		•

4. SOA-Entries

Domain:	com
Zone-Name:	com
Primary:	a.gtld-servers.net
Mail:	nstld.verisign-grs.com
Serial:	1720620860
Refresh:	1800
Retry:	900
Expire:	604800
TTL:	86400
num Entries:	12

Domain:	com
Zone-Name:	com
Primary:	a.gtld-servers.net
Mail:	nstld.verisign-grs.com
Serial:	1720620875
Refresh:	1800
Retry:	900
Expire:	604800
TTL:	86400
num Entries:	1

Domain:	we2-shop.com
Zone-Name:	we2-shop.com
Primary:	ns3.combell.net
Mail:	hostmaster.we2-shop.com
Serial:	1720616500
Refresh:	10800
Retry:	3600
Expire:	604800
TTL:	40000
num Entries:	4

Domain:	www.we2-shop.com
Zone-Name:	we2-shop.com
Primary:	ns3.combell.net
Mail:	hostmaster.we2-shop.com
Serial:	1720616500
Refresh:	10800
Retry:	3600
Expire:	604800
TTL:	40000
num Entries:	1

5. Screenshots

No Screenshot listed, because no url-check with https + http status 200-299, 400-599 + not-ACME-check found.

6. Url-Checks

show header:

Domainname	Http-Status	redirect	Sec.	G
• http://www.we2-shop.com/ 217.19.237.54	301	https://we2-shop.com/	0.044	E
Date: Wed, 10 Jul 2024 14:15:21 GMT
Server: Apache
Location: https://we2-shop.com/
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

• http://we2-shop.com/ 172.233.40.54	200	Html is minified: 162.19 %	0.070	H
Server: nginx
Date: Wed, 10 Jul 2024 14:15:22 GMT
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
ETag: W/"668e84b2-7274"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Last-Modified: Wed, 10 Jul 2024 12:55:14 GMT
Content-Encoding: gzip

• https://www.we2-shop.com/ 217.19.237.54	301	https://we2-shop.com/	2.176	B
Date: Wed, 10 Jul 2024 14:15:21 GMT
Location: https://we2-shop.com/
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

• https://we2-shop.com/ 172.233.40.54	-16		0.086	P
UnknownError - The SSL connection could not be established, see inner exception. - Authentication failed because the remote party sent a TLS alert: '112' (FF: SSL_ERROR_UNRECOGNIZED_NAME_ALERT).

• http://www.we2-shop.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 217.19.237.54	301	https://we2-shop.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	0.040	E
Visible Content:
Date: Wed, 10 Jul 2024 14:15:25 GMT
Server: Apache
Location: https://we2-shop.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

• http://we2-shop.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 172.233.40.54 Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0	404	Html is minified: 100.00 % Other inline scripts (∑/total): 0/0	0.056	A
Not Found
Visible Content:
Server: nginx
Date: Wed, 10 Jul 2024 14:15:25 GMT
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip

• https://we2-shop.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	-16		0.060	P
UnknownError - The SSL connection could not be established, see inner exception. - Authentication failed because the remote party sent a TLS alert: '112' (FF: SSL_ERROR_UNRECOGNIZED_NAME_ALERT).
Visible Content:

• https://172.233.40.54/ 172.233.40.54	-16		0.084	P
UnknownError - The SSL connection could not be established, see inner exception. - Authentication failed because the remote party sent a TLS alert: '112' (FF: SSL_ERROR_UNRECOGNIZED_NAME_ALERT).

• https://217.19.237.54/ 217.19.237.54	-16		0.047	P
UnknownError - The SSL connection could not be established, see inner exception. - Authentication failed because the remote party sent a TLS alert: 'InternalError' (FF: SSL_ERROR_INTERNAL_ERROR_ALERT)

7. Comments

	1. General Results, most used to calculate the result
A	name "we2-shop.com" is domain, public suffix is ".com", top-level-domain is ".com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services", num .com-domains preloaded: 94787 (complete: 245733)
A	Good: All ip addresses are public addresses
	Warning: Only one ip address found: we2-shop.com has only one ip address.
	Warning: Only one ip address found: www.we2-shop.com has only one ip address.
	Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: we2-shop.com has no ipv6 address.
	Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: www.we2-shop.com has no ipv6 address.
A	Good: No asked Authoritative Name Server had a timeout
A	Good - only one version with Http-Status 200
A	Good: No cookie sent via http.
	HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
A	Good: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
B	https://www.we2-shop.com/ 217.19.237.54	301		Missing HSTS-Header
E	http://www.we2-shop.com/ 217.19.237.54	301	https://we2-shop.com/	Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
H	Fatal error: No https - result with http-status 200, no encryption
H	Fatal error: http result with http-status 200, no encryption. Add a redirect http ⇒ https, so every connection is secure. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop.
N	we2-shop.com:10000			Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
O	we2-shop.com / 172.233.40.54 / 10000			Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 6 Cipher Suites without Forward Secrecy found
	Info: Checking the ip addresses of that domain name not exact one certificate found. So it's impossible to check if that domain requires Server Name Indication (SNI).: Domain we2-shop.com, 1 ip addresses.
	Info: Checking the ip addresses of that domain name not exact one certificate found. So it's impossible to check if that domain requires Server Name Indication (SNI).: Domain www.we2-shop.com, 1 ip addresses.
B	No _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.we2-shop.com
	2. Header-Checks
U				No https result with http status 2 or 4 (standard-check) found, no header checked.
	3. DNS- and NameServer - Checks
A	Info:: 2 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 2 Name Servers.
A	Info:: 2 Queries complete, 2 with IPv6, 0 with IPv4.
A	Good: All DNS Queries done via IPv6.
A	Good: Some ip addresses of name servers found with the minimum of two DNS Queries. One to find the TLD-Zone, one to ask the TLD-Zone.ns3.combell.net (2a00:1c98::53:1, 83.217.73.172), ns4.combell.net (2001:1598:0:101::3, 86.39.202.67)
A	Good (1 - 3.0):: An average of 1.0 queries per domain name server required to find all ip addresses of all name servers.
A	Info:: 2 different Name Servers found: ns3.combell.net, ns4.combell.net, 2 Name Servers included in Delegation: ns3.combell.net, ns4.combell.net, 2 Name Servers included in 1 Zone definitions: ns3.combell.net, ns4.combell.net, 1 Name Servers listed in SOA.Primary: ns3.combell.net.
A	Good: Only one SOA.Primary Name Server found.: ns3.combell.net.
A	Good: SOA.Primary Name Server included in the delegation set.: ns3.combell.net.
A	Good: Consistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Ordered list of name servers: ns3.combell.net, ns4.combell.net
A	Good: All Name Server Domain Names have a Public Suffix.
A	Good: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
A	Good: All Name Server ip addresses are public.
A	Good: Minimal 2 different name servers (public suffix and public ip address) found: 2 different Name Servers found
A	Good: All name servers have ipv4- and ipv6-addresses.: 2 different Name Servers found
	Warning: All Name Servers have the same Top Level Domain / Public Suffix. If there is a problem with that Top Level Domain, your domain may be affected. Better: Use Name Servers with different top level domains.: 2 Name Servers, 1 Top Level Domain: net
	Warning: All Name Servers have the same domain name. If there is a problem with that domain name (or with the name servers of that domain name), your domain may be affected. Better: Use Name Servers with different domain names / different top level domains.: Only one domain name used: combell.net
	Warning: All Name Servers from the same Country / IP location.: 2 Name Servers, 1 Countries: BE
A	Info: Ipv4-Subnet-list: 2 Name Servers, 2 different subnets (first Byte): 83., 86., 2 different subnets (first two Bytes): 83.217., 86.39., 2 different subnets (first three Bytes): 83.217.73., 86.39.202.
A	Excellent: Every Name Server IPv4-address starts with an unique Byte.
A	Info: IPv6-Subnet-list: 2 Name Servers with IPv6, 2 different subnets (first block): 2001:, 2a00:, 2 different subnets (first two blocks): 2001:1598:, 2a00:1c98:, 2 different subnets (first three blocks): 2001:1598:0000:, 2a00:1c98:0000:, 2 different subnets (first four blocks): 2001:1598:0000:0101:, 2a00:1c98:0000:0000:
A	Excellent: Every Name Server IPv6-address starts with an unique Hex-block
A	Good: Nameserver supports TCP connections: 4 good Nameserver
A	Good: Nameserver supports Echo Capitalization: 4 good Nameserver
A	Good: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 4 good Nameserver
A	Good: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 4 good Nameserver
A	Good: All SOA have the same Serial Number
	Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.
	4. Content- and Performance-critical Checks
	https://we2-shop.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	-16		Fatal: Check of /.well-known/acme-challenge/random-filename is blocked, http connection error. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
A	Info: No img element found, no alt attribute checked
A	Good: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
A	Info: Different Server-Headers found
A	Duration: 179903 milliseconds, 179.903 seconds

8. Connections

Domain

Port

Cert.

Protocol

KeyExchange

Strength

Cipher

Strength

HashAlgorithm

OCSP stapling

Domain/KeyExchange

IP/Strength

Port/Cipher

Cert./Strength

Protocol/HashAlgorithm

OCSP stapling

www.we2-shop.com

217.19.237.54

443

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

www.we2-shop.com

217.19.237.54

443

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

http/2 via ALPN supported

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

Chain (complete)	1	CN=www.we2-shop.com
	2	CN=R3, O=Let's Encrypt, C=US

we2-shop.com

172.233.40.54

10000

Certificate/chain invalid and wrong name

Tls12

ECDH Ephermal

255

Aes256

256

Sha384

not supported

we2-shop.com

172.233.40.54

10000

Certificate/chain invalid and wrong name

Tls12

ECDH Ephermal

255

Aes256

256

Sha384

not supported

no http/2 via ALPN

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

no http/2 via ALPN

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

Self signed certificate		1	CN=we2-shop-server, L=Santa Clara, C=US

9. Certificates

CN=www.we2-shop.com

05.06.2024

03.09.2024
238 days expired

www.we2-shop.com - 1 entry

CN=www.we2-shop.com

05.06.2024

03.09.2024
238 days expired

www.we2-shop.com - 1 entry

Keyalgorithm	EC Public Key (256 bit, prime256v1)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	04760FAAB1D8E6DCD9F35C597FC4BA6EC418
Thumbprint:	2BAA114F91A7CBD8BB4A53436F6B4C3E1A78EA82
SHA256 / Certificate:	R2rlQU4ZwmWAN1KZc02uEJt9/YCY6Rn96KJyrVUeHzI=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	1b096fef91130300bf278fbc896d4176a9adfca5251264cabc0c2af0b0e7543d
SHA256 hex / Subject Public Key Information (SPKI):	1b096fef91130300bf278fbc896d4176a9adfca5251264cabc0c2af0b0e7543d (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://r3.o.lencr.org
OCSP - must staple:	no
Certificate Transparency:	yes
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=R3, O=Let's Encrypt, C=US

04.09.2020

15.09.2025
expires in 139 days

CN=R3, O=Let's Encrypt, C=US

04.09.2020

15.09.2025
expires in 139 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	00912B084ACF0C18A753F6D62E25A75F5A
Thumbprint:	A053375BFE84E8B748782C7CEE15827A6AF5A405
SHA256 / Certificate:	Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SHA256 hex / Subject Public Key Information (SPKI):	8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:	Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)

CN=ISRG Root X1, O=Internet Security Research Group, C=US

04.06.2015

04.06.2035
expires in 3688 days

CN=ISRG Root X1, O=Internet Security Research Group, C=US

04.06.2015

04.06.2035
expires in 3688 days

Keyalgorithm	RSA encryption (4096 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	008210CFB0D240E3594463E0BB63828B00
Thumbprint:	CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:	lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):	96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):	0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):	0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

L=Santa Clara, C=US, CN=we2-shop-server

10.07.2024

09.07.2029
expires in 1532 days

we2-shop-server, localhost - 2 entries

L=Santa Clara, C=US, CN=we2-shop-server

10.07.2024

09.07.2029
expires in 1532 days

we2-shop-server, localhost - 2 entries

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	23E296D734EB1F053943B6E02D5AFA7BDF5DC463
Thumbprint:	2BA5915706B5461A1C2EF91D54F41957F582BBB4
SHA256 / Certificate:	4tOIEzovByI3TrZprQBbkyr1+ZCPTlHMwsQPtCY/qXQ=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	5393b3205f9e3eb1a4d28ef198667f9ceee0f83bd5f1288d889954b233ca6f71
SHA256 hex / Subject Public Key Information (SPKI):	5393b3205f9e3eb1a4d28ef198667f9ceee0f83bd5f1288d889954b233ca6f71 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1)

UntrustedRoot: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuer				last 7 days	active	num Certs
CN=R3, O=Let's Encrypt, C=US				0	0	2
CN=R10, O=Let's Encrypt, C=US				0	0	1

CertSpotter-Id	Issuer	not before	not after	Domain names	LE-Duplicate	next LE
7678068900 leaf cert	CN=R10, O=Let's Encrypt, C=US	2024-07-10 08:18:12	2024-10-08 08:18:11	we2-shop.com - 1 entries
7450432149 leaf cert	CN=R3, O=Let's Encrypt, C=US	2024-06-05 18:24:35	2024-09-03 18:24:34	www.we2-shop.com - 1 entries
7295478371 leaf cert	CN=R3, O=Let's Encrypt, C=US	2024-05-11 09:53:09	2024-08-09 09:53:08	we2-shop.com - 1 entries

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Issuer				last 7 days	active	num Certs
CN=R3, O=Let's Encrypt, C=US				0 /0 new	0	6
CN=R10, O=Let's Encrypt, C=US				0	0	1

CRT-Id	Issuer	not before	not after	Domain names	LE-Duplicate	next LE
13680979573 precert	CN=R10, O=Let's Encrypt, C=US	2024-07-10 06:18:12	2024-10-08 06:18:11	we2-shop.com 1 entries
13297775926 leaf cert	CN=R3, O=Let's Encrypt, C=US	2024-06-05 16:24:35	2024-09-03 16:24:34	www.we2-shop.com 1 entries
13025813250 leaf cert	CN=R3, O=Let's Encrypt, C=US	2024-05-11 07:53:09	2024-08-09 07:53:08	we2-shop.com 1 entries
12645182205 leaf cert	CN=R3, O=Let's Encrypt, C=US	2024-04-06 05:08:43	2024-07-05 05:08:42	www.we2-shop.com 1 entries
12357421067 leaf cert	CN=R3, O=Let's Encrypt, C=US	2024-03-12 10:48:08	2024-06-10 09:48:07	we2-shop.com 1 entries
11990340276 leaf cert	CN=R3, O=Let's Encrypt, C=US	2024-02-06 00:00:07	2024-05-05 23:00:06	www.we2-shop.com 1 entries
11722173938 leaf cert	CN=R3, O=Let's Encrypt, C=US	2024-01-12 12:28:12	2024-04-11 11:28:11	we2-shop.com 1 entries

11. Html-Content - Entries

No Html-Content entries found. Only checked if https + status 200/401/403/404

12. Html-Parsing via https://validator.w3.org/nu/

Small Code update, wait one minute

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: ns3.combell.net, ns4.combell.net

QNr.	Domain	Type	NS used
1	net	NS	d.root-servers.net (2001:500:2d::d)
	Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2	ns3.combell.net: 2a00:1c98::53:1, 83.217.73.172	NS	a.gtld-servers.net (2001:503:a83e::2:30)
	Answer: ns4.combell.net 2001:1598:0:101::3, 86.39.202.67

14. CAA - Entries

Domainname	Value	∑ Queries
www.we2-shop.com	no CAA entry found	1
we2-shop.com	no CAA entry found	1
com	no CAA entry found	1

15. TXT - Entries

Domainname	TXT Entry	Status	∑ Queries
we2-shop.com	v=spf1 mx a include:_spf.relay.mailprotect.be ~all	ok	1
www.we2-shop.com		ok	1
_acme-challenge.we2-shop.com		Name Error - The domain name does not exist	1
_acme-challenge.www.we2-shop.com		Name Error - The domain name does not exist	1
_acme-challenge.we2-shop.com.we2-shop.com		Name Error - The domain name does not exist	1
_acme-challenge.www.we2-shop.com.we2-shop.com		Name Error - The domain name does not exist	1
_acme-challenge.www.we2-shop.com.www.we2-shop.com		Name Error - The domain name does not exist	1

16. DomainService - Entries

Type		Domain	Pref	Value	DNS-error	num Answers	Status	Description
MX		we2-shop.com	10	mx.mailprotect.be	0	2	ok
	A			178.208.39.142	0	4	ok
	A			178.208.39.141	0	4	ok
	A			178.208.39.140	0	4	ok
	A			178.208.39.143	0	4	ok
	CNAME				0	0	ok
MX		we2-shop.com	50	mx.backup.mailprotect.be	0	2	ok
	A			178.208.39.143	0	4	ok
	A			178.208.39.141	0	4	ok
	A			178.208.39.142	0	4	ok
	A			178.208.39.140	0	4	ok
	CNAME				0	0	ok
SPF	TXT	we2-shop.com		v=spf1 mx a include:_spf.relay.mailprotect.be ~all			ok
	MX	we2-shop.com		mx.backup.mailprotect.be			ok
	MX-A	mx.backup.mailprotect.be		178.208.39.143			8192	Duplicated ipv4 found.
	MX-A	mx.backup.mailprotect.be		178.208.39.140			8192	Duplicated ipv4 found.
	MX-A	mx.backup.mailprotect.be		178.208.39.141			8192	Duplicated ipv4 found.
	MX-A	mx.backup.mailprotect.be		178.208.39.142			8192	Duplicated ipv4 found.
	MX	we2-shop.com		mx.mailprotect.be			ok
	MX-A	mx.mailprotect.be		178.208.39.141			8192	Duplicated ipv4 found.
	MX-A	mx.mailprotect.be		178.208.39.143			8192	Duplicated ipv4 found.
	MX-A	mx.mailprotect.be		178.208.39.140			8192	Duplicated ipv4 found.
	MX-A	mx.mailprotect.be		178.208.39.142			8192	Duplicated ipv4 found.
	A	we2-shop.com		172.233.40.54			ok
	TXT	_spf.relay.mailprotect.be		v=spf1 ip4:217.21.177.125 ip4:217.21.190.0/26 ip4:77.241.82.64/27 ip4:178.208.39.128/26 ip4:83.217.72.64/26 ip4:178.208.39.0/24 ip4:178.208.52.128/25 ip4:178.208.40.0/25 ip4:37.148.176.128/25 ip4:178.208.36.0/26 ip4:77.241.92.172/32 ip4:77.241.92.173/32 ip4:77.241.92.171/32 ip4:94.198.164.28/30 ip4:94.198.164.32/30 ip4:83.217.77.128/26 ip4:178.208.32.0/26 ip4:176.62.168.242/31 ip6:2a00:1c98:10:2::/64 ip4:176.62.168.253 ip4:176.62.168.254 include:_spf.powermail.be ?all			ok
	TXT	_spf.powermail.be		ip4:83.217.72.64/26			8192	Duplicated ipv4 found.
	TXT	_spf.powermail.be		ip4:83.217.77.128/26			8192	Duplicated ipv4 found.
	TXT	_spf.relay.mailprotect.be		ip4:83.217.72.64/26			8192	Duplicated ipv4 found.
	TXT	_spf.relay.mailprotect.be		ip4:83.217.77.128/26			8192	Duplicated ipv4 found.
	TXT	_spf.powermail.be		v=spf1 ip4:178.208.43.64/26 ip4:79.174.128.16/29 ip4:83.217.72.64/26 ip4:83.217.77.128/26 -all			ok

17. Cipher Suites

Summary
Domain	IP	Port	num Ciphers	time	Std.Protocol	Forward Secrecy
we2-shop.com	172.233.40.54	10000	13 Ciphers	65.24 sec	Webmin (https)	6 without, 7 FS	53.85 %
www.we2-shop.com	217.19.237.54	443	3 Ciphers	29.62 sec		0 without, 3 FS	100.00 %
Complete		2	16 Ciphers 8.00 Ciphers/Check	94.86 sec	47.43 sec/Check	6 without, 10 FS	62.50 %

Details
Domain	IP	Port	Cipher (OpenSsl / IANA)
we2-shop.com	172.233.40.54	10000	ECDHE-RSA-CHACHA20-POLY1305		(Secure)	TLSv1.2	0xCC,0xA8	FS
13 Ciphers, 65.24 sec			TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
			ECDH		RSA	CHACHA20/POLY1305(256)	AEAD
			ECDHE-RSA-AES256-GCM-SHA384		(Secure)	TLSv1.2	0xC0,0x30	FS
			TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
			ECDH		RSA	AESGCM(256)	AEAD
			ECDHE-RSA-AES128-GCM-SHA256		(Secure)	TLSv1.2	0xC0,0x2F	FS
			TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
			ECDH		RSA	AESGCM(128)	AEAD
			ECDHE-RSA-AES256-SHA384		(Weak)	TLSv1.2	0xC0,0x28	FS
			TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
			ECDH		RSA	AES(256)	SHA384
			AES256-GCM-SHA384		(Weak)	TLSv1.2	0x00,0x9D	No FS
			TLS_RSA_WITH_AES_256_GCM_SHA384
			RSA		RSA	AESGCM(256)	AEAD
			AES256-SHA256		(Weak)	TLSv1.2	0x00,0x3D	No FS
			TLS_RSA_WITH_AES_256_CBC_SHA256
			RSA		RSA	AES(256)	SHA256
			ECDHE-RSA-AES128-SHA256		(Weak)	TLSv1.2	0xC0,0x27	FS
			TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
			ECDH		RSA	AES(128)	SHA256
			AES128-GCM-SHA256		(Weak)	TLSv1.2	0x00,0x9C	No FS
			TLS_RSA_WITH_AES_128_GCM_SHA256
			RSA		RSA	AESGCM(128)	AEAD
			AES128-SHA256		(Weak)	TLSv1.2	0x00,0x3C	No FS
			TLS_RSA_WITH_AES_128_CBC_SHA256
			RSA		RSA	AES(128)	SHA256
			ECDHE-RSA-AES256-SHA		(Weak)	TLSv1	0xC0,0x14	FS
			TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
			ECDH		RSA	AES(256)	SHA1
			ECDHE-RSA-AES128-SHA		(Weak)	TLSv1	0xC0,0x13	FS
			TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
			ECDH		RSA	AES(128)	SHA1
			AES256-SHA		(Weak)	SSLv3	0x00,0x35	No FS
			TLS_RSA_WITH_AES_256_CBC_SHA
			RSA		RSA	AES(256)	SHA1
			AES128-SHA		(Weak)	SSLv3	0x00,0x2F	No FS
			TLS_RSA_WITH_AES_128_CBC_SHA
			RSA		RSA	AES(128)	SHA1
www.we2-shop.com	217.19.237.54	443	ECDHE-ECDSA-CHACHA20-POLY1305		(Recommended)	TLSv1.2	0xCC,0xA9	FS
3 Ciphers, 29.62 sec			TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
			ECDH		ECDSA	CHACHA20/POLY1305(256)	AEAD
			ECDHE-ECDSA-AES256-GCM-SHA384		(Recommended)	TLSv1.2	0xC0,0x2C	FS
			TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
			ECDH		ECDSA	AESGCM(256)	AEAD
			ECDHE-ECDSA-AES128-GCM-SHA256		(Recommended)	TLSv1.2	0xC0,0x2B	FS
			TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
			ECDH		ECDSA	AESGCM(128)	AEAD

18. Portchecks

Domain	IP	Port	Description	Result	Answer
we2-shop.com	172.233.40.54	21	FTP

we2-shop.com	172.233.40.54	21	FTP
we2-shop.com	172.233.40.54	22	SSH	open
SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.10
we2-shop.com	172.233.40.54	22	SSH	open	SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.10	Bad: SSH without DNS SSHFP Record found
					Possible DNS SSHFP Entries: we2-shop.com IN SSHFP 3 2 5b65e2b0e8e4f0d0cdf1b9cd52bed7890a6a8eaab8a1d6ebe7f0d21f3ac625b4 we2-shop.com IN SSHFP 4 2 9400f2caa8e403b1bb2680ede2b266aa2c0867b457da1d853daa756bf70f3f1a
we2-shop.com	172.233.40.54	25	SMTP

we2-shop.com	172.233.40.54	25	SMTP
we2-shop.com	172.233.40.54	53	DNS

we2-shop.com	172.233.40.54	53	DNS
we2-shop.com	172.233.40.54	110	POP3

we2-shop.com	172.233.40.54	110	POP3
we2-shop.com	172.233.40.54	143	IMAP

we2-shop.com	172.233.40.54	143	IMAP
we2-shop.com	172.233.40.54	465	SMTP (encrypted)

we2-shop.com	172.233.40.54	465	SMTP (encrypted)
we2-shop.com	172.233.40.54	587	SMTP (encrypted, submission)

we2-shop.com	172.233.40.54	587	SMTP (encrypted, submission)
we2-shop.com	172.233.40.54	993	IMAP (encrypted)

we2-shop.com	172.233.40.54	993	IMAP (encrypted)
we2-shop.com	172.233.40.54	995	POP3 (encrypted)

we2-shop.com	172.233.40.54	995	POP3 (encrypted)
we2-shop.com	172.233.40.54	1433	MS SQL

we2-shop.com	172.233.40.54	1433	MS SQL
we2-shop.com	172.233.40.54	2082	cPanel (http)

we2-shop.com	172.233.40.54	2082	cPanel (http)
we2-shop.com	172.233.40.54	2083	cPanel (https)

we2-shop.com	172.233.40.54	2083	cPanel (https)
we2-shop.com	172.233.40.54	2086	WHM (http)

we2-shop.com	172.233.40.54	2086	WHM (http)
we2-shop.com	172.233.40.54	2087	WHM (https)

we2-shop.com	172.233.40.54	2087	WHM (https)
we2-shop.com	172.233.40.54	2089	cPanel Licensing

we2-shop.com	172.233.40.54	2089	cPanel Licensing
we2-shop.com	172.233.40.54	2095	cPanel Webmail (http)

we2-shop.com	172.233.40.54	2095	cPanel Webmail (http)
we2-shop.com	172.233.40.54	2096	cPanel Webmail (https)

we2-shop.com	172.233.40.54	2096	cPanel Webmail (https)
we2-shop.com	172.233.40.54	2222	DirectAdmin (http)

we2-shop.com	172.233.40.54	2222	DirectAdmin (http)
we2-shop.com	172.233.40.54	2222	DirectAdmin (https)

we2-shop.com	172.233.40.54	2222	DirectAdmin (https)
we2-shop.com	172.233.40.54	3306	mySql

we2-shop.com	172.233.40.54	3306	mySql
we2-shop.com	172.233.40.54	5224	Plesk Licensing

we2-shop.com	172.233.40.54	5224	Plesk Licensing
we2-shop.com	172.233.40.54	5432	PostgreSQL

we2-shop.com	172.233.40.54	5432	PostgreSQL
we2-shop.com	172.233.40.54	8080	Ookla Speedtest (http)

we2-shop.com	172.233.40.54	8080	Ookla Speedtest (http)
we2-shop.com	172.233.40.54	8080	Ookla Speedtest (https)

we2-shop.com	172.233.40.54	8080	Ookla Speedtest (https)
we2-shop.com	172.233.40.54	8083	VestaCP http

we2-shop.com	172.233.40.54	8083	VestaCP http
we2-shop.com	172.233.40.54	8083	VestaCP https

we2-shop.com	172.233.40.54	8083	VestaCP https
we2-shop.com	172.233.40.54	8443	Plesk Administration (https)

we2-shop.com	172.233.40.54	8443	Plesk Administration (https)
we2-shop.com	172.233.40.54	8447	Plesk Installer + Updates

we2-shop.com	172.233.40.54	8447	Plesk Installer + Updates
we2-shop.com	172.233.40.54	8880	Plesk Administration (http)

we2-shop.com	172.233.40.54	8880	Plesk Administration (http)
we2-shop.com	172.233.40.54	10000	Webmin (http)	open
http://172.233.40.54:10000/ Http-Status: 200
we2-shop.com	172.233.40.54	10000	Webmin (http)	open	http://172.233.40.54:10000/ Http-Status: 200
we2-shop.com	172.233.40.54	10000	Webmin (https)	open
https://172.233.40.54:10000/ Http-Status: 200		Certificate is invalid
we2-shop.com	172.233.40.54	10000	Webmin (https)	open	https://172.233.40.54:10000/ Http-Status: 200	Certificate is invalid
www.we2-shop.com	217.19.237.54	21	FTP

www.we2-shop.com	217.19.237.54	21	FTP
www.we2-shop.com	217.19.237.54	22	SSH

www.we2-shop.com	217.19.237.54	22	SSH
www.we2-shop.com	217.19.237.54	25	SMTP

www.we2-shop.com	217.19.237.54	25	SMTP
www.we2-shop.com	217.19.237.54	53	DNS

www.we2-shop.com	217.19.237.54	53	DNS
www.we2-shop.com	217.19.237.54	110	POP3

www.we2-shop.com	217.19.237.54	110	POP3
www.we2-shop.com	217.19.237.54	143	IMAP

www.we2-shop.com	217.19.237.54	143	IMAP
www.we2-shop.com	217.19.237.54	465	SMTP (encrypted)

www.we2-shop.com	217.19.237.54	465	SMTP (encrypted)
www.we2-shop.com	217.19.237.54	587	SMTP (encrypted, submission)

www.we2-shop.com	217.19.237.54	587	SMTP (encrypted, submission)
www.we2-shop.com	217.19.237.54	993	IMAP (encrypted)

www.we2-shop.com	217.19.237.54	993	IMAP (encrypted)
www.we2-shop.com	217.19.237.54	995	POP3 (encrypted)

www.we2-shop.com	217.19.237.54	995	POP3 (encrypted)
www.we2-shop.com	217.19.237.54	1433	MS SQL

www.we2-shop.com	217.19.237.54	1433	MS SQL
www.we2-shop.com	217.19.237.54	2082	cPanel (http)

www.we2-shop.com	217.19.237.54	2082	cPanel (http)
www.we2-shop.com	217.19.237.54	2083	cPanel (https)

www.we2-shop.com	217.19.237.54	2083	cPanel (https)
www.we2-shop.com	217.19.237.54	2086	WHM (http)

www.we2-shop.com	217.19.237.54	2086	WHM (http)
www.we2-shop.com	217.19.237.54	2087	WHM (https)

www.we2-shop.com	217.19.237.54	2087	WHM (https)
www.we2-shop.com	217.19.237.54	2089	cPanel Licensing

www.we2-shop.com	217.19.237.54	2089	cPanel Licensing
www.we2-shop.com	217.19.237.54	2095	cPanel Webmail (http)

www.we2-shop.com	217.19.237.54	2095	cPanel Webmail (http)
www.we2-shop.com	217.19.237.54	2096	cPanel Webmail (https)

www.we2-shop.com	217.19.237.54	2096	cPanel Webmail (https)
www.we2-shop.com	217.19.237.54	2222	DirectAdmin (http)

www.we2-shop.com	217.19.237.54	2222	DirectAdmin (http)
www.we2-shop.com	217.19.237.54	2222	DirectAdmin (https)

www.we2-shop.com	217.19.237.54	2222	DirectAdmin (https)
www.we2-shop.com	217.19.237.54	3306	mySql

www.we2-shop.com	217.19.237.54	3306	mySql
www.we2-shop.com	217.19.237.54	5224	Plesk Licensing

www.we2-shop.com	217.19.237.54	5224	Plesk Licensing
www.we2-shop.com	217.19.237.54	5432	PostgreSQL

www.we2-shop.com	217.19.237.54	5432	PostgreSQL
www.we2-shop.com	217.19.237.54	8080	Ookla Speedtest (http)

www.we2-shop.com	217.19.237.54	8080	Ookla Speedtest (http)
www.we2-shop.com	217.19.237.54	8080	Ookla Speedtest (https)

www.we2-shop.com	217.19.237.54	8080	Ookla Speedtest (https)
www.we2-shop.com	217.19.237.54	8083	VestaCP http

www.we2-shop.com	217.19.237.54	8083	VestaCP http
www.we2-shop.com	217.19.237.54	8083	VestaCP https

www.we2-shop.com	217.19.237.54	8083	VestaCP https
www.we2-shop.com	217.19.237.54	8443	Plesk Administration (https)

www.we2-shop.com	217.19.237.54	8443	Plesk Administration (https)
www.we2-shop.com	217.19.237.54	8447	Plesk Installer + Updates

www.we2-shop.com	217.19.237.54	8447	Plesk Installer + Updates
www.we2-shop.com	217.19.237.54	8880	Plesk Administration (http)

www.we2-shop.com	217.19.237.54	8880	Plesk Administration (http)
www.we2-shop.com	217.19.237.54	10000	Webmin (http)

www.we2-shop.com	217.19.237.54	10000	Webmin (http)
www.we2-shop.com	217.19.237.54	10000	Webmin (https)

www.we2-shop.com	217.19.237.54	10000	Webmin (https)

Permalink: https://check-your-website.server-daten.de/?i=4b235873-cf8c-473e-a68d-9ce7b14349f7

Last Result: https://check-your-website.server-daten.de/?q=we2-shop.com - 2024-07-10 16:14:40

Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=we2-shop.com" target="_blank">Check this Site: we2-shop.com</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

QR-Code of this page - https://check-your-website.server-daten.de/?d=we2-shop.com

Check DNS, Urls + Redirects, Certificates and Content of your Website

Older results

1. IP-Addresses

2. DNSSEC

3. Name Servers

4. SOA-Entries

5. Screenshots

6. Url-Checks

7. Comments

1. General Results, most used to calculate the result

2. Header-Checks

3. DNS- and NameServer - Checks

4. Content- and Performance-critical Checks

8. Connections

9. Certificates

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

11. Html-Content - Entries

12. Html-Parsing via https://validator.w3.org/nu/

13. Nameserver - IP-Adresses

14. CAA - Entries

15. TXT - Entries

16. DomainService - Entries

17. Cipher Suites

18. Portchecks