Check DNS, Urls + Redirects, Certificates and Content of your Website

0 in Queue, 1 of max. 8 Checks (07:13:20)
Why should you only use Prefix - Cookies? |
Hall of Fame - A+ and A

 

Shortcuts: 1. IP-Addresses | 2. DNSSEC | 3. Name Servers | 4. SOA-Entries | 5. Screenshots | 6. Url-Checks | 7. Comments | 8. Connections | 9. Certificates | 10. CT-Logs | 11. Html-Content | 12. Html-Parsing | 13. NameServer-IPAddresses | 14. CAA | 15. TXT | 16. DomainServiceEntries | 17. Cipher Suites | 18. Portchecks |

 

N

 

No trusted Certificate

 

Checked:
21.08.2021 17:28:58

 

Older results

No older results found

 

1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
2602:806:a003:40e::3000:2601
AAAA
2602:806:a003:40e::3000:2601
Naperville/Illinois/United States (US) - Peter Jin Technologies LLC

yes


 

2. DNSSEC

 

No DNSSEC - Informations found

 

3. Name Servers

 

No Nameserver entries found

 

4. SOA-Entries

 

No SOA entries found

5. Screenshots

No Screenshot listed, because no screenshot found. Perhaps the check is too old, the feature startet 2019-12-23.

 

 

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://[2602:0806:a003:040e:0000:0000:3000:2601]/
2602:806:a003:40e::3000:2601 No Compression used - 2042 / 5221 - 39.11 % possible
200

Html is minified: 197.17 %
0.320
H
strict-transport-security: max-age=31536000
x-frame-options: DENY
content-security-policy: default-src 'self'; style-src 'unsafe-inline'
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
Content-Type: text/html; charset=utf-8
Content-Length: 5221
Date: Sat, 21 Aug 2021 15:29:02 GMT
Connection: close

• https://[2602:0806:a003:040e:0000:0000:3000:2601]/
2602:806:a003:40e::3000:2601 No Compression used - 2042 / 5221 - 39.11 % possible
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 1/2305		200

Html is minified: 197.17 %
Other inline scripts (∑/total): 0/0		4.496
N
Certificate error: RemoteCertificateNameMismatch
strict-transport-security: max-age=31536000
x-frame-options: DENY
content-security-policy: default-src 'self'; style-src 'unsafe-inline'
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
Content-Type: text/html; charset=utf-8
Content-Length: 5221
Date: Sat, 21 Aug 2021 15:29:03 GMT
Connection: close

• http://[2602:0806:a003:040e:0000:0000:3000:2601]/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2602:806:a003:40e::3000:2601
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		404

Html is minified: 100.00 %
Other inline scripts (∑/total): 0/0		0.324
A
Not Found
Visible Content: Cannot GET /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Content-Length: 208
Date: Sat, 21 Aug 2021 15:29:08 GMT
Connection: close

• https://[2602:0806:a003:040e:0000:0000:3000:2601]/
2602:806:a003:40e::3000:2601 No Compression used - 2042 / 5221 - 39.11 % possible
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 1/2305		200

Html is minified: 197.17 %
Other inline scripts (∑/total): 0/0		3.734
N
Certificate error: RemoteCertificateNameMismatch
strict-transport-security: max-age=31536000
x-frame-options: DENY
content-security-policy: default-src 'self'; style-src 'unsafe-inline'
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
Content-Type: text/html; charset=utf-8
Content-Length: 5221
Date: Sat, 21 Aug 2021 15:29:08 GMT
Connection: close

 

7. Comments


1. General Results, most used to calculate the result

Aname "2602:806:a003:40e::3000:2601" is ipv6 address, public suffix is not defined
AGood: All ip addresses are public addresses
AGood: one preferred version: non-www is preferred
AGood: No cookie sent via http.
AGood: every https has a Strict Transport Security Header
AGood: HSTS max-age is long enough, 31536000 seconds = 365 days
AGood: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
CError - more then one version with Http-Status 200. After all redirects, all users (and search engines) should see the same https url: Non-www or www, but not both with http status 200.
HFatal error: http result with http-status 200, no encryption. Add a redirect http ⇒ https, so every connection is secure. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop.
Nhttps://[2602:0806:a003:040e:0000:0000:3000:2601]/ 2602:806:a003:40e::3000:2601
200

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://[2602:0806:a003:040e:0000:0000:3000:2601]/ 2602:806:a003:40e::3000:2601
200

Error - Certificate isn't trusted, RemoteCertificateNameMismatch

2. Header-Checks


3. DNS- and NameServer - Checks


4. Content- and Performance-critical Checks

AGood: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
https://[2602:0806:a003:040e:0000:0000:3000:2601]/ 2602:806:a003:40e::3000:2601
200

Warning: https result with status 200 and size greater then 1024 Bytes without Compression found. Add Compression support (gzip, deflate, br - these are checked) so the html content is compressed.
https://[2602:0806:a003:040e:0000:0000:3000:2601]/ 2602:806:a003:40e::3000:2601
200

Warning: https result with status 200 and size greater then 1024 Bytes without Compression found. Add Compression support (gzip, deflate, br - these are checked) so the html content is compressed.
https://[2602:0806:a003:040e:0000:0000:3000:2601]/ 2602:806:a003:40e::3000:2601
200

Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
https://[2602:0806:a003:040e:0000:0000:3000:2601]/ 2602:806:a003:40e::3000:2601
200

Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
https://[2602:0806:a003:040e:0000:0000:3000:2601]/ 2602:806:a003:40e::3000:2601
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
https://[2602:0806:a003:040e:0000:0000:3000:2601]/ 2602:806:a003:40e::3000:2601
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
https://[2602:0806:a003:040e:0000:0000:3000:2601]/ 2602:806:a003:40e::3000:2601
200

Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
https://[2602:0806:a003:040e:0000:0000:3000:2601]/ 2602:806:a003:40e::3000:2601
200

Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
AGood: All checked attribute values are enclosed in quotation marks (" or ').
AInfo: No img element found, no alt attribute checked
http://[2602:0806:a003:040e:0000:0000:3000:2601]/ 2602:806:a003:40e::3000:2601
200

Warning: HSTS header sent via http has no effect
ADuration: 23324 milliseconds, 23.324 seconds

 

8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
[2602:0806:a003:040e:0000:0000:3000:2601]
2602:806:a003:40e::3000:2601
443
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
error checking OCSP stapling
ok
[2602:0806:a003:040e:0000:0000:3000:2601]
2602:806:a003:40e::3000:2601
443
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
error checking OCSP stapling
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no http/2 via ALPN
 Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)

1CN=ipv6-things.srv.peterjin.org


2CN=E1, O=Let's Encrypt, C=US


3CN=ISRG Root X2, O=Internet Security Research Group, C=US


[2602:0806:a003:040e:0000:0000:3000:2601]
2602:806:a003:40e::3000:2601
443
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
error checking OCSP stapling
ok

[2602:0806:a003:040e:0000:0000:3000:2601]
2602:806:a003:40e::3000:2601
443
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
error checking OCSP stapling
ok
no http/2 via ALPN 
Cert sent without SNI 		Tls.1.2
no Tls.1.1
no Tls.1.0
no http/2 via ALPN
Cert sent without SNI 		Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)

1CN=ipv6-things.srv.peterjin.org


2CN=E1, O=Let's Encrypt, C=US


3CN=ISRG Root X2, O=Internet Security Research Group, C=US

 

9. Certificates

1.
1.
CN=ipv6-things.srv.peterjin.org
01.08.2021
30.10.2021
1234 days expired		*.aliases.peterjin.org, *.colors.misc.peterjin.org, *.misc.peterjin.org, *.ptable.misc.peterjin.org, *.scp.rdns.peterjin.org, *.t.rdns.peterjin.org, ipv6-things.srv.peterjin.org - 7 entries
1.
1.
CN=ipv6-things.srv.peterjin.org
01.08.2021

30.10.2021
1234 days expired


*.aliases.peterjin.org, *.colors.misc.peterjin.org, *.misc.peterjin.org, *.ptable.misc.peterjin.org, *.scp.rdns.peterjin.org, *.t.rdns.peterjin.org, ipv6-things.srv.peterjin.org - 7 entries

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:ECDSA SHA384
Serial Number:03FBF6FEC2C561471F0A2253CC7612A5F5EB
Thumbprint:41314B078FE0282F0A34BB248B21B373F79119AF
SHA256 / Certificate:rQ57iCLzJ6kYNdt2y3dVOEgfKbZ4Jy60/0rUTQ4UZ+Q=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):668a0f68bfc629689db9517b5918ccdfba7f86cc546ff5706a312be2e5ec460b
SHA256 hex / Subject Public Key Information (SPKI):668a0f68bfc629689db9517b5918ccdfba7f86cc546ff5706a312be2e5ec460b
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://e1.o.lencr.org
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=ipv6-things.srv.peterjin.org
01.08.2021
30.10.2021
1234 days expired		*.aliases.peterjin.org, *.colors.misc.peterjin.org, *.misc.peterjin.org, *.ptable.misc.peterjin.org, *.scp.rdns.peterjin.org, *.t.rdns.peterjin.org, ipv6-things.srv.peterjin.org - 7 entries

2.
CN=ipv6-things.srv.peterjin.org
01.08.2021

30.10.2021
1234 days expired


*.aliases.peterjin.org, *.colors.misc.peterjin.org, *.misc.peterjin.org, *.ptable.misc.peterjin.org, *.scp.rdns.peterjin.org, *.t.rdns.peterjin.org, ipv6-things.srv.peterjin.org - 7 entries

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:ECDSA SHA384
Serial Number:03FBF6FEC2C561471F0A2253CC7612A5F5EB
Thumbprint:41314B078FE0282F0A34BB248B21B373F79119AF
SHA256 / Certificate:rQ57iCLzJ6kYNdt2y3dVOEgfKbZ4Jy60/0rUTQ4UZ+Q=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):668a0f68bfc629689db9517b5918ccdfba7f86cc546ff5706a312be2e5ec460b
SHA256 hex / Subject Public Key Information (SPKI):668a0f68bfc629689db9517b5918ccdfba7f86cc546ff5706a312be2e5ec460b
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://e1.o.lencr.org
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




3.
CN=E1, O=Let's Encrypt, C=US
04.09.2020
15.09.2025
expires in 182 days

3.
CN=E1, O=Let's Encrypt, C=US
04.09.2020

15.09.2025
expires in 182 days




KeyalgorithmEC Public Key (384 bit, secp384r1)
Signatur:ECDSA SHA384
Serial Number:00B3BDDFF8A7845BBCE903A04135B34A45
Thumbprint:091E8EA1B256A312962AF6C140C0FBF079A407B3
SHA256 / Certificate:RklOMDeQWd8YvlISQwXmBvxZBw5bIQds4ROVS2BRfNo=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):276fe8a8c4ec7611565bf9fce6dcace9be320c1b5bea27596b2204071ed04f10
SHA256 hex / Subject Public Key Information (SPKI):276fe8a8c4ec7611565bf9fce6dcace9be320c1b5bea27596b2204071ed04f10
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)




4.
CN=E1, O=Let's Encrypt, C=US
04.09.2020
15.09.2025
expires in 182 days

4.
CN=E1, O=Let's Encrypt, C=US
04.09.2020

15.09.2025
expires in 182 days




KeyalgorithmEC Public Key (384 bit, secp384r1)
Signatur:ECDSA SHA384
Serial Number:00B3BDDFF8A7845BBCE903A04135B34A45
Thumbprint:091E8EA1B256A312962AF6C140C0FBF079A407B3
SHA256 / Certificate:RklOMDeQWd8YvlISQwXmBvxZBw5bIQds4ROVS2BRfNo=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):276fe8a8c4ec7611565bf9fce6dcace9be320c1b5bea27596b2204071ed04f10
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)




5.
CN=ISRG Root X2, O=Internet Security Research Group, C=US
04.09.2020
15.09.2025
expires in 182 days

5.
CN=ISRG Root X2, O=Internet Security Research Group, C=US
04.09.2020

15.09.2025
expires in 182 days




KeyalgorithmEC Public Key (384 bit, secp384r1)
Signatur:SHA256 With RSA-Encryption
Serial Number:079E492886376FD40848C23FC631E463
Thumbprint:151682F5218C0A511C28F4060A73B9CA78CE9A53
SHA256 / Certificate:iwW2jMZZ5e0PyzjyyUL7/SAOby/5+F1jxplO9eCwJwE=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):762195c225586ee6c0237456e2107dc54f1efc21f61a792ebd515913cce68332
SHA256 hex / Subject Public Key Information (SPKI):762195c225586ee6c0237456e2107dc54f1efc21f61a792ebd515913cce68332
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




6.
CN=ISRG Root X2, O=Internet Security Research Group, C=US
04.09.2020
17.09.2040
expires in 5663 days

6.
CN=ISRG Root X2, O=Internet Security Research Group, C=US
04.09.2020

17.09.2040
expires in 5663 days




KeyalgorithmEC Public Key (384 bit, secp384r1)
Signatur:ECDSA SHA384
Serial Number:41D29DD172EAEEA780C12C6CE92F8752
Thumbprint:BDB1B93CD5978D45C6261455F8DB95C75AD153AF
SHA256 / Certificate:aXKbjhWobvwXelevtxcd/GSt0owvyozxUH40RTzLFHA=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):762195c225586ee6c0237456e2107dc54f1efc21f61a792ebd515913cce68332
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:





7.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015
04.06.2035
expires in 3731 days

7.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015

04.06.2035
expires in 3731 days




KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:008210CFB0D240E3594463E0BB63828B00
Thumbprint:CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




 

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

No CertSpotter - CT-Log entries found

 

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

No CRT - CT-Log entries found

 

11. Html-Content - Entries

Summary

No data found or small Code-update

 

Details (currently limited to 500 rows - some problems with spam users)

Small Code Update - wait one minute

 

12. Html-Parsing via https://validator.w3.org/nu/

Small Code update, wait one minute

 

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers:

 

 

No NameServer - IP address - Informations found

 

14. CAA - Entries

No CAA entries found

 

15. TXT - Entries

No TXT entries found

 

16. DomainService - Entries

No DomainServiceEntries entries found

 

 

17. Cipher Suites

No Ciphers found

 

18. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.

 

 

Permalink: https://check-your-website.server-daten.de/?i=9c2a3630-f970-4102-aded-cb7e4edc36c8

 

Last Result: https://check-your-website.server-daten.de/?q=%5B2602%3A806%3Aa003%3A40e%3A%3A3000%3A2601%5D - 2021-08-21 17:28:58

 

Do you like this page? Support this tool, add a link on your page:

 

<a href="https://check-your-website.server-daten.de/?q=%5B2602%3A806%3Aa003%3A40e%3A%3A3000%3A2601%5D" target="_blank">Check this Site: %5B2602%3A806%3Aa003%3A40e%3A%3A3000%3A2601%5D</a>

 

 

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

 

QR-Code of this page - https://check-your-website.server-daten.de/?d=[2602:806:a003:40e::3000:2601]

 

 

Jürgen Auer • Friedenstr. 37 • 10249 Berlin • +49(0)30 420 200 60 • info@sql-und-xml.de • USt-IdNr.: DE221734518

 

Errors, ideas, questions? Use the Contact form • A project using Server-Daten - Web Database solutions