Check DNS, Urls + Redirects, Certificates and Content of your Website




W

wrong Web-Response

Checked:
10.07.2024 08:40:34


Older results

No older results found


1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
113.57.176.32
A
113.57.176.32
Wuhan/Hubei/China (CN) - CNC Group CHINA169 Hubei Province Network
No Hostname found
yes



2. DNSSEC


No DNSSEC - Informations found


3. Name Servers


No Nameserver entries found


4. SOA-Entries


No SOA entries found

5. Screenshots

No Screenshot listed, because no url-check with https + http status 200-299, 400-599 + not-ACME-check found.

6. Url-Checks

DomainnameHttp-StatusredirectSec.G
• http://113.57.176.32:4434/
113.57.176.32
-14

10.010
T
Timeout - The operation has timed out.

• https://113.57.176.32:4434/
113.57.176.32
-16

18.063
W
UnknownError - An error occurred while sending the request.
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors

• http://113.57.176.32:4434/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
113.57.176.32
-14

10.013
T
Timeout - The operation has timed out.
Visible Content:

• https://113.57.176.32:4434/
113.57.176.32
-16

17.963
W
UnknownError - An error occurred while sending the request.
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors

7. Comments


1. General Results, most used to calculate the result

Aname "113.57.176.32" is ipv4 address, public suffix is not defined
AGood: All ip addresses are public addresses
Nhttps://113.57.176.32:4434/ 113.57.176.32
-16

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Nhttps://113.57.176.32:4434/ 113.57.176.32
-16

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
OOld connection: Tls.1.0 is deprecated, Tls.1.2 should be supported
OOld connection: RSA Key Exchange is unsecure. Use Diffie-Hellman or Elliptic Curve Diffi-Hellmann Key Exchange to support Forward Secrecy
OOld connection: SHA1 as Hash Algorithm is deprecated. Switch to SHA256 or SHA384. If your certificate has SHA256, first check your domain via ssllabs.com and update weak Cipher Suites. Forward Secrecy support is required. The part "Cipher Suites" should have a preference. First Cipher Suite with SHA instead of SHA256 or higher - that's the problem, change that. If that doesn't help, check if there is an old Firewall / router or something else, that supports only SHA1. Update that component.
O113.57.176.32 / 113.57.176.32 / 4434


Old connection: Ssl3 is insecure and must be disabled.
O113.57.176.32 / 113.57.176.32 / 4434


Old connection: Ssl3 is insecure and must be disabled.
BNo _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.113.57.176.32

2. Header-Checks (Cross-Origin-* headers are alpha - started 2024-06-05)

U

No https result with http status 2** or 4** (standard-check) found, no header checked.

3. DNS- and NameServer - Checks


4. Content- and Performance-critical Checks

http://113.57.176.32:4434/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 113.57.176.32
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AInfo: No img element found, no alt attribute checked
ADuration: 63780 milliseconds, 63.780 seconds


8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
113.57.176.32
113.57.176.32
4434
Certificate/chain invalid and wrong name
Tls
RsaKeyX
2048
Aes256
256
Sha1
not supported
weak
113.57.176.32
113.57.176.32
4434
Certificate/chain invalid and wrong name
Tls

RsaKeyX
2048
Aes256
256
Sha1
not supported
weak
no http/2 via ALPN 
no Tls.1.2
no Tls.1.1
Tls.1.0
Ssl3 - Insecure
no Ssl2
no http/2 via ALPN
no Tls.1.2
no Tls.1.1
Tls.1.0
Ssl3 - Insecure
no Ssl2
Self signed certificate
1CN=Comware-HTTPS-Self-Signed-Certificate-deb63379f85adce1


113.57.176.32
113.57.176.32
4434
Certificate/chain invalid and wrong name
Tls
RsaKeyX
2048
Aes256
256
Sha1
not supported
weak

113.57.176.32
113.57.176.32
4434
Certificate/chain invalid and wrong name
Tls

RsaKeyX
2048
Aes256
256
Sha1
not supported
weak
no http/2 via ALPN 
Cert sent without SNI
no Tls.1.2
no Tls.1.1
Tls.1.0
Ssl3 - Insecure
no Ssl2
no http/2 via ALPN
Cert sent without SNI
no Tls.1.2
no Tls.1.1
Tls.1.0
Ssl3 - Insecure
no Ssl2
Self signed certificate
1CN=Comware-HTTPS-Self-Signed-Certificate-deb63379f85adce1


9. Certificates

1.
1.
CN=Comware-HTTPS-Self-Signed-Certificate-deb63379f85adce1
01.01.2013
27.12.2032
expires in 3030 days

1.
1.
CN=Comware-HTTPS-Self-Signed-Certificate-deb63379f85adce1
01.01.2013

27.12.2032
expires in 3030 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:00
Thumbprint:63142CDB870928E05BE717FBAD7D303F2522FF7F
SHA256 / Certificate:XSTZ1O4X6uP47puXv9jIvusdcyROmn1hIQqkHAQYUnI=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):b939c1cfa1c8ddb406155d6f693a513f0c9e77110e3fcce454cf852db82a4c74
SHA256 hex / Subject Public Key Information (SPKI):b939c1cfa1c8ddb406155d6f693a513f0c9e77110e3fcce454cf852db82a4c74 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:

UntrustedRoot: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.


10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

No CertSpotter - CT-Log entries found


2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

No CRT - CT-Log entries found


11. Html-Content - Entries

No Html-Content entries found. Only checked if https + status 200/401/403/404


12. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers:


No NameServer - IP address - Informations found


13. CAA - Entries

No CAA entries found


14. TXT - Entries

No TXT entries found


15. DomainService - Entries (SPF-Check is alpha - 2024-06-22, DMARC-Detailcheck is alpha - 2024-07-06, SMTP-TLS-Reporting is alpa - 2024-07-13)

No DomainServiceEntries entries found



16. Cipher Suites

No results


17. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.



Permalink: https://check-your-website.server-daten.de/?i=2090dc8c-f07b-4583-9aac-93e87f7baf06


Last Result: https://check-your-website.server-daten.de/?q=113.57.176.32%3A4434 - 2024-07-10 08:40:34


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=113.57.176.32%3A4434" target="_blank">Check this Site: 113.57.176.32%3A4434</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

QR-Code of this page - https://check-your-website.server-daten.de/?d=113.57.176.32:4434