Check DNS, Urls + Redirects, Certificates and Content of your Website




N

No trusted Certificate

Checked:
04.09.2024 13:03:59


Older results

No older results found


1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
188.213.5.134
A
188.213.5.134
Madrid/Spain (ES) - Ginernet S.L.
No Hostname found
yes



2. DNSSEC


No DNSSEC - Informations found


3. Name Servers


No Nameserver entries found


4. SOA-Entries


No SOA entries found

5. Screenshots

Startaddress: https://188.213.5.134/, address used: https://188.213.5.134/, Screenshot created 2024-09-04 13:04:52 +00:0 url is insecure, certificate invalid

Mobil (412px x 732px)

1051 milliseconds

Screenshot mobile - https://188.213.5.134/
Mobil + Landscape (732px x 412px)

1053 milliseconds

Screenshot mobile landscape - https://188.213.5.134/
Screen (1280px x 1680px)

1178 milliseconds

Screenshot Desktop - https://188.213.5.134/

Mobile- and other Chrome-Checks

widthheight
visual Viewport396716
content Size6211401

Fatal: Horizontal scrollbar detected. Content-size width is greater then visual Viewport width.

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://188.213.5.134/
188.213.5.134
-14

10.010
T
Timeout - The operation has timed out.

• https://188.213.5.134/
188.213.5.134
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
403

Html is minified: 953.83 %
7.857
N
Forbidden
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Connection: close
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html
Content-Length: 38525

• http://188.213.5.134/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
188.213.5.134
-14

10.007
T
Timeout - The operation has timed out.
Visible Content:

• https://188.213.5.134/
188.213.5.134
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
403

Html is minified: 953.83 %
7.770
N
Forbidden
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Connection: close
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html
Content-Length: 38525

7. Comments


1. General Results, most used to calculate the result

Aname "188.213.5.134" is ipv4 address, public suffix is not defined
AGood: All ip addresses are public addresses
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):0 complete Content-Type - header (2 urls)
https://188.213.5.134/ 188.213.5.134


Url with incomplete Content-Type - header - missing charset
https://188.213.5.134/ 188.213.5.134


Url with incomplete Content-Type - header - missing charset
Bhttps://188.213.5.134/ 188.213.5.134
403

Missing HSTS-Header
CError - no version with Http-Status 200
HFatal error: No https - result with http-status 200, no encryption
Mhttps://188.213.5.134/ 188.213.5.134
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://188.213.5.134/ 188.213.5.134
403

Misconfiguration - main pages should never send http status 400 - 499
Nhttps://188.213.5.134/ 188.213.5.134
403

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Nhttps://188.213.5.134/ 188.213.5.134
403

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
BNo _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.188.213.5.134

2. Header-Checks (Cross-Origin-* headers are alpha - started 2024-06-05)

A188.213.5.134 188.213.5.134
Content-Security-Policy
Ok: Header without syntax errors found: frame-ancestors 'self'
F

Bad: Missing default-src directive. A default-src directive is used if one of the specialized fetch directives (child-src, connect-src, font-src, frame-src, img-src, manifest-src, media-src, object-src, prefetch-src, script-src, style-src, worker-src) isn't defined. Missing default-src, all sources are allowed, that's bad. A default-src with 'none' or 'self' blocks that.
E

Bad: No form-action directive found. Use one to limit the form - action - destinations. form-action is a navigation-directive, so default-src isn't used.
A

Good: frame-ancestors directive found. That limits pages who are allowed to use this page in a frame / iframe / object / embed / applet. frame-ancestors is a navigation-directive, so default-src isn't used.
E

Bad: No base-uri directive found. Use one to limit the URLs which can be used in a document's <base> element. Because it's a document directive, default-src isn't used, so an own directive is required.
F

Critical: No object-src and no default-src as fallback defined. So object / embed / applet can load every resource. That's fatal.
F

Critical: No script-src and no default-src as fallback defined. So scripts are unlimited. That's fatal.
A
X-Content-Type-Options
Ok: Header without syntax errors found: nosniff
A
X-Frame-Options
Ok: Header without syntax errors found: SAMEORIGIN
B

Info: Header is deprecated. May not longer work in modern browsers. SAMEORIGIN. Better solution: Use a Content-Security-Policy Header with a frame-ancestors directive. DENY - use 'none', SAMEORIGIN - use 'self'. If you want to allow some domains to frame your page, add these urls.
A
X-Xss-Protection
Ok: Header without syntax errors found: 1; mode=block
B

Info: Header is deprecated. May not longer work in modern browsers. 1; mode=block
F188.213.5.134 188.213.5.134
Referrer-Policy
Critical: Missing Header:
F188.213.5.134 188.213.5.134
Permissions-Policy
Critical: Missing Header:
B188.213.5.134 188.213.5.134
Cross-Origin-Embedder-Policy
Info: Missing Header
B188.213.5.134 188.213.5.134
Cross-Origin-Opener-Policy
Info: Missing Header
B188.213.5.134 188.213.5.134
Cross-Origin-Resource-Policy
Info: Missing Header

3. DNS- and NameServer - Checks


4. Content- and Performance-critical Checks

http://188.213.5.134/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 188.213.5.134
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AGood: All checked attribute values are enclosed in quotation marks (" or ').
AInfo: No img element found, no alt attribute checked
ADuration: 59947 milliseconds, 59.947 seconds


8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
188.213.5.134
188.213.5.134
443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
188.213.5.134
188.213.5.134
443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
no http/2 via ALPN 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete
1CN=retiacula.com, O=Coms, L=Madrid, C=ES, emailAddress=admincom@retiacula.com

2CN=FG201ETK18905965, OU=Certificate Authority, O=Fortinet, L=Sunnyvale, C=US, emailAddress=support@fortinet.com


188.213.5.134
188.213.5.134
443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok

188.213.5.134
188.213.5.134
443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
no http/2 via ALPN 
Cert sent without SNI
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete
1CN=retiacula.com, O=Coms, L=Madrid, C=ES, emailAddress=admincom@retiacula.com

2CN=FG201ETK18905965, OU=Certificate Authority, O=Fortinet, L=Sunnyvale, C=US, emailAddress=support@fortinet.com


9. Certificates

1.
1.
E=admincom@retiacula.com, CN=retiacula.com, O=Coms, L=Madrid, S=Madrid, C=ES
28.12.2020
28.12.2022
622 days expired

1.
1.
E=admincom@retiacula.com, CN=retiacula.com, O=Coms, L=Madrid, S=Madrid, C=ES
28.12.2020

28.12.2022
622 days expired


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:434E2F01BB8A71BF4883267ABD57DD33F888FF9E
Thumbprint:94FD209CCF2FE6575925EBABD9B2D31609CC92CF
SHA256 / Certificate:4OdQjO1EruL0cYQgSIjmy6WbfzBFf/LfKrXwTVJU/hE=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):ed1b3830b5c5cfcaef445fda8f3d919e71ac5d632ba33ef73ef4b47c45158444
SHA256 hex / Subject Public Key Information (SPKI):ed1b3830b5c5cfcaef445fda8f3d919e71ac5d632ba33ef73ef4b47c45158444 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)

NotTimeValid: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

2.
E=support@fortinet.com, CN=FG201ETK18905965, OU=Certificate Authority, O=Fortinet, L=Sunnyvale, S=California, C=US
03.06.2020
04.06.2030
expires in 2093 days


2.
E=support@fortinet.com, CN=FG201ETK18905965, OU=Certificate Authority, O=Fortinet, L=Sunnyvale, S=California, C=US
03.06.2020

04.06.2030
expires in 2093 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:6458ADB36284EA23
Thumbprint:E52864CE31119EDB376E0513F6733C5BE6C1AF33
SHA256 / Certificate:dPeSQV+SdO9d3YxWw2KCzp6M5suxHyLh42TRvceC1F4=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):331c90acac556b54cfabfa59efc3d3371dd965689b45cdb310aa675a791284f6
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

No CertSpotter - CT-Log entries found


2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

No CRT - CT-Log entries found


11. Html-Content - Entries

Summary

Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
https://188.213.5.134/
188.213.5.134
meta
other
3

0


0
0
0

https://188.213.5.134/
188.213.5.134
meta
other
3

0


0
0
0

Details

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
https://188.213.5.134/
188.213.5.134
meta

UTF-8


1
ok












meta

UTF-8


1
ok












meta

IE=8; IE=EDGE


1
ok












meta

IE=8; IE=EDGE


1
ok












meta

width=device-width, initial-scale=1


1
ok












meta

width=device-width, initial-scale=1


1
ok











188.213.5.134
meta

UTF-8


1
ok












meta

UTF-8


1
ok












meta

IE=8; IE=EDGE


1
ok












meta

IE=8; IE=EDGE


1
ok












meta

width=device-width, initial-scale=1


1
ok












meta

width=device-width, initial-scale=1


1
ok












12. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers:


No NameServer - IP address - Informations found


13. CAA - Entries

No CAA entries found


14. TXT - Entries

No TXT entries found


15. DomainService - Entries (SPF-Check is alpha - 2024-06-22, DMARC-Detailcheck is alpha - 2024-07-06, SMTP-TLS-Reporting is alpa - 2024-07-13)

No DomainServiceEntries entries found



16. Cipher Suites

No results


17. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.



Permalink: https://check-your-website.server-daten.de/?i=ccd5ee0d-e168-48fa-98ed-e0af0d2d2ccf


Last Result: https://check-your-website.server-daten.de/?q=188.213.5.134 - 2024-09-04 13:03:59


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=188.213.5.134" target="_blank">Check this Site: 188.213.5.134</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

QR-Code of this page - https://check-your-website.server-daten.de/?d=188.213.5.134